Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://us-usps-xxzcch.xyz/update/

Overview

General Information

Sample URL:https://us-usps-xxzcch.xyz/update/
Analysis ID:1526968
Tags:openphish
Infos:
Errors
  • URL not reachable

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Performs DNS queries to domains with low reputation
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3748 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4276 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 --field-trial-handle=2196,i,11809419973761452851,14499558416037239792,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 5948 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-xxzcch.xyz/update/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://us-usps-xxzcch.xyz/update/SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49726 version: TLS 1.0
Source: unknownHTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.5:49717 version: TLS 1.2

Networking

barindex
Performs DNS queries to domains with low reputation
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-xxzcch.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-xxzcch.xyz
Source: DNS query: us-usps-xxzcch.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-xxzcch.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-xxzcch.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-xxzcch.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-xxzcch.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-xxzcch.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-xxzcch.xyz
Source: DNS query: us-usps-xxzcch.xyz
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49726 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: us-usps-xxzcch.xyz
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 13.107.253.45:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: classification engineClassification label: mal52.troj.win@19/6@14/3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 --field-trial-handle=2196,i,11809419973761452851,14499558416037239792,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-xxzcch.xyz/update/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 --field-trial-handle=2196,i,11809419973761452851,14499558416037239792,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://us-usps-xxzcch.xyz/update/100%SlashNextFraudulent Website type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
google.com
142.250.184.206
truefalse
    		unknown
    s-part-0017.t-0009.fb-t-msedge.net
    		13.107.253.45
    		truefalse
      		unknown
      www.google.com
      		216.58.212.164
      		truefalse
        		unknown
        default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com
        		217.20.57.35
        		truefalse
          		unknown
          fp2e7a.wpc.phicdn.net
          		192.229.221.95
          		truefalse
            		unknown
            us-usps-xxzcch.xyz
            		unknown
            		unknowntrue
              		unknown

              World Map of Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public IPs

              IPDomainCountryFlagASNASN NameMalicious
              239.255.255.250
              		unknownReserved
              		unknownunknownfalse
              216.58.212.164
              		www.google.comUnited States
              		15169GOOGLEUSfalse

              Private

              IP
              192.168.2.5

              General Information

              Joe Sandbox version:41.0.0 Charoite
              Analysis ID:1526968
              Start date and time:2024-10-06 18:38:03 +02:00
              Joe Sandbox product:CloudBasic
              Overall analysis duration:0h 1m 58s
              Hypervisor based Inspection enabled:false
              Report type:full
              Cookbook file name:browseurl.jbs
              Sample URL:https://us-usps-xxzcch.xyz/update/
              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
              Number of analysed new started processes analysed:6
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:0
              Technologies:
              • HCA enabled
              • EGA enabled
              • AMSI enabled
              Analysis Mode:default
              Analysis stop reason:Timeout
              Detection:MAL
              Classification:mal52.troj.win@19/6@14/3
              EGA Information:Failed
              HCA Information:
              • Successful, ratio: 100%
              • Number of executed functions: 0
              • Number of non-executed functions: 0
              Cookbook Comments:
              • URL browsing timeout or error

              Errors

              • URL not reachable

              Warnings

              • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
              • Excluded IPs from analysis (whitelisted): 142.250.185.99, 142.250.185.206, 74.125.206.84, 34.104.35.123, 184.28.90.27, 4.245.163.56, 217.20.57.35, 192.229.221.95, 40.69.42.241
              • Excluded domains from analysis (whitelisted): azurefd-t-fb-prod.trafficmanager.net, slscr.update.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, clients2.google.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com
              • Not all processes where analyzed, report is missing behavior information
              • Report size getting too big, too many NtSetInformationFile calls found.
              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
              • VT rate limit hit for: https://us-usps-xxzcch.xyz/update/

              Simulations

              Behavior and APIs

              No simulations

              Joe Sandbox View / Context

              IPs

              No context

              Domains

              No context

              ASNs

              No context

              JA3 Fingerprints

              No context

              Dropped Files

              No context

              Created / dropped Files

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:38:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2677
              Entropy (8bit):3.982430950854932
              Encrypted:false
              SSDEEP:48:8tdZTBNk+HdcidAKZdA19ehwiZUklqehr1ny+3:853kUqS5y
              MD5:8C3389D833297C403F00270DCE0D387B
              SHA1:AA4BA379C10512BD0FBD7E1FF54A28669491E137
              SHA-256:A3E44FA096260594828DFA17AC244FD6BEAE210D5C9214338F466747CC62EF2D
              SHA-512:9D5B2413F61B250F539905884907156FCB099051A757CE5CF81B3B151DB40DD49ECF04F1728EA03C73E540D7662B11F6E9BB5956A4BBBB1E216889FFAE582FCB
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,.....&.=....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............>.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:38:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2679
              Entropy (8bit):3.9966404547933534
              Encrypted:false
              SSDEEP:48:8ddZTBNk+HdcidAKZdA1weh/iZUkAQkqehC1ny+2:8p3kUg9Ql5y
              MD5:71A707543A7E1702ADF595BDB92EDEF1
              SHA1:0952D9BCEEB5A6C00651A92B71F74B2BA39FAC56
              SHA-256:B88B7B82670BA93B0A7AADED9C2A3708A35BD55D12BDBFACE9E8A57DE432398A
              SHA-512:C277BF9A4ACD539DC7591ECA668B9F782A18515F9C0CD4F9FB5A343B28B787B3925ADEA10EF5DCB67B15CFEE17B304C8D6ABE1CB4864580F01BA9EF80CA55FF2
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,....=.|=....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............>.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2693
              Entropy (8bit):4.007694009407784
              Encrypted:false
              SSDEEP:48:8xWdZTBNsHdcidAKZdA14tseh7sFiZUkmgqeh7sc1ny+BX:8xY3+4nW5y
              MD5:4DBCFC36A13879F161F8052FF6DEBE31
              SHA1:40063B9DEBFC82A3EA34FA9B9811349D5755CAEA
              SHA-256:DF7ED8576749523C0593A26E1EA43C316B4AA7EDA67999C60A6A9D86F0541CA9
              SHA-512:9886BC0BC5F9429C735158C2A358B7F54FDC002EFE8E8A6C089C173B95A6EE9CD013AF090AE649DA3F01A0AAFC870221331A01B24D261EEE5949E18C9702E9C3
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............>.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:38:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2681
              Entropy (8bit):3.992841938786728
              Encrypted:false
              SSDEEP:48:86dZTBNk+HdcidAKZdA1vehDiZUkwqeh+1ny+R:883kUrE5y
              MD5:2DF8178506BE49CCABD30CFFE17DE810
              SHA1:34485863C3A19C4591EEECA5511F7E0E9284E494
              SHA-256:2067E23948F2AA362DACA384A7D3C38DBF9391F77206B1FB479BE00F25A8DB22
              SHA-512:C870560F9CF944C504FAC4EB41A779840D1543D7C3D024BB6FAC6C48A46C3BF8CEEDC8FF3846EA2E4869B3D73F5E98C128CD4C808AD1EF4DD748FDCF16B17A56
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,....P.x=....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............>.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:38:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2681
              Entropy (8bit):3.9847382046749513
              Encrypted:false
              SSDEEP:48:8idZTBNk+HdcidAKZdA1hehBiZUk1W1qehw1ny+C:8U3kUr9Q5y
              MD5:3E2405F0F59CCCA4AC06F68EF0CF7376
              SHA1:70ADFF1B9104AAEEAFA3D80AEE380691A9D8242D
              SHA-256:9CE50590A74F250EDCFF8EF4C80A3E1BDC4365028A505AF3F64ADBA09C768492
              SHA-512:B6DA8E6C0F84B238CE8E4BC8DA67424DED7322E10A98A450F8EFF4DA3343124018A63D4A97A5062E99C53E597553EBDB8C52A05BD6190CAD5290B68A97FD63D5
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,.....=....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............>.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:38:57 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2683
              Entropy (8bit):3.9916277214731424
              Encrypted:false
              SSDEEP:48:8hdZTBNk+HdcidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbW1ny+yT+:8N3kULT/TbxWOvTbW5y7T
              MD5:24023F4ED5BDB3C79CD7277DECBF59DF
              SHA1:9F89A68970926C6565632C0B1842CAEBF777CCED
              SHA-256:0F7FE7D80738094C2E3FA6ADBA74A0C09CBCB0E60311A4F9A3F9662CEEBBE440
              SHA-512:A1D1943CB92210D91AD2A358A1CFCB99CEF762DCA0DCBD79713ACCE5A0522A01BE5EAC8A00CF6928795549E648799156FCD852B0CA619757F825F09F22910FAF
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,....Y.n=....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............>.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              Static File Info

