Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://us-usps-mnmawq.xyz/update/

Overview

General Information

Sample URL:https://us-usps-mnmawq.xyz/update/
Analysis ID:1526966
Tags:openphish
Infos:
Errors
  • URL not reachable

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Performs DNS queries to domains with low reputation
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 4568 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5944 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2028,i,14733559572279766807,11675370614050735525,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 4760 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-mnmawq.xyz/update/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://us-usps-mnmawq.xyz/update/SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49715 version: TLS 1.2

Networking

barindex
Performs DNS queries to domains with low reputation
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-mnmawq.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-mnmawq.xyz
Source: DNS query: us-usps-mnmawq.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-mnmawq.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-mnmawq.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-mnmawq.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-mnmawq.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-mnmawq.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-mnmawq.xyz
Source: DNS query: us-usps-mnmawq.xyz
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: us-usps-mnmawq.xyz
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: classification engineClassification label: mal52.troj.win@19/6@14/3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2028,i,14733559572279766807,11675370614050735525,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-mnmawq.xyz/update/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2028,i,14733559572279766807,11675370614050735525,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://us-usps-mnmawq.xyz/update/100%SlashNextFraudulent Website type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
google.com
142.250.184.206
truefalse
    		unknown
    s-part-0017.t-0009.t-msedge.net
    		13.107.246.45
    		truefalse
      		unknown
      www.google.com
      		142.250.186.164
      		truefalse
        		unknown
        fp2e7a.wpc.phicdn.net
        		192.229.221.95
        		truefalse
          		unknown
          us-usps-mnmawq.xyz
          		unknown
          		unknowntrue
            		unknown

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse
            142.250.186.164
            		www.google.comUnited States
            		15169GOOGLEUSfalse

            Private

            IP
            192.168.2.5

            General Information

            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1526966
            Start date and time:2024-10-06 18:36:00 +02:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 2m 0s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:https://us-usps-mnmawq.xyz/update/
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:6
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal52.troj.win@19/6@14/3
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            Cookbook Comments:
            • URL browsing timeout or error

            Errors

            • URL not reachable

            Warnings

            • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 142.250.184.195, 142.250.185.142, 142.251.168.84, 34.104.35.123, 184.28.90.27, 172.202.163.200, 93.184.221.240, 192.229.221.95, 20.3.187.198
            • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, e16604.g.akamaiedge.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, otelrules.azureedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtSetInformationFile calls found.
            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
            • VT rate limit hit for: https://us-usps-mnmawq.xyz/update/

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASNs

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:36:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.983400168613481
            Encrypted:false
            SSDEEP:48:8DdyTem2HBidAKZdA19ehwiZUklqehwy+3:8wfsLy
            MD5:95562BA0A3285F1C35A693CD43DAEC20
            SHA1:48B457F6746A953DD4AF1EF0E64299FB79127E26
            SHA-256:FDC948D17EC7285831574B625DEBF848CE17498E3357749668576249D9E2228F
            SHA-512:EEC9608D44FE465A125C966E7BF6FC70B40665238342C33A402BC588090BEF15FC16051609ABD6E55AA9ECB930AF77C72DCDABE1A9B294D38D7D046AE6B355C2
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........%.y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:36:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):3.9974632380759485
            Encrypted:false
            SSDEEP:48:8VLdyTem2HBidAKZdA1weh/iZUkAQkqeh7y+2:8Gfe9QSy
            MD5:26FB6FD7EC4FD723B244E09FA234E70C
            SHA1:D7C045A4184361D38235864B1DECBC8ECC793A13
            SHA-256:E4317B8A77F0126FE269816688DE9FC0BD8A07249CCB4B63BDDDF1F2B06D3F24
            SHA-512:D210C5DD29855EC12DE00534D32942FEFB7E492C506A1AD01A402745141758FF99E1B7FDF55DB7E6B440D9E346AC1738C5FB72C407D3791ACBE3D828C0DA7378
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....|.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........%.y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2693
            Entropy (8bit):4.006466553562906
            Encrypted:false
            SSDEEP:48:8xfdyTemsHBidAKZdA14tseh7sFiZUkmgqeh7sly+BX:8xcf0nXy
            MD5:91585E0A200DADA31217D85D479D30A2
            SHA1:97BF8029C8C92F4F64ECF43B7863CF9CCF11C07F
            SHA-256:1F4268A186251C59275E28C544FC8284C61C2F6575684AAA57EE9C36D0522A1D
            SHA-512:E91135B3DBAC484E0D4D98436777A668833213E4077E177576493FDC1240B5AC4A4E8B70B560B28A85FF7EF0434243B6D6CCB419569CE0F86BA51BCA94E7C298
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........%.y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:36:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.9963900694164995
            Encrypted:false
            SSDEEP:48:8LdyTem2HBidAKZdA1vehDiZUkwqehPy+R:8ofFdy
            MD5:28A50D48D663AC8F7FAFC90C78C31A34
            SHA1:C1529ACC1FE1F9295DBF8444EDE279AC980B6AE7
            SHA-256:F736AFF2C54B2452A37DD5FD5467E916D8B7C2C64A6E57D6092209E2BAA72516
            SHA-512:CD47EB2EB4CCE2A5263DE5A15B8C82429A67BD086631D80759EC8E0D386706D390DD3AF7DE51D77F287E86572177683243601880F472A7155BF4C909DC6AE95C
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........%.y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:36:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.9844955651530576
            Encrypted:false
            SSDEEP:48:8ddyTem2HBidAKZdA1hehBiZUk1W1qehRy+C:8CfV9xy
            MD5:6E1ED498626DBB908F0FC563AF21A291
            SHA1:203C4AEB995E09F0539AE21E45CE42357D218931
            SHA-256:D3578FB9AEEF2A9C4A7107EEFA399496360BE50F29ABCD9420E87F46E0909308
            SHA-512:FDC38C1ED399ED621AD872E335E108398BC2D7938FE7A1EC024657490EDB77102B455A25E714FD9152316289217CD9D092195C147934BEEAA247D682EC348680
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........%.y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:36:55 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2683
            Entropy (8bit):3.9943530165661425
            Encrypted:false
            SSDEEP:48:8GdyTem2HBidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbXy+yT+:8XfpT/TbxWOvTbXy7T
            MD5:284DDAA0C9C81CB56B72D91615AB4759
            SHA1:72E6F7CDAA4F5DF008FA18E6AFFE883834200834
            SHA-256:102958482FEE90B653155771F6388C5D5855B1A20747292E66C1F69322373C61
            SHA-512:16883C1F7FEA151C75928231031C334F53F92DE86B1F213EC22376B2C323515A7281F571FA60F56B111D2816007BA4DB3C80855FE02747494AE38322B0299B1D
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....W.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........%.y......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            Static File Info