              No static file info

              Network Behavior

              Network Port Distribution

              TCP Packets

              TimestampSource PortDest PortSource IPDest IP
              Oct 6, 2024 18:38:49.765254974 CEST49675443192.168.2.523.1.237.91
              Oct 6, 2024 18:38:49.765290022 CEST49674443192.168.2.523.1.237.91
              Oct 6, 2024 18:38:49.890228033 CEST49673443192.168.2.523.1.237.91
              Oct 6, 2024 18:38:59.376480103 CEST49675443192.168.2.523.1.237.91
              Oct 6, 2024 18:38:59.376486063 CEST49674443192.168.2.523.1.237.91
              Oct 6, 2024 18:38:59.501441002 CEST49673443192.168.2.523.1.237.91
              Oct 6, 2024 18:39:00.563548088 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:00.563575029 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:00.563678026 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:00.564488888 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:00.564506054 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:01.128812075 CEST4434970323.1.237.91192.168.2.5
              Oct 6, 2024 18:39:01.129159927 CEST49703443192.168.2.523.1.237.91
              Oct 6, 2024 18:39:01.211055994 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:01.222115040 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:01.222131014 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:01.223684072 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:01.223788023 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:01.312644005 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:01.312860966 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:01.357449055 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:01.357464075 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:01.404299974 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:11.114078045 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:11.114161015 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:11.114283085 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:11.346374035 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:11.346416950 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:11.346585989 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:11.347001076 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:11.347011089 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.037925959 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.038017988 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.040348053 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.040365934 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.040780067 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.058074951 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.099411964 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.172696114 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.172756910 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.172800064 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.172841072 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.172878027 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.172898054 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.172946930 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.256071091 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.256103039 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.256159067 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.256191015 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.256205082 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.256361008 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.263052940 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.263091087 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.263149977 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.263169050 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.263186932 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.263242006 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.347639084 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.347687006 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.347742081 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.347794056 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.347812891 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.347938061 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.349209070 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.349231005 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.349281073 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.349298000 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.349313021 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.349423885 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.351026058 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.351058006 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.351109028 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.351126909 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.351176977 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.353816032 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.353857994 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.353897095 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.353918076 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.353933096 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.353971958 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.439266920 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.439297915 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.439356089 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.439382076 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.439414024 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.439436913 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.439690113 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.439712048 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.439744949 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.439754963 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.439795971 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.439816952 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.440079927 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.440100908 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.440136909 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.440144062 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.440200090 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.440752983 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.440773964 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.440814018 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.440825939 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.440850973 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.440872908 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.444202900 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.444221973 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.444314957 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.444334984 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.444377899 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.444835901 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.444854975 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.444902897 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.444910049 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.444983959 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.445169926 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.445241928 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.445244074 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.445477962 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.462306023 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.484270096 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.484292984 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.484309912 CEST49717443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.484316111 CEST4434971713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.642684937 CEST49721443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.642746925 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.642884016 CEST49721443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.643462896 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.643470049 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.643534899 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.645385981 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.645451069 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.645811081 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.646126032 CEST49724443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.646162033 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.646279097 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.646298885 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.646310091 CEST49724443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.646378040 CEST49721443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.646389008 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.646442890 CEST49724443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.646456003 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.646528006 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.646538019 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.647262096 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.647301912 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.647376060 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.647541046 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:12.647562027 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:12.737117052 CEST49703443192.168.2.523.1.237.91
              Oct 6, 2024 18:39:12.737205982 CEST49703443192.168.2.523.1.237.91
              Oct 6, 2024 18:39:12.741290092 CEST49726443192.168.2.523.1.237.91
              Oct 6, 2024 18:39:12.741339922 CEST4434972623.1.237.91192.168.2.5
              Oct 6, 2024 18:39:12.741661072 CEST49726443192.168.2.523.1.237.91
              Oct 6, 2024 18:39:12.742039919 CEST4434970323.1.237.91192.168.2.5
              Oct 6, 2024 18:39:12.742166042 CEST4434970323.1.237.91192.168.2.5
              Oct 6, 2024 18:39:12.796215057 CEST49726443192.168.2.523.1.237.91
              Oct 6, 2024 18:39:12.796240091 CEST4434972623.1.237.91192.168.2.5
              Oct 6, 2024 18:39:13.130614042 CEST49711443192.168.2.5216.58.212.164
              Oct 6, 2024 18:39:13.130634069 CEST44349711216.58.212.164192.168.2.5
              Oct 6, 2024 18:39:13.296220064 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.296662092 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.296730995 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.298311949 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.298326969 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.309117079 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.309467077 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.309499025 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.309844017 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.309858084 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.310487986 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.310945034 CEST49721443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.311018944 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.328310013 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.333074093 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.354852915 CEST49721443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.354876995 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.355443001 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.355473995 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.356194973 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.356204987 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.356865883 CEST49724443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.356894016 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.357480049 CEST49724443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.357485056 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.400294065 CEST4434972623.1.237.91192.168.2.5
              Oct 6, 2024 18:39:13.400377989 CEST49726443192.168.2.523.1.237.91
              Oct 6, 2024 18:39:13.412664890 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.412683010 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.412734985 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.412766933 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.412801027 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.415918112 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.415941000 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.415960073 CEST49723443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.415970087 CEST4434972313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.417529106 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.417548895 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.417593956 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.417620897 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.417885065 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.417927980 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.431111097 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.431145906 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.431164026 CEST49725443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.431174040 CEST4434972513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.438879967 CEST49728443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.438910007 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.439141989 CEST49728443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.440882921 CEST49729443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.440917969 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.440999985 CEST49729443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.441369057 CEST49728443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.441380978 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.441489935 CEST49729443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.441500902 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.457861900 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.457927942 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.458000898 CEST49721443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.458146095 CEST49721443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.458157063 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.458174944 CEST49721443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.458178997 CEST4434972113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.461256981 CEST49730443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.461271048 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.461360931 CEST49730443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.461692095 CEST49730443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.461700916 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.461936951 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.461971998 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.462008953 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.462016106 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.462048054 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.462208033 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.462249041 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.462300062 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.462313890 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.462317944 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.462332010 CEST49722443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.462336063 CEST4434972213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.463474989 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.463527918 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.463567019 CEST49724443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.463994026 CEST49724443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.464008093 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.464019060 CEST49724443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.464024067 CEST4434972413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.466308117 CEST49731443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.466325045 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.466459990 CEST49731443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.467963934 CEST49732443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.467982054 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.468027115 CEST49732443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.468178988 CEST49732443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.468185902 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:13.468350887 CEST49731443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:13.468360901 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.116173029 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.117093086 CEST49732443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.117134094 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.118680000 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.119195938 CEST49730443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.119249105 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.119353056 CEST49732443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.119359970 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.119676113 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.119759083 CEST49730443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.119772911 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.120181084 CEST49729443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.120213032 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.120619059 CEST49729443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.120630026 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.133109093 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.133578062 CEST49728443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.133620024 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.134300947 CEST49728443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.134315968 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.181166887 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.181617022 CEST49731443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.181644917 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.182171106 CEST49731443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.182183027 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.222491026 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.222558022 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.222615004 CEST49732443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.222835064 CEST49732443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.222835064 CEST49732443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.222852945 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.222867012 CEST4434973213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.225522995 CEST49733443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.225579977 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.225641012 CEST49733443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.225785017 