            No static file info

            Network Behavior

            Network Port Distribution

            TCP Packets

            TimestampSource PortDest PortSource IPDest IP
            Oct 6, 2024 18:36:50.036081076 CEST49674443192.168.2.523.1.237.91
            Oct 6, 2024 18:36:50.036267996 CEST49675443192.168.2.523.1.237.91
            Oct 6, 2024 18:36:50.145447016 CEST49673443192.168.2.523.1.237.91
            Oct 6, 2024 18:36:58.889142990 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:36:58.889175892 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:36:58.889230967 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:36:58.889990091 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:36:58.890007973 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:36:59.540224075 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:36:59.540776968 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:36:59.540792942 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:36:59.542443991 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:36:59.542537928 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:36:59.544358015 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:36:59.544461966 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:36:59.593440056 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:36:59.593456030 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:36:59.640321016 CEST49674443192.168.2.523.1.237.91
            Oct 6, 2024 18:36:59.640326977 CEST49675443192.168.2.523.1.237.91
            Oct 6, 2024 18:36:59.640337944 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:36:59.749690056 CEST49673443192.168.2.523.1.237.91
            Oct 6, 2024 18:37:01.399410009 CEST4434970323.1.237.91192.168.2.5
            Oct 6, 2024 18:37:01.399504900 CEST49703443192.168.2.523.1.237.91
            Oct 6, 2024 18:37:08.689841986 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:08.689877033 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:08.690063000 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:08.691028118 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:08.691040993 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.364901066 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.364979982 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.366928101 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.366935015 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.367444992 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.374897003 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.415419102 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.430521011 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:37:09.430607080 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:37:09.430665970 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:37:09.473591089 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.473603010 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.473671913 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.473680019 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.473728895 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.473737001 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.473773003 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.560231924 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.560276985 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.560321093 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.560339928 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.560354948 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.560386896 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.561749935 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.561778069 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.561840057 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.561847925 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.561892033 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.561902046 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.648210049 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.648281097 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.648332119 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.648346901 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.648384094 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.648396015 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.648983002 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.649033070 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.649079084 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.649085045 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.649138927 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.649152040 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.649698019 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.649741888 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.649782896 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.649789095 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.649827003 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.649852991 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.650485992 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.650536060 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.650578022 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.650583982 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.650613070 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.650624037 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.736963987 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737027884 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737055063 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.737065077 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737107038 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.737124920 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.737418890 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737468004 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737508059 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.737514019 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737544060 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.737552881 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.737812042 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737863064 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737912893 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.737920046 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.737962961 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.737989902 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.738451958 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.738496065 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.738522053 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.738528013 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.738554955 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.738574982 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.739370108 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.739455938 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.739459038 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.739484072 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.739517927 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.739538908 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.739954948 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.739995956 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.740031004 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.740037918 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.740086079 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.740098953 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.740164042 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.740170002 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.740240097 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.740253925 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.740288973 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.740319967 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.740336895 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.740336895 CEST49715443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.740348101 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.740358114 CEST4434971513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.846172094 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.846224070 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.846329927 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.846949100 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.846970081 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.852580070 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.852622032 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.852727890 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.852941036 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.852966070 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.853897095 CEST49719443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.853944063 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.854007006 CEST49719443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.855186939 CEST49720443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.855231047 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.855315924 CEST49720443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.855525017 CEST49719443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.855547905 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.855725050 CEST49720443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.855741024 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.856863022 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.856904984 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:09.857001066 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.857269049 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:09.857286930 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.539244890 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.539776087 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.539858103 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.540251970 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.540266991 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.542330980 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.542695045 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.542715073 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.543210030 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.543220997 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.550048113 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.550086021 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.550388098 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.550406933 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.550554991 CEST49719443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.550580978 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.551050901 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.551057100 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.551110029 CEST49719443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.551126957 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.566210032 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.566560030 CEST49720443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.566584110 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.566979885 CEST49720443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.566984892 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.641433954 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.641494036 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.641551971 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.641582966 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.641621113 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.641689062 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.641778946 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.641794920 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.641824007 CEST49718443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.641838074 CEST4434971813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.644542933 CEST49724443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.644577026 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.644686937 CEST49724443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.644860983 CEST49724443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.644877911 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.646079063 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.646101952 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.646158934 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.646192074 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.646286011 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.646290064 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.646333933 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.646403074 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.646404028 CEST49717443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.646419048 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.646430016 CEST4434971713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.648432016 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.648453951 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.648534060 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.648561954 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.648627996 CEST49725443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.648641109 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.648675919 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.648720026 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.648742914 CEST49725443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.648812056 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.648829937 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.648843050 CEST49721443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.648849964 CEST4434972113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.648880959 CEST49725443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.648897886 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.650010109 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.650077105 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.650177002 CEST49719443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.650343895 CEST49719443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.650362968 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.650373936 CEST49719443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.650378942 CEST4434971913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.651170969 CEST49726443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.651181936 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.651446104 CEST49726443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.651566982 CEST49726443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.651580095 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.652544975 CEST49727443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.652570009 CEST4434972713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.652684927 CEST49727443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.652833939 CEST49727443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.652848005 CEST4434972713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.669707060 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.669779062 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.669868946 CEST49720443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.670182943 CEST49720443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.670200109 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.670206070 CEST49720443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.670211077 CEST4434972013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.672902107 CEST49728443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.672919035 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.673275948 CEST49728443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.673738956 CEST49728443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:10.673751116 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:10.893295050 CEST49711443192.168.2.5142.250.186.164
            Oct 6, 2024 18:37:10.893321037 CEST44349711142.250.186.164192.168.2.5
            Oct 6, 2024 18:37:11.279053926 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.280163050 CEST49724443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.280178070 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.282609940 CEST49724443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.282618046 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.295367002 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.296147108 CEST49725443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.296207905 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.296865940 CEST49725443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.296873093 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.300299883 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.301402092 CEST49726443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.301419020 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.302071095 CEST49726443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.302076101 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.346575022 CEST4434972713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.352216959 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.383044004 CEST49727443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.383068085 CEST4434972713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.383661985 CEST49727443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.383667946 CEST4434972713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.384145021 CEST49728443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.384165049 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.384720087 CEST49728443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.384726048 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.386848927 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.386909008 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.386962891 CEST49724443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.388596058 CEST49724443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.388617039 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.388629913 CEST49724443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.388637066 CEST4434972413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.394536018 CEST49730443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.394567966 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.394648075 CEST49730443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.394747972 CEST49730443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.394758940 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.395847082 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.395906925 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.395953894 CEST49725443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.396811962 CEST49725443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.396811962 CEST49725443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.396827936 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.396842957 CEST4434972513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.399115086 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.399272919 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.399342060 CEST49726443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.399369955 CEST49726443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.399374962 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.399406910 CEST49726443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.399413109 CEST4434972613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.401504040 CEST49731443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.401526928 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.401588917 CEST49731443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.401710987 CEST49731443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.401725054 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.403248072 CEST49732443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.403275013 CEST4434973213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.403328896 CEST49732443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.405914068 CEST49732443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.405930996 CEST4434973213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.483491898 CEST4434972713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.483639002 CEST4434972713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.483690023 CEST49727443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.483808041 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.483881950 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.483928919 CEST49728443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.487289906 CEST49727443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.487312078 CEST4434972713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.489439011 CEST49728443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.489454031 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.489468098 CEST49728443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.489474058 CEST4434972813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.493520975 CEST49734443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.493552923 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.493614912 CEST49734443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.497075081 CEST49735443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.497106075 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.497178078 CEST49735443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.497451067 CEST49734443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.497467041 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:11.499017000 CEST49735443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:11.499038935 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.059900045 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.060568094 CEST49730443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.060595036 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.061209917 CEST49730443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.061216116 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.070067883 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.070508003 CEST49731443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.070528984 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.070918083 CEST49731443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.070924044 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.100214005 CEST4434973213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.100744009 CEST49732443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.100771904 CEST4434973213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.102263927 CEST49732443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.102271080 CEST4434973213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.155181885 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.155524969 CEST49734443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.155546904 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.155963898 CEST49734443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.155970097 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.186973095 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.187047005 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.187108994 CEST49730443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.187285900 CEST49730443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.187299013 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.187309027 CEST49730443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.187314034 CEST4434973013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.189332962 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.189472914 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.189626932 CEST49737443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.189650059 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.189702988 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.189712048 CEST49731443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.189781904 CEST49737443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.189806938 CEST49731443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.189821959 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.189835072 CEST49731443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.189841986 CEST4434973113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.190232038 CEST49735443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.190248966 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.190613031 CEST49735443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.190618992 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.190731049 CEST49737443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.190766096 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.192078114 CEST49738443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.192101002 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.192234039 CEST49738443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.192342997 CEST49738443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.192373037 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.202769995 CEST4434973213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.202851057 CEST4434973213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.202991009 CEST49732443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.202991009 CEST49732443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.203022957 CEST49732443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.203035116 CEST4434973213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.205022097 CEST49739443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.205055952 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.205120087 CEST49739443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.205627918 CEST49739443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.205653906 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.255414009 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.255489111 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.255580902 CEST49734443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.255623102 CEST49734443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.255644083 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.255656004 CEST49734443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.255664110 CEST4434973413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.257860899 CEST49740443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.257900000 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.257982969 CEST49740443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.258076906 CEST49740443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.258094072 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.292704105 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.292779922 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.292974949 CEST49735443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.293150902 CEST49735443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.293150902 CEST49735443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.293168068 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.293178082 CEST4434973513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.295535088 CEST49741443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.295589924 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.295679092 CEST49741443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.295964956 CEST49741443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.295980930 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.852715969 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.852746010 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.853225946 CEST49737443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.853288889 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.853429079 CEST49738443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.853461981 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.854552031 CEST49737443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.854563951 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.854860067 CEST49738443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.854871988 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.886436939 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.887115002 CEST49739443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.887137890 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.887648106 CEST49739443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.887655020 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.934128046 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.934469938 CEST49741443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.934506893 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.935004950 CEST49741443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.935015917 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.940623045 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.941042900 CEST49740443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.941063881 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.941853046 CEST49740443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.941859961 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.952301979 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.952442884 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.952527046 CEST49738443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.952615023 CEST49738443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.952630043 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.952641010 CEST49738443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.952646971 CEST4434973813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.952655077 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.952807903 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.953058958 CEST49737443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.953092098 CEST49737443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.953092098 CEST49737443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.953109980 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.953130960 CEST4434973713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.956091881 CEST49742443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.956135035 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.956178904 CEST49743443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.956204891 CEST4434974313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.956227064 CEST49742443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.956300020 CEST49743443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.956372976 CEST49742443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.956388950 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.956605911 CEST49743443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.956624031 CEST4434974313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.992147923 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.992306948 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.992367029 CEST49739443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.992396116 CEST49739443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.992410898 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.992424011 CEST49739443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.992429018 CEST4434973913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.995078087 CEST49744443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.995136976 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:12.995258093 CEST49744443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.995430946 CEST49744443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:12.995461941 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.033097982 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.033145905 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.033272982 CEST49741443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.033307076 CEST49741443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.033307076 CEST49741443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.033325911 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.033338070 CEST4434974113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.035528898 CEST49745443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.035548925 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.035607100 CEST49745443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.035695076 CEST49745443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.035701990 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.042876959 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.042941093 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.043075085 CEST49740443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.043168068 CEST49740443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.043168068 CEST49740443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.043179035 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.043185949 CEST4434974013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.045315981 CEST49746443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.045325041 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.045382977 CEST49746443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.045543909 CEST49746443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.045552015 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.585993052 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.586486101 CEST49745443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.586503983 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.586972952 CEST49745443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.586976051 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.599062920 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.599694967 CEST49742443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.599755049 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.600042105 CEST49742443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.600056887 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.609991074 CEST4434974313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.610366106 CEST49743443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.610384941 CEST4434974313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.610970020 CEST49743443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.610975027 CEST4434974313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.663422108 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.663817883 CEST49744443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.663868904 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.664356947 CEST49744443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.664369106 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.684839010 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.684899092 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.685060978 CEST49745443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.685098886 CEST49745443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.685117006 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.685126066 CEST49745443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.685131073 CEST4434974513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.686628103 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.687007904 CEST49746443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.687021017 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.687530041 CEST49746443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.687535048 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.688020945 CEST49747443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.688069105 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.688150883 CEST49747443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.688333988 CEST49747443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.688349962 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.699218035 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.699275970 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.699378967 CEST49742443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.699485064 CEST49742443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.699485064 CEST49742443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.699531078 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.699561119 CEST4434974213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.701977968 CEST49748443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.702048063 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.702112913 CEST49748443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.702238083 CEST49748443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.702259064 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.709494114 CEST4434974313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.709655046 CEST4434974313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.709780931 CEST49743443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.709780931 CEST49743443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.709820032 CEST49743443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.709840059 CEST4434974313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.711725950 CEST49749443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.711771011 CEST4434974913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.711833000 CEST49749443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.711957932 CEST49749443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.711975098 CEST4434974913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.763989925 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.764147997 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.764266968 CEST49744443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.764322996 CEST49744443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.764323950 CEST49744443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.764352083 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.764374971 CEST4434974413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.766715050 CEST49750443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.766731024 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.766859055 CEST49750443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.767011881 CEST49750443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.767025948 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.788284063 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.788475037 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.788611889 CEST49746443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.788650990 CEST49746443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.788670063 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.788677931 CEST49746443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.788682938 CEST4434974613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.791016102 CEST49751443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.791042089 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:13.791169882 CEST49751443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.791301966 CEST49751443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:13.791317940 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.517329931 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.517946959 CEST49747443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.517962933 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.518388033 CEST49747443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.518393040 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.529547930 CEST4434974913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.529911995 CEST49749443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.529949903 CEST4434974913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.530293941 CEST49749443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.530303001 CEST4434974913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.532058001 