CEST49733443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.225804090 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.227583885 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.227670908 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.227724075 CEST49730443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.227809906 CEST49730443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.227833033 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.227845907 CEST49730443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.227853060 CEST4434973013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.229960918 CEST49734443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.229976892 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.230067015 CEST49734443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.230155945 CEST49734443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.230182886 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.230695963 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.230752945 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.230843067 CEST49729443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.230932951 CEST49729443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.230942011 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.230952024 CEST49729443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.230957031 CEST4434972913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.233072996 CEST49735443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.233113050 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.233180046 CEST49735443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.233315945 CEST49735443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.233330011 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.261995077 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.262068033 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.262129068 CEST49728443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.262245893 CEST49728443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.262245893 CEST49728443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.262264013 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.262275934 CEST4434972813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.264697075 CEST49736443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.264731884 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.264811993 CEST49736443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.264966965 CEST49736443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.264982939 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.300776958 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.300862074 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.300909042 CEST49731443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.301163912 CEST49731443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.301179886 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.301192999 CEST49731443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.301198959 CEST4434973113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.303647041 CEST49737443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.303673983 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.303739071 CEST49737443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.303917885 CEST49737443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.303929090 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.885031939 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.885587931 CEST49734443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.885641098 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.887221098 CEST49734443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.887240887 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.903014898 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.903484106 CEST49733443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.903526068 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.903914928 CEST49733443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.903925896 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.910927057 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.911365986 CEST49735443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.911406040 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.911883116 CEST49735443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.911890030 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.947874069 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.948470116 CEST49736443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.948484898 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.948930979 CEST49736443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.948935986 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.971954107 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.972609997 CEST49737443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.972625017 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.973659992 CEST49737443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.973664999 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.994734049 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.994803905 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.994862080 CEST49734443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.995013952 CEST49734443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.995040894 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.995058060 CEST49734443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.995064974 CEST4434973413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.998131990 CEST49738443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.998166084 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:14.998256922 CEST49738443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.998420000 CEST49738443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:14.998428106 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.010962963 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.011038065 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.011110067 CEST49733443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.011276007 CEST49733443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.011303902 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.011320114 CEST49733443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.011327028 CEST4434973313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.014179945 CEST49739443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.014210939 CEST4434973913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.014298916 CEST49739443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.014450073 CEST49739443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.014463902 CEST4434973913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.020693064 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.020746946 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.020987034 CEST49735443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.021018982 CEST49735443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.021034956 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.021048069 CEST49735443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.021053076 CEST4434973513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.023432970 CEST49740443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.023488045 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.023667097 CEST49740443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.023793936 CEST49740443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.023808002 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.059156895 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.059254885 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.059324026 CEST49736443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.059499979 CEST49736443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.059523106 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.059531927 CEST49736443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.059537888 CEST4434973613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.063036919 CEST49741443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.063091040 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.063188076 CEST49741443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.063424110 CEST49741443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.063432932 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.081959963 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.082051992 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.082240105 CEST49737443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.082269907 CEST49737443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.082284927 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.082298994 CEST49737443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.082304955 CEST4434973713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.085750103 CEST49742443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.085788012 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.085885048 CEST49742443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.086009026 CEST49742443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.086021900 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.665815115 CEST4434973913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.666527033 CEST49739443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.666548014 CEST4434973913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.667004108 CEST49739443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.667009115 CEST4434973913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.686052084 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.686811924 CEST49740443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.686839104 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.687293053 CEST49740443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.687303066 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.690411091 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.690793991 CEST49738443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.690809011 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.691214085 CEST49738443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.691219091 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.762830973 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.763827085 CEST49741443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.763874054 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.764333963 CEST49741443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.764343023 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.774857998 CEST4434973913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.774936914 CEST4434973913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.775177956 CEST49739443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.775177956 CEST49739443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.775212049 CEST49739443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.775235891 CEST4434973913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.777951002 CEST49743443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.777996063 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.778261900 CEST49743443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.778261900 CEST49743443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.778295040 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.781714916 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.782212973 CEST49742443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.782238007 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.782668114 CEST49742443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.782680988 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.796880960 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.796955109 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.797065020 CEST49740443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.797296047 CEST49740443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.797314882 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.797456026 CEST49740443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.797463894 CEST4434974013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.800280094 CEST49744443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.800375938 CEST4434974413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.800482988 CEST49744443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.800878048 CEST49744443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.800910950 CEST4434974413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.804583073 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.804649115 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.804775953 CEST49738443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.805119991 CEST49738443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.805119991 CEST49738443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.805135965 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.805143118 CEST4434973813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.808109999 CEST49745443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.808154106 CEST4434974513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.808428049 CEST49745443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.808428049 CEST49745443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.808459044 CEST4434974513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.875745058 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.875930071 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.877228022 CEST49741443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.877336025 CEST49741443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.877370119 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.877392054 CEST49741443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.877401114 CEST4434974113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.880991936 CEST49746443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.881047964 CEST4434974613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.881176949 CEST49746443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.881484032 CEST49746443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.881505013 CEST4434974613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.898932934 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.899040937 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.899163961 CEST49742443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.899440050 CEST49742443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.899462938 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.899493933 CEST49742443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.899501085 CEST4434974213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.903683901 CEST49747443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.903764963 CEST4434974713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:15.904110909 CEST49747443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.904110909 CEST49747443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:15.904195070 CEST4434974713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.433485031 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.434201956 CEST49743443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.434231043 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.435475111 CEST49743443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.435482025 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.457463980 CEST4434974413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.458719015 CEST49744443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.458719015 CEST49744443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.458755016 CEST4434974413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.458777905 CEST4434974413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.462876081 CEST4434974513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.464154005 CEST49745443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.464178085 CEST4434974513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.464961052 CEST49745443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.464966059 CEST4434974513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.551990986 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.552064896 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.552162886 CEST49743443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.552563906 CEST49743443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.552593946 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.552623034 CEST49743443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.552629948 CEST4434974313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.555039883 CEST4434974713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.556416988 CEST49748443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.556485891 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.556777954 CEST49748443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.556981087 CEST49747443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.557012081 CEST4434974713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.557188034 CEST49748443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.557216883 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.557532072 CEST49747443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.557545900 CEST4434974713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.558459044 CEST4434974613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.559017897 CEST49746443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.559032917 CEST4434974613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.559505939 CEST49746443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.559511900 CEST4434974613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.569370985 CEST4434974413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.569444895 CEST4434974413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.569730997 CEST49744443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.569730997 CEST49744443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.569891930 CEST49744443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.569922924 CEST4434974413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.571134090 CEST4434974513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.571347952 CEST4434974513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.571583986 CEST49745443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.571584940 CEST49745443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.571765900 CEST49745443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.571784019 CEST4434974513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.573151112 CEST49749443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.573205948 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.573419094 CEST49749443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.573419094 CEST49749443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.573455095 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.573856115 CEST49750443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.573863983 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.574039936 