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.532336950 CEST49748443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.532347918 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.532660961 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.532710075 CEST49748443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.532716036 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.533382893 CEST49751443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.533382893 CEST49751443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.533391953 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.533410072 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.615859985 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.615914106 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.615962029 CEST49747443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.616163015 CEST49747443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.616180897 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.616198063 CEST49747443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.616205931 CEST4434974713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.619090080 CEST49752443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.619126081 CEST4434975213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.619193077 CEST49752443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.619316101 CEST49752443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.619327068 CEST4434975213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.631897926 CEST4434974913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.632033110 CEST4434974913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.632097006 CEST49749443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.632210970 CEST49749443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.632230997 CEST4434974913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.634572983 CEST49753443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.634613991 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.634691954 CEST49753443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.634779930 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.634815931 CEST49753443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.634834051 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.634917974 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.634983063 CEST49751443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.635019064 CEST49751443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.635019064 CEST49751443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.635036945 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.635050058 CEST4434975113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.636509895 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.636647940 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.636874914 CEST49748443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.637398005 CEST49754443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.637408972 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.637471914 CEST49754443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.637579918 CEST49748443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.637579918 CEST49748443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.637588024 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.637597084 CEST4434974813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.637720108 CEST49754443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.637736082 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.639599085 CEST49755443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.639627934 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:14.639869928 CEST49755443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.639962912 CEST49755443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:14.639969110 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.290585995 CEST4434975213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.291652918 CEST49752443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.291652918 CEST49752443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.291723013 CEST4434975213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.291776896 CEST4434975213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.293859959 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.294122934 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.294425964 CEST49753443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.294452906 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.294580936 CEST49753443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.294588089 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.294589996 CEST49755443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.294608116 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.294843912 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.295002937 CEST49755443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.295016050 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.295145988 CEST49754443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.295164108 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.295404911 CEST49754443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.295412064 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.391422987 CEST4434975213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.391478062 CEST4434975213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.391778946 CEST49752443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.391778946 CEST49752443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.391869068 CEST49752443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.391911030 CEST4434975213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.393768072 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.393893003 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.394115925 CEST49753443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.394228935 CEST49753443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.394228935 CEST49753443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.394252062 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.394258022 CEST4434975313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.395893097 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.395931005 CEST49756443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.395960093 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396022081 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396116018 CEST49756443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396121979 CEST49754443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396200895 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396255016 CEST49756443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396275043 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396353960 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396361113 CEST49754443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396361113 CEST49754443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396370888 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396380901 CEST4434975413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396585941 CEST49755443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396650076 CEST49757443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396718025 CEST4434975713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396863937 CEST49755443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396863937 CEST49755443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.396888018 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396908998 CEST4434975513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.396927118 CEST49757443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.397897005 CEST49757443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.397921085 CEST4434975713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.398950100 CEST49758443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.398964882 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.399044037 CEST49758443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.399051905 CEST49759443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.399080038 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.399241924 CEST49759443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.399260044 CEST49758443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.399276972 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.399287939 CEST49759443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.399302959 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.851993084 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.852663040 CEST49750443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.852688074 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.853666067 CEST49750443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.853672981 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.950839043 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.950995922 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.951065063 CEST49750443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.951313972 CEST49750443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.951332092 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.951364040 CEST49750443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.951371908 CEST4434975013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.955143929 CEST49760443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.955218077 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:15.955321074 CEST49760443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.955522060 CEST49760443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:15.955540895 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.073905945 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.074559927 CEST49759443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.074575901 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.075015068 CEST49759443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.075021029 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.082830906 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.083342075 CEST49756443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.083349943 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.083847046 CEST49756443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.083852053 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.085167885 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.085483074 CEST49758443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.085504055 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.085856915 CEST49758443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.085865021 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.086744070 CEST4434975713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.087236881 CEST49757443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.087255001 CEST4434975713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.087622881 CEST49757443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.087630033 CEST4434975713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.172009945 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.172168016 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.172267914 CEST49759443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.172327042 CEST49759443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.172327042 CEST49759443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.172353983 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.172367096 CEST4434975913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.176153898 CEST49761443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.176254988 CEST4434976113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.176346064 CEST49761443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.176527977 CEST49761443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.176554918 CEST4434976113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.188277960 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.188448906 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.188518047 CEST49756443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.188538074 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.188596964 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.188673019 CEST49758443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.188772917 CEST49758443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.188796043 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.188816071 CEST49756443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.188816071 CEST49756443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.188855886 CEST49758443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.188869953 CEST4434975813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.188886881 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.188924074 CEST4434975613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.189474106 CEST4434975713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.189627886 CEST4434975713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.189914942 CEST49757443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.190110922 CEST49757443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.190121889 CEST4434975713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.192914009 CEST49763443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.192967892 CEST4434976313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.193015099 CEST49762443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.193044901 CEST49763443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.193046093 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.193159103 CEST49763443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.193178892 CEST49762443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.193186998 CEST4434976313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.193257093 CEST49762443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.193280935 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.194335938 CEST49764443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.194432974 CEST4434976413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.194521904 CEST49764443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.194644928 CEST49764443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.194677114 CEST4434976413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.589781046 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.590245962 CEST49760443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.590276957 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.590837002 CEST49760443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.590842009 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.689265013 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.689315081 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.689440012 CEST49760443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.689615011 CEST49760443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.689635038 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.689647913 CEST49760443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.689655066 CEST4434976013.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.692836046 CEST49765443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.692877054 CEST4434976513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.692934036 CEST49765443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.693134069 CEST49765443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.693146944 CEST4434976513.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.826186895 CEST4434976113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.827112913 CEST49761443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.827112913 CEST49761443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.827143908 CEST4434976113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.827162027 CEST4434976113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.828469992 CEST4434976413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.828552008 CEST4434976313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.828831911 CEST49764443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.828864098 CEST4434976413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.829317093 CEST49763443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.829319000 CEST49764443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.829324961 CEST4434976413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.829334974 CEST4434976313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.829431057 CEST49763443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.829433918 CEST4434976313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.833611012 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.834033966 CEST49762443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.834042072 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.834455967 CEST49762443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.834460974 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.927356958 CEST4434976113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.927426100 CEST4434976113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.927706003 CEST49761443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.927706003 CEST49761443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.927927017 CEST4434976413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.927958012 CEST49761443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.927972078 CEST4434976113.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.927982092 CEST4434976413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.928172112 CEST49764443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.928172112 CEST49764443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.929199934 CEST49764443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.929222107 CEST4434976413.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.929460049 CEST4434976313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.929527044 CEST4434976313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.930346012 CEST49763443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.930671930 CEST49766443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.930700064 CEST4434976613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.930829048 CEST49763443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.930830956 CEST49767443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.930840969 CEST4434976313.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.930856943 CEST4434976713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.930867910 CEST49766443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.930906057 CEST49767443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.931133032 CEST49767443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.931149006 CEST4434976713.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.931183100 CEST49766443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.931199074 CEST4434976613.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.932935953 CEST49768443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.932965994 CEST4434976813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.933142900 CEST49768443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.933290958 CEST49768443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.933309078 CEST4434976813.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.933743000 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.933803082 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.933923006 CEST49762443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.933957100 CEST49762443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.933957100 CEST49762443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.933963060 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.933969021 CEST4434976213.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.936177969 CEST49769443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.936223030 CEST4434976913.107.246.45192.168.2.5
            Oct 6, 2024 18:37:16.936383963 CEST49769443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.936424971 CEST49769443192.168.2.513.107.246.45
            Oct 6, 2024 18:37:16.936436892 CEST4434976913.107.246.45192.168.2.5