CEST49750443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.574039936 CEST49750443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.574053049 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.663059950 CEST4434974713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.663146019 CEST4434974713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.663422108 CEST49747443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.663422108 CEST49747443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.663475990 CEST49747443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.663500071 CEST4434974713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.666311026 CEST49751443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.666362047 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.666611910 CEST49751443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.666611910 CEST49751443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.666645050 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.669852018 CEST4434974613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.669922113 CEST4434974613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.670094013 CEST49746443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.670094013 CEST49746443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.670141935 CEST49746443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.670156002 CEST4434974613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.672437906 CEST49752443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.672491074 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:16.672672987 CEST49752443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.672672987 CEST49752443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:16.672704935 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.225018978 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.225526094 CEST49748443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.225554943 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.225966930 CEST49748443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.225972891 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.255276918 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.255722046 CEST49749443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.255748987 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.256181955 CEST49749443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.256186962 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.297481060 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.297923088 CEST49750443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.297950983 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.298535109 CEST49750443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.298542976 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.333899021 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.334388971 CEST49751443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.334407091 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.334844112 CEST49751443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.334850073 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.339308977 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.339376926 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.339659929 CEST49748443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.339709044 CEST49748443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.339728117 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.339742899 CEST49748443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.339750051 CEST4434974813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.342314005 CEST49753443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.342355013 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.342477083 CEST49753443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.342606068 CEST49753443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.342617035 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.367254019 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.367314100 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.367487907 CEST49749443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.367526054 CEST49749443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.367526054 CEST49749443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.367546082 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.367558002 CEST4434974913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.370012045 CEST49754443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.370044947 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.370117903 CEST49754443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.370255947 CEST49754443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.370268106 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.371566057 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.371967077 CEST49752443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.371994019 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.372380972 CEST49752443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.372385979 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.421142101 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.421205997 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.421257973 CEST49750443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.421417952 CEST49750443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.421436071 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.421446085 CEST49750443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.421451092 CEST4434975013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.424043894 CEST49755443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.424082041 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.424164057 CEST49755443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.424370050 CEST49755443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.424381018 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.445236921 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.445307016 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.445411921 CEST49751443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.445470095 CEST49751443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.445492983 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.445502996 CEST49751443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.445508957 CEST4434975113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.447788954 CEST49756443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.447814941 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.447916985 CEST49756443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.448028088 CEST49756443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.448035002 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.484255075 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.484334946 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.484425068 CEST49752443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.484553099 CEST49752443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.484571934 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.484584093 CEST49752443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.484589100 CEST4434975213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.487616062 CEST49757443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.487654924 CEST4434975713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.487772942 CEST49757443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.487894058 CEST49757443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.487910986 CEST4434975713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.994070053 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.994649887 CEST49753443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.994688034 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:17.995124102 CEST49753443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:17.995131016 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.033478022 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.033878088 CEST49754443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.033895969 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.034310102 CEST49754443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.034315109 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.073852062 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.074354887 CEST49755443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.074383020 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.074830055 CEST49755443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.074835062 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.103313923 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.103399038 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.103576899 CEST49753443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.103625059 CEST49753443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.103651047 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.103665113 CEST49753443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.103672028 CEST4434975313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.106448889 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.106488943 CEST4434975813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.106756926 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.106900930 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.106914997 CEST4434975813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.143794060 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.143857956 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.143940926 CEST49754443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.144138098 CEST49754443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.144162893 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.144188881 CEST49754443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.144196033 CEST4434975413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.147349119 CEST49759443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.147387981 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.147542953 CEST49759443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.147710085 CEST49759443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.147718906 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.154608965 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.155014038 CEST49756443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.155023098 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.155766964 CEST49756443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.155771971 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.165335894 CEST4434975713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.166532040 CEST49757443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.166547060 CEST4434975713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.166948080 CEST49757443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.166965008 CEST4434975713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.196310043 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.196382046 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.196434021 CEST49755443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.196561098 CEST49755443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.196583033 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.196597099 CEST49755443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.196604013 CEST4434975513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.200541973 CEST49760443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.200570107 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.200633049 CEST49760443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.200788021 CEST49760443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.200797081 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.273901939 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.273972988 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.274017096 CEST49756443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.274193048 CEST49756443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.274204016 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.274218082 CEST49756443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.274223089 CEST4434975613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.277395964 CEST49761443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.277446032 CEST4434976113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.278194904 CEST49761443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.278194904 CEST49761443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.278235912 CEST4434976113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.278918028 CEST4434975713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.278985977 CEST4434975713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.279148102 CEST49757443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.279148102 CEST49757443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.279175043 CEST49757443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.279184103 CEST4434975713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.281277895 CEST49762443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.281287909 CEST4434976213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.281677008 CEST49762443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.281677008 CEST49762443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.281704903 CEST4434976213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.758816004 CEST4434975813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.762135029 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.762135029 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.762162924 CEST4434975813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.762182951 CEST4434975813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.799202919 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.799709082 CEST49759443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.799738884 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.800168037 CEST49759443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.800173044 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.863105059 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.863758087 CEST49760443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.863790989 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.864208937 CEST49760443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.864214897 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.871634960 CEST4434975813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.871728897 CEST4434975813.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.875694990 CEST49763443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.875737906 CEST4434976313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.875762939 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.875762939 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.875762939 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.875977993 CEST49763443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.876204967 CEST49763443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.876214027 CEST4434976313.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.907969952 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.908041954 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.908096075 CEST49759443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.908360958 CEST49759443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.908375025 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.908386946 CEST49759443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.908392906 CEST4434975913.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.911135912 CEST49764443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.911187887 CEST4434976413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.911278963 CEST49764443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.911442995 CEST49764443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.911456108 CEST4434976413.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.927949905 CEST4434976213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.929517031 CEST49762443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.929517031 CEST49762443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.929552078 CEST4434976213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.929569960 CEST4434976213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.934173107 CEST4434976113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.934740067 CEST49761443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.934758902 CEST4434976113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.938191891 CEST49761443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.938201904 CEST4434976113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.977013111 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.977086067 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.977144957 CEST49760443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.977413893 CEST49760443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.977428913 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.977442980 CEST49760443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.977448940 CEST4434976013.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.980673075 CEST49765443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.980731010 CEST4434976513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:18.980797052 CEST49765443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.980916977 CEST49765443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:18.980930090 CEST4434976513.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.037715912 CEST4434976213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.037787914 CEST4434976213.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.038027048 CEST49762443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.038027048 CEST49762443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.038027048 CEST49762443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.040833950 CEST49766443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.040873051 CEST4434976613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.040982962 CEST49766443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.041161060 CEST49766443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.041176081 CEST4434976613.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.043597937 CEST4434976113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.043658018 CEST4434976113.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.044755936 CEST49761443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.044755936 CEST49761443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.044755936 CEST49761443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.046039104 CEST49767443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.046091080 CEST4434976713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.046156883 CEST49767443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.046281099 CEST49767443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.046293974 CEST4434976713.107.253.45192.168.2.5
              Oct 6, 2024 18:39:19.170727015 CEST49758443192.168.2.513.107.253.45
              Oct 6, 2024 18:39:19.170768976 CEST4434975813.107.253.45192.168.2.5

              UDP Packets

              TimestampSource PortDest PortSource IPDest IP
              Oct 6, 2024 18:38:55.986524105 CEST53544631.1.1.1192.168.2.5
              Oct 6, 2024 18:38:56.039572954 CEST53640311.1.1.1192.168.2.5
              Oct 6, 2024 18:38:57.088932991 CEST53536061.1.1.1192.168.2.5
              Oct 6, 2024 18:38:57.428277016 CEST5540453192.168.2.51.1.1.1
              Oct 6, 2024 18:38:57.428277016 CEST5296253192.168.2.51.1.1.1
              Oct 6, 2024 18:38:57.438837051 CEST53554041.1.1.1192.168.2.5
              Oct 6, 2024 18:38:57.439244986 CEST53529621.1.1.1192.168.2.5
              Oct 6, 2024 18:38:57.444339991 CEST5351253192.168.2.51.1.1.1
              Oct 6, 2024 18:38:57.466312885 CEST53535121.1.1.1192.168.2.5
              Oct 6, 2024 18:38:57.527314901 CEST5748853192.168.2.58.8.8.8
              Oct 6, 2024 18:38:57.527786970 CEST6023653192.168.2.51.1.1.1
              Oct 6, 2024 18:38:57.534219027 CEST53574888.8.8.8192.168.2.5
              Oct 6, 2024 18:38:57.534887075 CEST53602361.1.1.1192.168.2.5
              Oct 6, 2024 18:38:58.564742088 CEST6536253192.168.2.51.1.1.1
              Oct 6, 2024 18:38:58.564956903 CEST5041553192.168.2.51.1.1.1
              Oct 6, 2024 18:38:58.574877977 CEST53504151.1.1.1192.168.2.5
              Oct 6, 2024 18:38:58.581159115 CEST53653621.1.1.1192.168.2.5
              Oct 6, 2024 18:38:58.590533018 CEST5365553192.168.2.51.1.1.1
              Oct 6, 2024 18:38:58.590760946 CEST6456853192.168.2.51.1.1.1
              Oct 6, 2024 18:38:58.603638887 CEST53645681.1.1.1192.168.2.5
              Oct 6, 2024 18:38:58.605772972 CEST53536551.1.1.1192.168.2.5
              Oct 6, 2024 18:39:00.544698000 CEST4943653192.168.2.51.1.1.1
              Oct 6, 2024 18:39:00.545949936 CEST6471753192.168.2.51.1.1.1
              Oct 6, 2024 18:39:00.551759005 CEST53494361.1.1.1192.168.2.5
              Oct 6, 2024 18:39:00.552723885 CEST53647171.1.1.1192.168.2.5
              Oct 6, 2024 18:39:03.722887039 CEST5634453192.168.2.51.1.1.1
              Oct 6, 2024 18:39:03.724076033 CEST5943553192.168.2.51.1.1.1
              Oct 6, 2024 18:39:03.738538980 CEST53563441.1.1.1192.168.2.5
              Oct 6, 2024 18:39:03.740250111 CEST53594351.1.1.1192.168.2.5
              Oct 6, 2024 18:39:03.773596048 CEST5607053192.168.2.51.1.1.1
              Oct 6, 2024 18:39:03.783924103 CEST53560701.1.1.1192.168.2.5
              Oct 6, 2024 18:39:14.032774925 CEST53499111.1.1.1192.168.2.5

              DNS Queries

              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
              Oct 6, 2024 18:38:57.428277016 CEST192.168.2.51.1.1.10x16a4Standard query (0)us-usps-xxzcch.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:57.428277016 CEST192.168.2.51.1.1.10x7b85Standard query (0)us-usps-xxzcch.xyz65IN (0x0001)false
              Oct 6, 2024 18:38:57.444339991 CEST192.168.2.51.1.1.10x2beaStandard query (0)us-usps-xxzcch.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:57.527314901 CEST192.168.2.58.8.8.80x19a2Standard query (0)google.comA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:57.527786970 CEST192.168.2.51.1.1.10x696fStandard query (0)google.comA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:58.564742088 CEST192.168.2.51.1.1.10x8c0eStandard query (0)us-usps-xxzcch.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:58.564956903 CEST192.168.2.51.1.1.10x5bf7Standard query (0)us-usps-xxzcch.xyz65IN (0x0001)false
              Oct 6, 2024 18:38:58.590533018 CEST192.168.2.51.1.1.10xbd2bStandard query (0)us-usps-xxzcch.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:58.590760946 CEST192.168.2.51.1.1.10xc9d4Standard query (0)us-usps-xxzcch.xyz65IN (0x0001)false
              Oct 6, 2024 18:39:00.544698000 CEST192.168.2.51.1.1.10xa9a2Standard query (0)www.google.comA (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:00.545949936 CEST192.168.2.51.1.1.10x9530Standard query (0)www.google.com65IN (0x0001)false
              Oct 6, 2024 18:39:03.722887039 CEST192.168.2.51.1.1.10xab72Standard query (0)us-usps-xxzcch.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:03.724076033 CEST192.168.2.51.1.1.10x1f8fStandard query (0)us-usps-xxzcch.xyz65IN (0x0001)false
              Oct 6, 2024 18:39:03.773596048 CEST192.168.2.51.1.1.10x9e6aStandard query (0)us-usps-xxzcch.xyzA (IP address)IN (0x0001)false