            UDP Packets

            TimestampSource PortDest PortSource IPDest IP
            Oct 6, 2024 18:36:54.661756039 CEST53561181.1.1.1192.168.2.5
            Oct 6, 2024 18:36:54.664463043 CEST53619461.1.1.1192.168.2.5
            Oct 6, 2024 18:36:55.654268980 CEST53580621.1.1.1192.168.2.5
            Oct 6, 2024 18:36:56.543598890 CEST5819753192.168.2.51.1.1.1
            Oct 6, 2024 18:36:56.543775082 CEST5873753192.168.2.51.1.1.1
            Oct 6, 2024 18:36:56.570281982 CEST53587371.1.1.1192.168.2.5
            Oct 6, 2024 18:36:56.570450068 CEST53581971.1.1.1192.168.2.5
            Oct 6, 2024 18:36:56.571109056 CEST5863953192.168.2.51.1.1.1
            Oct 6, 2024 18:36:56.590960026 CEST53586391.1.1.1192.168.2.5
            Oct 6, 2024 18:36:56.643287897 CEST5798653192.168.2.58.8.8.8
            Oct 6, 2024 18:36:56.643492937 CEST5741853192.168.2.51.1.1.1
            Oct 6, 2024 18:36:56.650352001 CEST53579868.8.8.8192.168.2.5
            Oct 6, 2024 18:36:56.650515079 CEST53574181.1.1.1192.168.2.5
            Oct 6, 2024 18:36:57.645514011 CEST5798253192.168.2.51.1.1.1
            Oct 6, 2024 18:36:57.646079063 CEST5135853192.168.2.51.1.1.1
            Oct 6, 2024 18:36:57.655848980 CEST53513581.1.1.1192.168.2.5
            Oct 6, 2024 18:36:57.665055037 CEST53579821.1.1.1192.168.2.5
            Oct 6, 2024 18:36:57.712323904 CEST5697353192.168.2.51.1.1.1
            Oct 6, 2024 18:36:57.712865114 CEST6409153192.168.2.51.1.1.1
            Oct 6, 2024 18:36:57.724884987 CEST53640911.1.1.1192.168.2.5
            Oct 6, 2024 18:36:57.728781939 CEST53569731.1.1.1192.168.2.5
            Oct 6, 2024 18:36:58.878396034 CEST6250753192.168.2.51.1.1.1
            Oct 6, 2024 18:36:58.878676891 CEST5407053192.168.2.51.1.1.1
            Oct 6, 2024 18:36:58.885452032 CEST53625071.1.1.1192.168.2.5
            Oct 6, 2024 18:36:58.887420893 CEST53540701.1.1.1192.168.2.5
            Oct 6, 2024 18:37:02.843492031 CEST5580953192.168.2.51.1.1.1
            Oct 6, 2024 18:37:02.843688011 CEST5899253192.168.2.51.1.1.1
            Oct 6, 2024 18:37:02.852432013 CEST53558091.1.1.1192.168.2.5
            Oct 6, 2024 18:37:02.854568958 CEST53589921.1.1.1192.168.2.5
            Oct 6, 2024 18:37:02.860841036 CEST5489953192.168.2.51.1.1.1
            Oct 6, 2024 18:37:02.868382931 CEST53548991.1.1.1192.168.2.5
            Oct 6, 2024 18:37:12.754343987 CEST53494091.1.1.1192.168.2.5

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Oct 6, 2024 18:36:56.543598890 CEST192.168.2.51.1.1.10x5868Standard query (0)us-usps-mnmawq.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:56.543775082 CEST192.168.2.51.1.1.10xdabbStandard query (0)us-usps-mnmawq.xyz65IN (0x0001)false
            Oct 6, 2024 18:36:56.571109056 CEST192.168.2.51.1.1.10x6a6fStandard query (0)us-usps-mnmawq.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:56.643287897 CEST192.168.2.58.8.8.80x3f7cStandard query (0)google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:56.643492937 CEST192.168.2.51.1.1.10x1c75Standard query (0)google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:57.645514011 CEST192.168.2.51.1.1.10x8659Standard query (0)us-usps-mnmawq.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:57.646079063 CEST192.168.2.51.1.1.10x6141Standard query (0)us-usps-mnmawq.xyz65IN (0x0001)false
            Oct 6, 2024 18:36:57.712323904 CEST192.168.2.51.1.1.10xf7d8Standard query (0)us-usps-mnmawq.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:57.712865114 CEST192.168.2.51.1.1.10xcec0Standard query (0)us-usps-mnmawq.xyz65IN (0x0001)false
            Oct 6, 2024 18:36:58.878396034 CEST192.168.2.51.1.1.10x5073Standard query (0)www.google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:58.878676891 CEST192.168.2.51.1.1.10x2caeStandard query (0)www.google.com65IN (0x0001)false
            Oct 6, 2024 18:37:02.843492031 CEST192.168.2.51.1.1.10x2411Standard query (0)us-usps-mnmawq.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:37:02.843688011 CEST192.168.2.51.1.1.10x1e8dStandard query (0)us-usps-mnmawq.xyz65IN (0x0001)false
            Oct 6, 2024 18:37:02.860841036 CEST192.168.2.51.1.1.10x8a36Standard query (0)us-usps-mnmawq.xyzA (IP address)IN (0x0001)false