              DNS Answers

              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
              Oct 6, 2024 18:38:57.438837051 CEST1.1.1.1192.168.2.50x16a4Name error (3)us-usps-xxzcch.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:57.439244986 CEST1.1.1.1192.168.2.50x7b85Name error (3)us-usps-xxzcch.xyznonenone65IN (0x0001)false
              Oct 6, 2024 18:38:57.466312885 CEST1.1.1.1192.168.2.50x2beaName error (3)us-usps-xxzcch.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:57.534219027 CEST8.8.8.8192.168.2.50x19a2No error (0)google.com142.250.184.206A (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:57.534887075 CEST1.1.1.1192.168.2.50x696fNo error (0)google.com142.250.186.78A (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:58.574877977 CEST1.1.1.1192.168.2.50x5bf7Name error (3)us-usps-xxzcch.xyznonenone65IN (0x0001)false
              Oct 6, 2024 18:38:58.581159115 CEST1.1.1.1192.168.2.50x8c0eName error (3)us-usps-xxzcch.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:38:58.603638887 CEST1.1.1.1192.168.2.50xc9d4Name error (3)us-usps-xxzcch.xyznonenone65IN (0x0001)false
              Oct 6, 2024 18:38:58.605772972 CEST1.1.1.1192.168.2.50xbd2bName error (3)us-usps-xxzcch.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:00.551759005 CEST1.1.1.1192.168.2.50xa9a2No error (0)www.google.com216.58.212.164A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:00.552723885 CEST1.1.1.1192.168.2.50x9530No error (0)www.google.com65IN (0x0001)false
              Oct 6, 2024 18:39:03.738538980 CEST1.1.1.1192.168.2.50xab72Name error (3)us-usps-xxzcch.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:03.740250111 CEST1.1.1.1192.168.2.50x1f8fName error (3)us-usps-xxzcch.xyznonenone65IN (0x0001)false
              Oct 6, 2024 18:39:03.783924103 CEST1.1.1.1192.168.2.50x9e6aName error (3)us-usps-xxzcch.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.comdefault.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.comCNAME (Canonical name)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.35A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.22A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.36A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com84.201.210.37A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.27A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.42A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com84.201.210.22A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:10.819178104 CEST1.1.1.1192.168.2.50x5654No error (0)default.qdr.p1.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com217.20.57.23A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:11.345587015 CEST1.1.1.1192.168.2.50x859bNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.netazurefd-t-fb-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
              Oct 6, 2024 18:39:11.345587015 CEST1.1.1.1192.168.2.50x859bNo error (0)dual.s-part-0017.t-0009.fb-t-msedge.nets-part-0017.t-0009.fb-t-msedge.netCNAME (Canonical name)IN (0x0001)false
              Oct 6, 2024 18:39:11.345587015 CEST1.1.1.1192.168.2.50x859bNo error (0)s-part-0017.t-0009.fb-t-msedge.net13.107.253.45A (IP address)IN (0x0001)false
              Oct 6, 2024 18:39:11.495191097 CEST1.1.1.1192.168.2.50x5bd2No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
              Oct 6, 2024 18:39:11.495191097 CEST1.1.1.1192.168.2.50x5bd2No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

              HTTP Request Dependency Graph

              • otelrules.azureedge.net

              HTTPS Proxied Packets

              Session IDSource IPSource PortDestination IPDestination Port
              0192.168.2.54971713.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:12 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:12 UTC561INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:12 GMT
              Content-Type: text/plain
              Content-Length: 218853
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public
              Last-Modified: Fri, 04 Oct 2024 23:21:50 GMT
              ETag: "0x8DCE4CB535A72FA"
              x-ms-request-id: 4dad204e-401e-005b-4bf5-169c0c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163912Z-r154656d9bcpkd87yvea8r1dfg0000000cy0000000000vr6
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:12 UTC15823INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
              Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
              2024-10-06 16:39:12 UTC16384INData Raw: 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
              Data Ascii: <S T="1" F="0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L>
              2024-10-06 16:39:12 UTC16384INData Raw: 3c 53 20 54 3d 22 33 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d
              Data Ascii: <S T="3" /> </T> <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-
              2024-10-06 16:39:12 UTC16384INData Raw: 6e 74 73 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a
              Data Ascii: nts" /> </C> <C T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" />
              2024-10-06 16:39:12 UTC16384INData Raw: 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
              Data Ascii: </S> <C T="U32" I="0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32"
              2024-10-06 16:39:12 UTC16384INData Raw: 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20
              Data Ascii: _Count"> <C> <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S
              2024-10-06 16:39:12 UTC16384INData Raw: 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22
              Data Ascii: <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3"
              2024-10-06 16:39:12 UTC16384INData Raw: 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65
              Data Ascii: </L> <R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false
              2024-10-06 16:39:12 UTC16384INData Raw: 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20
              Data Ascii: T="B" /> </R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" />
              2024-10-06 16:39:12 UTC16384INData Raw: 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54
              Data Ascii: O> </F> <F T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T


              Session IDSource IPSource PortDestination IPDestination Port
              1192.168.2.54972313.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:13 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:13 UTC584INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:13 GMT
              Content-Type: text/xml
              Content-Length: 2980
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
              ETag: "0x8DC582BA80D96A1"
              x-ms-request-id: b9d87bc3-001e-008d-128c-15d91e000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163913Z-r154656d9bcp2td5zh846myygg0000000qyg000000000rgm
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:13 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


              Session IDSource IPSource PortDestination IPDestination Port
              2192.168.2.54972513.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:13 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:13 UTC563INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:13 GMT
              Content-Type: text/xml
              Content-Length: 2160
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
              ETag: "0x8DC582BA3B95D81"
              x-ms-request-id: c59bb0f9-701e-0097-2d01-17b8c1000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163913Z-1767f7688dccnqqfuv6uyx4er000000001a0000000006bmh
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:13 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


              Session IDSource IPSource PortDestination IPDestination Port
              3192.168.2.54972113.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:13 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:13 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:13 GMT
              Content-Type: text/xml
              Content-Length: 450
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
              ETag: "0x8DC582BD4C869AE"
              x-ms-request-id: eb718e1d-001e-000b-2c22-1615a7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163913Z-r154656d9bc94jg685tuhe75qw0000000db0000000005ea0
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:13 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


              Session IDSource IPSource PortDestination IPDestination Port
              4192.168.2.54972213.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:13 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:13 UTC584INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:13 GMT
              Content-Type: text/xml
              Content-Length: 3788
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
              ETag: "0x8DC582BAC2126A6"
              x-ms-request-id: 265a1445-001e-00a2-25c7-17d4d5000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163913Z-1767f7688dc4gvn6w3bs6a6k900000000qw000000000bsqg
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:13 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


              Session IDSource IPSource PortDestination IPDestination Port
              5192.168.2.54972413.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:13 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:13 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:13 GMT
              Content-Type: text/xml
              Content-Length: 408
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
              ETag: "0x8DC582BB56D3AFB"
              x-ms-request-id: 4b0a31e7-c01e-00ad-448c-15a2b9000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163913Z-1767f7688dc7bfz42qn9t7yq500000000qw00000000070u7
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:13 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              6192.168.2.54973213.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:14 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:14 GMT
              Content-Type: text/xml
              Content-Length: 467
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
              ETag: "0x8DC582BA6C038BC"
              x-ms-request-id: b2393cc3-501e-005b-768c-15d7f7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163914Z-r154656d9bcclz9cswng83z0t000000009eg000000004qf9
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:14 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              7192.168.2.54973013.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:14 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:14 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
              ETag: "0x8DC582BB10C598B"
              x-ms-request-id: 24b39cfc-301e-0096-2a8c-15e71d000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163914Z-1767f7688dccc6lkbm0py95vf00000000r1g000000005znc
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:14 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              8192.168.2.54972913.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:14 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:14 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
              ETag: "0x8DC582B9F6F3512"
              x-ms-request-id: 757ce4f4-401e-000a-128c-154a7b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163914Z-1767f7688dcrlt4tm55zgvcmun0000000qq0000000008phr
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:14 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              9192.168.2.54972813.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:14 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:14 GMT
              Content-Type: text/xml
              Content-Length: 474
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
              ETag: "0x8DC582B9964B277"
              x-ms-request-id: aa8826a4-b01e-0053-608c-15cdf8000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163914Z-r154656d9bcqqgssyv95384a1c0000000qu00000000090sz
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:14 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              10192.168.2.54973113.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:14 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:14 GMT
              Content-Type: text/xml
              Content-Length: 632
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
              ETag: "0x8DC582BB6E3779E"
              x-ms-request-id: 3a0dc1eb-601e-0032-608c-15eebb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163914Z-1767f7688dcnw9hfer0bd0kh1g00000001200000000096mn
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:14 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