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Oct 6, 2024 18:36:56.570281982 CEST1.1.1.1192.168.2.50xdabbName error (3)us-usps-mnmawq.xyznonenone65IN (0x0001)false
            Oct 6, 2024 18:36:56.570450068 CEST1.1.1.1192.168.2.50x5868Name error (3)us-usps-mnmawq.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:56.590960026 CEST1.1.1.1192.168.2.50x6a6fName error (3)us-usps-mnmawq.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:56.650352001 CEST8.8.8.8192.168.2.50x3f7cNo error (0)google.com142.250.184.206A (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:56.650515079 CEST1.1.1.1192.168.2.50x1c75No error (0)google.com216.58.206.46A (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:57.655848980 CEST1.1.1.1192.168.2.50x6141Name error (3)us-usps-mnmawq.xyznonenone65IN (0x0001)false
            Oct 6, 2024 18:36:57.665055037 CEST1.1.1.1192.168.2.50x8659Name error (3)us-usps-mnmawq.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:57.724884987 CEST1.1.1.1192.168.2.50xcec0Name error (3)us-usps-mnmawq.xyznonenone65IN (0x0001)false
            Oct 6, 2024 18:36:57.728781939 CEST1.1.1.1192.168.2.50xf7d8Name error (3)us-usps-mnmawq.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:58.885452032 CEST1.1.1.1192.168.2.50x5073No error (0)www.google.com142.250.186.164A (IP address)IN (0x0001)false
            Oct 6, 2024 18:36:58.887420893 CEST1.1.1.1192.168.2.50x2caeNo error (0)www.google.com65IN (0x0001)false
            Oct 6, 2024 18:37:02.852432013 CEST1.1.1.1192.168.2.50x2411Name error (3)us-usps-mnmawq.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:37:02.854568958 CEST1.1.1.1192.168.2.50x1e8dName error (3)us-usps-mnmawq.xyznonenone65IN (0x0001)false
            Oct 6, 2024 18:37:02.868382931 CEST1.1.1.1192.168.2.50x8a36Name error (3)us-usps-mnmawq.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:37:08.687907934 CEST1.1.1.1192.168.2.50x754cNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
            Oct 6, 2024 18:37:08.687907934 CEST1.1.1.1192.168.2.50x754cNo error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
            Oct 6, 2024 18:37:10.168283939 CEST1.1.1.1192.168.2.50x44b7No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
            Oct 6, 2024 18:37:10.168283939 CEST1.1.1.1192.168.2.50x44b7No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

            HTTP Request Dependency Graph

            • otelrules.azureedge.net

            HTTPS Proxied Packets

            Session IDSource IPSource PortDestination IPDestination Port
            0192.168.2.54971513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:09 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:09 UTC540INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:09 GMT
            Content-Type: text/plain
            Content-Length: 218853
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public
            Last-Modified: Fri, 04 Oct 2024 23:21:50 GMT
            ETag: "0x8DCE4CB535A72FA"
            x-ms-request-id: 4dad204e-401e-005b-4bf5-169c0c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163709Z-1657d5bbd48q6t9vvmrkd293mg0000000290000000004s01
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:09 UTC15844INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
            Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
            2024-10-06 16:37:09 UTC16384INData Raw: 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e
            Data Ascii: "0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" />
            2024-10-06 16:37:09 UTC16384INData Raw: 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31
            Data Ascii: <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-781
            2024-10-06 16:37:09 UTC16384INData Raw: 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
            Data Ascii: T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32"
            2024-10-06 16:37:09 UTC16384INData Raw: 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f
            Data Ascii: "0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Co
            2024-10-06 16:37:09 UTC16384INData Raw: 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a
            Data Ascii: <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C>
            2024-10-06 16:37:09 UTC16384INData Raw: 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63
            Data Ascii: <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMillisec
            2024-10-06 16:37:09 UTC16384INData Raw: 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e
            Data Ascii: R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIn
            2024-10-06 16:37:09 UTC16384INData Raw: 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20
            Data Ascii: R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L>
            2024-10-06 16:37:09 UTC16384INData Raw: 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c
            Data Ascii: T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <


            Session IDSource IPSource PortDestination IPDestination Port
            1192.168.2.54971813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:10 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:10 UTC563INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:10 GMT
            Content-Type: text/xml
            Content-Length: 2980
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
            ETag: "0x8DC582BA80D96A1"
            x-ms-request-id: 8aaf7b13-d01e-0028-46fd-167896000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163710Z-1657d5bbd48dfrdj7px744zp8s00000001xg00000000ky5c
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:10 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


            Session IDSource IPSource PortDestination IPDestination Port
            2192.168.2.54971713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:10 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:10 UTC563INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:10 GMT
            Content-Type: text/xml
            Content-Length: 3788
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
            ETag: "0x8DC582BAC2126A6"
            x-ms-request-id: 4545068c-701e-0050-0e05-176767000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163710Z-1657d5bbd48qjg85buwfdynm5w00000002a000000000dpg1
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:10 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


            Session IDSource IPSource PortDestination IPDestination Port
            3192.168.2.54972113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:10 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:10 UTC563INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:10 GMT
            Content-Type: text/xml
            Content-Length: 2160
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
            ETag: "0x8DC582BA3B95D81"
            x-ms-request-id: c62b5fc1-401e-0067-3a60-1709c2000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163710Z-1657d5bbd48f7nlxc7n5fnfzh000000001wg00000000bm4x
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:10 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


            Session IDSource IPSource PortDestination IPDestination Port
            4192.168.2.54971913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:10 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:10 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:10 GMT
            Content-Type: text/xml
            Content-Length: 450
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
            ETag: "0x8DC582BD4C869AE"
            x-ms-request-id: d4448e94-101e-00a2-2703-179f2e000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163710Z-1657d5bbd48xdq5dkwwugdpzr000000002dg00000000u12b
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:10 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


            Session IDSource IPSource PortDestination IPDestination Port
            5192.168.2.54972013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:10 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:10 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:10 GMT
            Content-Type: text/xml
            Content-Length: 408
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
            ETag: "0x8DC582BB56D3AFB"
            x-ms-request-id: b27588a3-a01e-003d-6001-1798d7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163710Z-1657d5bbd48lknvp09v995n79000000001u000000000mnhc
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:10 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            6192.168.2.54972413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:11 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:11 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:11 GMT
            Content-Type: text/xml
            Content-Length: 474
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
            ETag: "0x8DC582B9964B277"
            x-ms-request-id: 3ea0840d-701e-0053-1012-173a0a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163711Z-1657d5bbd48cpbzgkvtewk0wu0000000027000000000qv0n
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:11 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            7192.168.2.54972513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:11 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:11 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:11 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
            ETag: "0x8DC582B9F6F3512"
            x-ms-request-id: 1707b783-801e-00a3-53e5-167cfb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163711Z-1657d5bbd48sqtlf1huhzuwq7000000001v000000000thqp
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:11 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            8192.168.2.54972613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:11 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:11 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:11 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
            ETag: "0x8DC582BB10C598B"
            x-ms-request-id: 73fc0cc0-d01e-008e-5fee-16387a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163711Z-1657d5bbd48q6t9vvmrkd293mg000000025000000000hnnh
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:11 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            9192.168.2.54972713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:11 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:11 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:11 GMT
            Content-Type: text/xml
            Content-Length: 632
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
            ETag: "0x8DC582BB6E3779E"
            x-ms-request-id: 15158de7-401e-0029-4b00-179b43000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163711Z-1657d5bbd48tnj6wmberkg2xy800000002d0000000002vpw
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:11 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