              Session IDSource IPSource PortDestination IPDestination Port
              11192.168.2.54973413.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:14 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:14 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB344914B"
              x-ms-request-id: 1cc301c6-e01e-0071-6b8c-1508e7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163914Z-r154656d9bcmxqxrqrw0qrf8hg00000009mg000000006vfd
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:14 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              12192.168.2.54973313.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:14 GMT
              Content-Type: text/xml
              Content-Length: 407
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
              ETag: "0x8DC582BBAD04B7B"
              x-ms-request-id: cc223d3c-501e-008f-0ec7-179054000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163914Z-1767f7688dcxfh5bcu3z8cgqmn0000000r5g0000000022wf
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              13192.168.2.54973513.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:14 GMT
              Content-Type: text/xml
              Content-Length: 427
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
              ETag: "0x8DC582BA310DA18"
              x-ms-request-id: 1cc301ca-e01e-0071-6f8c-1508e7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163914Z-r154656d9bc5qmxtyvgyzcay0c0000000d8000000000aukg
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              14192.168.2.54973613.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:15 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
              ETag: "0x8DC582B9018290B"
              x-ms-request-id: e0871f45-901e-00a0-0d8c-156a6d000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163915Z-1767f7688dc4zx8hzkgqpgqkb400000008ng0000000040c1
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              15192.168.2.54973713.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:14 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:15 GMT
              Content-Type: text/xml
              Content-Length: 407
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
              ETag: "0x8DC582B9698189B"
              x-ms-request-id: 023e3944-a01e-003d-708c-1598d7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163915Z-1767f7688dccc6lkbm0py95vf00000000r20000000004pk6
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              16192.168.2.54973913.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:15 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:15 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
              ETag: "0x8DC582BA41997E3"
              x-ms-request-id: c54fb296-901e-008f-528c-1567a6000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163915Z-r154656d9bc5gm9nqxzv5c87e8000000048g00000000cbfb
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              17192.168.2.54974013.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:15 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:15 GMT
              Content-Type: text/xml
              Content-Length: 477
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
              ETag: "0x8DC582BB8CEAC16"
              x-ms-request-id: 5e74a9a8-b01e-003d-569e-15d32c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163915Z-1767f7688dc9hz5543dfnckp1w0000000f40000000003ptu
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              18192.168.2.54973813.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:15 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:15 GMT
              Content-Type: text/xml
              Content-Length: 469
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
              ETag: "0x8DC582BBA701121"
              x-ms-request-id: 77844cee-a01e-0032-35c7-171949000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163915Z-r154656d9bcmxqxrqrw0qrf8hg00000009mg000000006vg1
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              19192.168.2.54974113.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:15 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:15 GMT
              Content-Type: text/xml
              Content-Length: 464
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
              ETag: "0x8DC582B97FB6C3C"
              x-ms-request-id: 348a4018-801e-0078-54c7-17bac6000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163915Z-1767f7688dc9hz5543dfnckp1w0000000ey000000000fyb6
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


              Session IDSource IPSource PortDestination IPDestination Port
              20192.168.2.54974213.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:15 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:15 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:15 GMT
              Content-Type: text/xml
              Content-Length: 494
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
              ETag: "0x8DC582BB7010D66"
              x-ms-request-id: 79ade187-001e-0065-788c-150b73000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163915Z-1767f7688dc7tjsxtc1ffgx97w0000000qsg00000000dns1
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:15 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              21192.168.2.54974313.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:16 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:16 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:16 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
              ETag: "0x8DC582B9748630E"
              x-ms-request-id: 0da94923-701e-0097-168c-15b8c1000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163916Z-r154656d9bcdp2lt7d5tpscfcn0000000qwg00000000bqv8
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:16 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              22192.168.2.54974413.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:16 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:16 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:16 GMT
              Content-Type: text/xml
              Content-Length: 472
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
              ETag: "0x8DC582B9DACDF62"
              x-ms-request-id: 8e9c869d-201e-000c-4b8c-1579c4000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163916Z-1767f7688dccc6lkbm0py95vf00000000r10000000008r22
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:16 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              23192.168.2.54974513.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:16 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:16 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:16 GMT
              Content-Type: text/xml
              Content-Length: 404
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
              ETag: "0x8DC582B9E8EE0F3"
              x-ms-request-id: 4f10c824-e01e-0085-1c8c-15c311000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163916Z-1767f7688dc5plpppuk35q59aw0000000qtg00000000495y
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:16 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


              Session IDSource IPSource PortDestination IPDestination Port
              24192.168.2.54974713.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:16 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:16 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:16 GMT
              Content-Type: text/xml
              Content-Length: 428
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
              ETag: "0x8DC582BAC4F34CA"
              x-ms-request-id: 82f8b22c-c01e-0014-5a8c-15a6a3000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163916Z-1767f7688dcxs7gvbd5dcgxeys0000000qng0000000036wh
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:16 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              25192.168.2.54974613.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:16 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:16 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:16 GMT
              Content-Type: text/xml
              Content-Length: 468
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
              ETag: "0x8DC582B9C8E04C8"
              x-ms-request-id: a818c6dc-b01e-005c-0236-164c66000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163916Z-r154656d9bc7mtk716cm75thbs0000000qqg000000001txu
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:16 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              26192.168.2.54974813.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:17 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:17 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:17 GMT
              Content-Type: text/xml
              Content-Length: 499
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
              ETag: "0x8DC582B98CEC9F6"
              x-ms-request-id: 22e42897-601e-0070-65c7-17a0c9000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163917Z-1767f7688dccbx4fmf9wh4mm3c0000000qh0000000007fwv
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:17 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              27192.168.2.54974913.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:17 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:17 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:17 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B988EBD12"
              x-ms-request-id: 07aac232-401e-0083-10c7-17075c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163917Z-1767f7688dc5smv9fdkth3nru00000000qvg0000000056ut
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:17 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              28192.168.2.54975013.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:17 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:17 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:17 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
              ETag: "0x8DC582BB5815C4C"
              x-ms-request-id: e44feb8c-a01e-0084-742d-169ccd000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163917Z-r154656d9bckpfgl7fe14swubc0000000dd0000000003m5e
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:17 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              29192.168.2.54975113.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:17 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:17 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:17 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB32BB5CB"
              x-ms-request-id: c2ca9d4d-801e-0035-458c-15752a000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163917Z-1767f7688dc5kg9bwc8fvfnfb40000000qzg000000007h4u
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:17 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              30192.168.2.54975213.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:17 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:17 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:17 GMT
              Content-Type: text/xml
              Content-Length: 494
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
              ETag: "0x8DC582BB8972972"
              x-ms-request-id: 5e6d03be-001e-0014-0a36-165151000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163917Z-r154656d9bc5gm9nqxzv5c87e8000000046g00000000hb0z
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:17 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              31192.168.2.54975313.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:17 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:18 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 420
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
              ETag: "0x8DC582B9DAE3EC0"
              x-ms-request-id: a7623418-001e-00a2-348c-15d4d5000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-1767f7688dc2kzqgyrtc6e2gp40000000qn000000000btkg
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:18 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


              Session IDSource IPSource PortDestination IPDestination Port
              32192.168.2.54975413.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:18 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 472
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
              ETag: "0x8DC582B9D43097E"
              x-ms-request-id: 4b0a3852-c01e-00ad-3b8c-15a2b9000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-r154656d9bczbzfnyr5sz58vdw0000000d5g00000000hd8u
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:18 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              33192.168.2.54975513.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:18 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 427
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
              ETag: "0x8DC582BA909FA21"
              x-ms-request-id: 12b84351-401e-0064-79c7-1754af000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-1767f7688dc88qkvtwr7dy4vdn0000000950000000007wq7
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:18 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              34192.168.2.54975613.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:18 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
              ETag: "0x8DC582B92FCB436"
              x-ms-request-id: 4fef4e97-801e-007b-44c7-15e7ab000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-r154656d9bcgk58qzsfr5pfzg40000000qx00000000070me
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:18 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              35192.168.2.54975713.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:18 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 423
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
              ETag: "0x8DC582BB7564CE8"
              x-ms-request-id: e8bdadc1-401e-0067-74c7-1709c2000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-1767f7688dcnw9hfer0bd0kh1g000000011g00000000adf1
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:18 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


              Session IDSource IPSource PortDestination IPDestination Port
              36192.168.2.54975813.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:18 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 478
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
              ETag: "0x8DC582B9B233827"
              x-ms-request-id: 4dd19665-401e-005b-7705-179c0c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-1767f7688dcxjm7c0w73xyx8vs0000000qyg00000000aqna
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:18 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              37192.168.2.54975913.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:18 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 404
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
              ETag: "0x8DC582B95C61A3C"
              x-ms-request-id: 4700277e-801e-008f-589e-152c5d000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-r154656d9bcv7txsqsufsswrks0000000d5000000000ftdx
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:18 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


              Session IDSource IPSource PortDestination IPDestination Port
              38192.168.2.54976013.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:18 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 468
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
              ETag: "0x8DC582BB046B576"
              x-ms-request-id: 8789ddbb-a01e-0084-6a8c-159ccd000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-r154656d9bcclz9cswng83z0t000000009cg000000008q7u
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:18 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              39192.168.2.54976213.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:19 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 479
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
              ETag: "0x8DC582BB7D702D0"
              x-ms-request-id: ed9c017d-601e-000d-3e22-162618000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-r154656d9bczc24jcy1csnb0es000000017g000000002x7b
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:19 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              40192.168.2.54976113.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:18 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:19 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:18 GMT
              Content-Type: text/xml
              Content-Length: 400
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
              ETag: "0x8DC582BB2D62837"
              x-ms-request-id: 9bed673a-001e-0046-278c-15da4b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163918Z-1767f7688dcjgr4ssr2c6t2x2s0000000r1g000000008gz6
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:19 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


              Session IDSource IPSource PortDestination IPDestination Port
              41192.168.2.54976313.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:19 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:19 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:19 GMT
              Content-Type: text/xml
              Content-Length: 425
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
              ETag: "0x8DC582BBA25094F"
              x-ms-request-id: 3a0dcc46-601e-0032-6c8c-15eebb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163919Z-r154656d9bcgk58qzsfr5pfzg40000000qs000000000gy7z
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:19 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


              Session IDSource IPSource PortDestination IPDestination Port
              42192.168.2.54976413.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:19 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:19 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:19 GMT
              Content-Type: text/xml
              Content-Length: 475
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
              ETag: "0x8DC582BB2BE84FD"
              x-ms-request-id: 15fe0b87-a01e-0002-3b8c-155074000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163919Z-1767f7688dcddqmnbcgcfkdk6s00000002f0000000007n8z
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:19 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              43192.168.2.54976513.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:19 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:19 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:19 GMT
              Content-Type: text/xml
              Content-Length: 448
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB389F49B"
              x-ms-request-id: 738079d0-501e-00a3-3dc7-17c0f2000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163919Z-1767f7688dczvnhxbpcveghk5g0000000a9g000000008pdb
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:19 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


              Session IDSource IPSource PortDestination IPDestination Port
              44192.168.2.54976713.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:19 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:19 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:19 GMT
              Content-Type: text/xml
              Content-Length: 416
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
              ETag: "0x8DC582BAEA4B445"
              x-ms-request-id: 4b3baa61-c01e-00ad-4e9e-15a2b9000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163919Z-r154656d9bc6kzfwvnn9vvz3c400000004f0000000006vzb
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:19 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


              Session IDSource IPSource PortDestination IPDestination Port
              45192.168.2.54976613.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:19 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:19 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:19 GMT
              Content-Type: text/xml
              Content-Length: 491
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B98B88612"
              x-ms-request-id: 85e8bebc-601e-0032-1873-16eebb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163919Z-1767f7688dcwt84hd6d7u4c7700000000qv000000000bpqy
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:19 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              46192.168.2.54976813.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:20 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:20 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:20 GMT
              Content-Type: text/xml
              Content-Length: 479
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B989EE75B"
              x-ms-request-id: 1513c2df-001e-0017-1f9e-150c3c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163920Z-1767f7688dcdplk6tmg02e519n0000000r2g00000000498d
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:20 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              47192.168.2.54977013.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:20 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:20 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:20 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
              ETag: "0x8DC582B97E6FCDD"
              x-ms-request-id: b83a8dc4-f01e-003f-308c-15d19d000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163920Z-r154656d9bc27nzfvdqr2guqt000000000s00000000002yn
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:20 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              48192.168.2.54976913.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:20 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:20 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:20 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
              ETag: "0x8DC582BA80D96A1"
              x-ms-request-id: b9a197f6-401e-0078-3b8c-154d34000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163920Z-1767f7688dc9hz5543dfnckp1w0000000f20000000007f21
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:39:20 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              49192.168.2.54977113.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:20 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:20 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:20 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
              ETag: "0x8DC582B9C710B28"
              x-ms-request-id: c276760a-301e-0051-159c-1538bb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163920Z-r154656d9bcvjnbgheqhz2uek80000000qx0000000006wm6
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:20 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              50192.168.2.54977213.107.253.45443
              TimestampBytes transferredDirectionData
              2024-10-06 16:39:20 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:39:20 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:39:20 GMT
              Content-Type: text/xml
              Content-Length: 477
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
              ETag: "0x8DC582BA54DCC28"
              x-ms-request-id: 3883747d-501e-008c-279e-15cd39000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T163920Z-r154656d9bclhnqxthdkb0ps8000000006tg0000000068kb
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:39:20 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Statistics

              CPU Usage

              Click to jump to process

              Memory Usage

              Click to jump to process

              Behavior

              Click to jump to process

              System Behavior

              General

              Target ID:0
              Start time:12:38:52
              Start date:06/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:2
              Start time:12:38:54
              Start date:06/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2368 --field-trial-handle=2196,i,11809419973761452851,14499558416037239792,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:3
              Start time:12:38:56
              Start date:06/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-xxzcch.xyz/update/"
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:true

              Disassembly

              No disassembly