            Session IDSource IPSource PortDestination IPDestination Port
            10192.168.2.54972813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:11 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:11 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:11 GMT
            Content-Type: text/xml
            Content-Length: 467
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
            ETag: "0x8DC582BA6C038BC"
            x-ms-request-id: 87fc294c-201e-0051-40f3-167340000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163711Z-1657d5bbd48t66tjar5xuq22r8000000027000000000bk71
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:11 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            11192.168.2.54973013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:12 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 407
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
            ETag: "0x8DC582BBAD04B7B"
            x-ms-request-id: 789c8418-601e-0032-5905-17eebb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48p2j6x2quer0q02800000002cg00000000frzn
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:12 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            12192.168.2.54973113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:12 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 427
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
            ETag: "0x8DC582BA310DA18"
            x-ms-request-id: 915c1ee4-001e-0079-3000-1712e8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48tnj6wmberkg2xy800000002cg000000004ta7
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:12 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            13192.168.2.54973213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:12 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB344914B"
            x-ms-request-id: 0a3893d3-c01e-0082-33ee-16af72000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48lknvp09v995n79000000001z0000000001am7
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:12 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            14192.168.2.54973413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:12 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
            ETag: "0x8DC582B9018290B"
            x-ms-request-id: bf7deccb-401e-0064-0f0e-1754af000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48tnj6wmberkg2xy8000000027g00000000nqma
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:12 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            15192.168.2.54973513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:12 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 407
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
            ETag: "0x8DC582B9698189B"
            x-ms-request-id: 99ffd5e0-b01e-0053-0101-17cdf8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd482krtfgrg72dfbtn00000001zg00000000cag0
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:12 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            16192.168.2.54973713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:12 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 469
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
            ETag: "0x8DC582BBA701121"
            x-ms-request-id: e72ec3ca-501e-005b-2401-17d7f7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48tqvfc1ysmtbdrg0000000023g00000000azp3
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:12 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            17192.168.2.54973813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:12 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
            ETag: "0x8DC582BA41997E3"
            x-ms-request-id: 27ba9a72-001e-0046-2a01-17da4b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48sqtlf1huhzuwq7000000001z000000000durr
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:12 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            18192.168.2.54973913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:12 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 477
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
            ETag: "0x8DC582BB8CEAC16"
            x-ms-request-id: c2d0a885-201e-0003-7ced-16f85a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48sqtlf1huhzuwq7000000001wg00000000p1at
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:12 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            19192.168.2.54974113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:13 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 494
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
            ETag: "0x8DC582BB7010D66"
            x-ms-request-id: d3d0b776-b01e-003d-1803-17d32c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48xsz2nuzq4vfrzg8000000024g0000000082uf
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:13 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            20192.168.2.54974013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:12 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:13 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:12 GMT
            Content-Type: text/xml
            Content-Length: 464
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
            ETag: "0x8DC582B97FB6C3C"
            x-ms-request-id: 5a59384b-a01e-0053-3602-178603000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163712Z-1657d5bbd48xsz2nuzq4vfrzg80000000250000000006fqy
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:13 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


            Session IDSource IPSource PortDestination IPDestination Port
            21192.168.2.54974513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:13 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:13 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:13 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
            ETag: "0x8DC582B9C8E04C8"
            x-ms-request-id: d112c6a6-a01e-000d-2160-17d1ea000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163713Z-1657d5bbd482tlqpvyz9e93p5400000002bg000000007hh9
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:13 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            22192.168.2.54974213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:13 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:13 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:13 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
            ETag: "0x8DC582B9748630E"
            x-ms-request-id: 09392ef7-101e-0046-3f05-1791b0000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163713Z-1657d5bbd48lknvp09v995n79000000001yg000000003cb2
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:13 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            23192.168.2.54974313.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:13 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:13 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:13 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
            ETag: "0x8DC582B9DACDF62"
            x-ms-request-id: 20b36261-201e-006e-7102-17bbe3000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163713Z-1657d5bbd48762wn1qw4s5sd30000000026g000000000wym
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:13 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            24192.168.2.54974413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:13 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:13 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:13 GMT
            Content-Type: text/xml
            Content-Length: 404
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
            ETag: "0x8DC582B9E8EE0F3"
            x-ms-request-id: f57b7c9f-801e-00a0-4a13-172196000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163713Z-1657d5bbd48vlsxxpe15ac3q7n000000026g00000000ccf9
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:13 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


            Session IDSource IPSource PortDestination IPDestination Port
            25192.168.2.54974613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:13 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:13 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:13 GMT
            Content-Type: text/xml
            Content-Length: 428
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
            ETag: "0x8DC582BAC4F34CA"
            x-ms-request-id: 6be05283-001e-00a2-2700-17d4d5000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163713Z-1657d5bbd48vhs7r2p1ky7cs5w00000002fg00000000k51x
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:13 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            26192.168.2.54974713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:14 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:14 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:14 GMT
            Content-Type: text/xml
            Content-Length: 499
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
            ETag: "0x8DC582B98CEC9F6"
            x-ms-request-id: 40323690-a01e-0002-0100-175074000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163714Z-1657d5bbd48tqvfc1ysmtbdrg000000001zg00000000t970
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:14 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            27192.168.2.54974913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:14 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:14 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:14 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
            ETag: "0x8DC582BB5815C4C"
            x-ms-request-id: 7cec3a6f-e01e-0033-3414-174695000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163714Z-1657d5bbd48tqvfc1ysmtbdrg0000000022000000000fryt
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:14 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            28192.168.2.54974813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:14 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:14 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:14 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B988EBD12"
            x-ms-request-id: c530354f-501e-0016-5013-17181b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163714Z-1657d5bbd48sqtlf1huhzuwq7000000001xg00000000gxw1
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:14 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            29192.168.2.54975113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:14 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:14 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:14 GMT
            Content-Type: text/xml
            Content-Length: 494
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
            ETag: "0x8DC582BB8972972"
            x-ms-request-id: 688d2aae-a01e-0084-3466-179ccd000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163714Z-1657d5bbd48762wn1qw4s5sd30000000020g00000000q60e
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:14 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            30192.168.2.54975213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:15 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:15 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:15 GMT
            Content-Type: text/xml
            Content-Length: 420
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
            ETag: "0x8DC582B9DAE3EC0"
            x-ms-request-id: 10df1352-f01e-00aa-105a-178521000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163715Z-1657d5bbd487nf59mzf5b3gk8n00000001wg00000000aef1
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:15 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


            Session IDSource IPSource PortDestination IPDestination Port
            31192.168.2.54975313.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:15 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:15 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:15 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
            ETag: "0x8DC582B9D43097E"
            x-ms-request-id: b27116a7-a01e-003d-3a00-1798d7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163715Z-1657d5bbd48xsz2nuzq4vfrzg8000000021000000000mamq
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:15 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            32192.168.2.54975513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:15 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:15 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:15 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
            ETag: "0x8DC582B92FCB436"
            x-ms-request-id: 92e59db7-001e-002b-6700-1799f2000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163715Z-1657d5bbd48t66tjar5xuq22r800000002a0000000001dmu
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:15 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            33192.168.2.54975413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:15 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:15 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:15 GMT
            Content-Type: text/xml
            Content-Length: 427
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
            ETag: "0x8DC582BA909FA21"
            x-ms-request-id: a62739ea-301e-005d-6402-17e448000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163715Z-1657d5bbd4824mj9d6vp65b6n400000002dg00000000et4t
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:15 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            34192.168.2.54975013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:15 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:15 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:15 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB32BB5CB"
            x-ms-request-id: d415a278-e01e-0051-6efe-1684b2000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163715Z-1657d5bbd48762wn1qw4s5sd300000000260000000002u28
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:15 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            35192.168.2.54975913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
            ETag: "0x8DC582BB046B576"
            x-ms-request-id: db28b7eb-d01e-0065-5efe-16b77a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48vhs7r2p1ky7cs5w00000002p0000000000fy5
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            36192.168.2.54975613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 423
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
            ETag: "0x8DC582BB7564CE8"
            x-ms-request-id: a2d01d3c-801e-0083-4800-17f0ae000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48tqvfc1ysmtbdrg0000000022000000000fs21
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


            Session IDSource IPSource PortDestination IPDestination Port
            37192.168.2.54975813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 404
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
            ETag: "0x8DC582B95C61A3C"
            x-ms-request-id: 151ca1e1-401e-0029-2b03-179b43000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48qjg85buwfdynm5w00000002bg00000000a1h4
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


            Session IDSource IPSource PortDestination IPDestination Port
            38192.168.2.54975713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 478
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
            ETag: "0x8DC582B9B233827"
            x-ms-request-id: 4dd19665-401e-005b-7705-179c0c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48qjg85buwfdynm5w00000002bg00000000a1h5
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            39192.168.2.54976013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 400
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
            ETag: "0x8DC582BB2D62837"
            x-ms-request-id: 53f69819-801e-0048-7802-17f3fb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48xdq5dkwwugdpzr000000002dg00000000u19x
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


            Session IDSource IPSource PortDestination IPDestination Port
            40192.168.2.54976113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 479
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
            ETag: "0x8DC582BB7D702D0"
            x-ms-request-id: b2c548d6-d01e-0082-4f03-17e489000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48762wn1qw4s5sd30000000023g00000000c2tu
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            41192.168.2.54976413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 448
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB389F49B"
            x-ms-request-id: 5a5a1e5c-a01e-001e-18f5-1649ef000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48xdq5dkwwugdpzr000000002h000000000fx1s
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


            Session IDSource IPSource PortDestination IPDestination Port
            42192.168.2.54976313.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 425
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
            ETag: "0x8DC582BBA25094F"
            x-ms-request-id: 678daa67-201e-00aa-3f60-173928000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48lknvp09v995n79000000001s000000000r2xa
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


            Session IDSource IPSource PortDestination IPDestination Port
            43192.168.2.54976213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:16 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:16 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:16 GMT
            Content-Type: text/xml
            Content-Length: 475
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
            ETag: "0x8DC582BB2BE84FD"
            x-ms-request-id: c5dbf9be-001e-0017-2cf1-160c3c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163716Z-1657d5bbd48tqvfc1ysmtbdrg0000000024g000000008c9g
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:16 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            44192.168.2.54976513.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:17 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:17 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:17 GMT
            Content-Type: text/xml
            Content-Length: 491
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B98B88612"
            x-ms-request-id: 721d8bd8-801e-002a-4f00-1731dc000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163717Z-1657d5bbd48xsz2nuzq4vfrzg8000000024000000000apbm
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:17 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            45192.168.2.54976613.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:17 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:17 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:17 GMT
            Content-Type: text/xml
            Content-Length: 479
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B989EE75B"
            x-ms-request-id: 27b6de9f-001e-0046-1e00-17da4b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163717Z-1657d5bbd48gqrfwecymhhbfm800000000z000000000pb37
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:17 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            46192.168.2.54976913.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:17 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:17 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:17 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
            ETag: "0x8DC582B97E6FCDD"
            x-ms-request-id: 2f3972b1-401e-0035-1b02-1782d8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163717Z-1657d5bbd4824mj9d6vp65b6n400000002b000000000qrgk
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:17 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            47192.168.2.54976713.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:17 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:17 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:17 GMT
            Content-Type: text/xml
            Content-Length: 416
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
            ETag: "0x8DC582BAEA4B445"
            x-ms-request-id: cb78c1b2-201e-003f-2e04-176d94000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163717Z-1657d5bbd48q6t9vvmrkd293mg000000027000000000bc6s
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:17 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


            Session IDSource IPSource PortDestination IPDestination Port
            48192.168.2.54976813.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:17 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:17 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:17 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
            ETag: "0x8DC582BA80D96A1"
            x-ms-request-id: 04801829-801e-00ac-6301-17fd65000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163717Z-1657d5bbd48vlsxxpe15ac3q7n000000025000000000kuyb
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:17 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            49192.168.2.54977013.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:18 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:18 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:18 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
            ETag: "0x8DC582B9C710B28"
            x-ms-request-id: 1ed82642-401e-0048-7b12-170409000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163718Z-1657d5bbd482tlqpvyz9e93p5400000002cg000000004qg3
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:18 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            50192.168.2.54977113.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:18 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:18 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:18 GMT
            Content-Type: text/xml
            Content-Length: 477
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
            ETag: "0x8DC582BA54DCC28"
            x-ms-request-id: cde3aec9-601e-0084-63e5-166b3f000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163718Z-1657d5bbd48xsz2nuzq4vfrzg8000000024000000000ape3
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:18 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            51192.168.2.54977313.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:18 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:18 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:18 GMT
            Content-Type: text/xml
            Content-Length: 477
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
            ETag: "0x8DC582BA48B5BDD"
            x-ms-request-id: 27cd2a1a-001e-0046-1b08-17da4b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163718Z-1657d5bbd48xlwdx82gahegw40000000029g00000000tysb
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:18 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            52192.168.2.54977213.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:18 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:18 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:18 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
            ETag: "0x8DC582BB7F164C3"
            x-ms-request-id: 3a03d6b9-d01e-0066-52e9-16ea17000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163718Z-1657d5bbd48dfrdj7px744zp8s00000001yg00000000g3kt
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:18 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            53192.168.2.54977413.107.246.45443
            TimestampBytes transferredDirectionData
            2024-10-06 16:37:18 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:37:18 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:37:18 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
            ETag: "0x8DC582B9FF95F80"
            x-ms-request-id: 938e68e0-901e-0029-0160-17274a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T163718Z-1657d5bbd48dfrdj7px744zp8s00000001yg00000000g3kx
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:37:18 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Statistics

            CPU Usage

            Click to jump to process

            Memory Usage

            Click to jump to process

            Behavior

            Click to jump to process

            System Behavior

            General

            Target ID:0
            Start time:12:36:50
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:2
            Start time:12:36:52
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2028,i,14733559572279766807,11675370614050735525,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:3
            Start time:12:36:55
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-mnmawq.xyz/update/"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true

            Disassembly

            No disassembly