Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://us-usps-wukhzy.xyz/update/

Overview

General Information

Sample URL:https://us-usps-wukhzy.xyz/update/
Analysis ID:1526978
Tags:openphish
Infos:
Errors
  • URL not reachable

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Performs DNS queries to domains with low reputation
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2556 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3868 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2000,i,17161473894225688281,10000816620996369041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6776 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-wukhzy.xyz/update/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://us-usps-wukhzy.xyz/update/SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49718 version: TLS 1.0
Source: unknownHTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:49722 version: TLS 1.2

Networking

barindex
Performs DNS queries to domains with low reputation
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-wukhzy.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-wukhzy.xyz
Source: DNS query: us-usps-wukhzy.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-wukhzy.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-wukhzy.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-wukhzy.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-wukhzy.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-wukhzy.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-wukhzy.xyz
Source: DNS query: us-usps-wukhzy.xyz
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49718 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: us-usps-wukhzy.xyz
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:49722 version: TLS 1.2
Source: classification engineClassification label: mal52.troj.win@19/6@14/3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2000,i,17161473894225688281,10000816620996369041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-wukhzy.xyz/update/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2000,i,17161473894225688281,10000816620996369041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://us-usps-wukhzy.xyz/update/100%SlashNextFraudulent Website type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    		unknown
    google.com
    		142.250.184.206
    		truefalse
      		unknown
      s-part-0044.t-0009.fb-t-msedge.net
      		13.107.253.72
      		truefalse
        		unknown
        www.google.com
        		216.58.206.68
        		truefalse
          		unknown
          fp2e7a.wpc.phicdn.net
          		192.229.221.95
          		truefalse
            		unknown
            us-usps-wukhzy.xyz
            		unknown
            		unknowntrue
              		unknown

              World Map of Contacted IPs

              • No. of IPs < 25%
              • 25% < No. of IPs < 50%
              • 50% < No. of IPs < 75%
              • 75% < No. of IPs

              Public IPs

              IPDomainCountryFlagASNASN NameMalicious
              239.255.255.250
              		unknownReserved
              		unknownunknownfalse
              216.58.206.68
              		www.google.comUnited States
              		15169GOOGLEUSfalse

              Private

              IP
              192.168.2.5

              General Information

              Joe Sandbox version:41.0.0 Charoite
              Analysis ID:1526978
              Start date and time:2024-10-06 18:47:08 +02:00
              Joe Sandbox product:CloudBasic
              Overall analysis duration:0h 2m 1s
              Hypervisor based Inspection enabled:false
              Report type:full
              Cookbook file name:browseurl.jbs
              Sample URL:https://us-usps-wukhzy.xyz/update/
              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
              Number of analysed new started processes analysed:6
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:0
              Technologies:
              • HCA enabled
              • EGA enabled
              • AMSI enabled
              Analysis Mode:default
              Analysis stop reason:Timeout
              Detection:MAL
              Classification:mal52.troj.win@19/6@14/3
              EGA Information:Failed
              HCA Information:
              • Successful, ratio: 100%
              • Number of executed functions: 0
              • Number of non-executed functions: 0
              Cookbook Comments:
              • URL browsing timeout or error

              Errors

              • URL not reachable

              Warnings

              • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
              • Excluded IPs from analysis (whitelisted): 142.250.185.195, 66.102.1.84, 142.250.185.206, 34.104.35.123, 184.28.90.27, 199.232.210.172, 20.109.210.53, 192.229.221.95, 13.95.31.18
              • Excluded domains from analysis (whitelisted): azurefd-t-fb-prod.trafficmanager.net, slscr.update.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, clients2.google.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com
              • Not all processes where analyzed, report is missing behavior information
              • Report size getting too big, too many NtSetInformationFile calls found.
              • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
              • VT rate limit hit for: https://us-usps-wukhzy.xyz/update/

              Simulations

              Behavior and APIs

              No simulations

              Joe Sandbox View / Context

              IPs

              No context

              Domains

              No context

              ASNs

              No context

              JA3 Fingerprints

              No context

              Dropped Files

              No context

              Created / dropped Files

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:48:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2677
              Entropy (8bit):3.967658895189168
              Encrypted:false
              SSDEEP:48:8edST0LKY0H5idAKZdA19ehwiZUklqehLy+3:8TQmYyky
              MD5:492430770D56C15939712664BA2F638F
              SHA1:5D0577F91781BF608962D56A2B417C3F4FC33DD7
              SHA-256:F5AC8415BA65394E0013F507CB7BFDE55C9F457065C6973E11FEEF0591845982
              SHA-512:B59DDFA33B80AFF77D4770130D355323363AE69AC1F6873D97F0B4159E6D43F0B8BD3840B51D22E459EB4E4D2AD30C82A48E2821C2F623B96561D31C4B3280DF
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,......`.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............U.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:48:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2679
              Entropy (8bit):3.983974860585648
              Encrypted:false
              SSDEEP:48:8OdST0LKY0H5idAKZdA1weh/iZUkAQkqehUy+2:8jQmYo9QBy
              MD5:4C618CF2537BC5BB20C38B654E4A9ADD
              SHA1:F8BB3CB5C6A1EC11E4C0CA4A3B52A36BC147F730
              SHA-256:5F7495F4CCAA4F47CD052BDFF478CC8E1C50050BB9246A71D70F900EDA97A71E
              SHA-512:A6C9A4298876A0E5B099D69555A2A913E629A518B2F49DBFF64A1735536936798E9EE1669FD304D08F959BDB9FD6023A0050705984423B4C90CD7D2F1A0D62E0
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,......Q.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............U.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2693
              Entropy (8bit):3.9933761889901116
              Encrypted:false
              SSDEEP:48:8xDdST0LKsH5idAKZdA14tseh7sFiZUkmgqeh7sSy+BX:8xgQmonoy
              MD5:6C3A6CC56CB6AEC2902B28B7BEF55926
              SHA1:9C520723EBB2E3F9A89490672799F2ADF5556837
              SHA-256:C44E626D646ED3D6A10CEB196E67ABA54597CABCA78FCC9B285AA44719ABF6CF
              SHA-512:119E57593330387DBEB9EE17FBE6FCCDDC40B2CF87CE05134BA2D92FE37851B7644A1B4C625EF29ACA325FC13AB6EF84215739085631B9352DC54788D3E94F14
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............U.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:48:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2681
              Entropy (8bit):3.9802421416713902
              Encrypted:false
              SSDEEP:48:87dST0LKY0H5idAKZdA1vehDiZUkwqehAy+R:84QmYzKy
              MD5:7DA03ED117808C0A83800B6A249A06EE
              SHA1:DBAB1CA2DFD1AB6189179E5BD3C0BDADEDE41648
              SHA-256:522A53AF31EB715BB828AA94D100C6B030862B657F964DDC9BFD0656E82602A0
              SHA-512:118A623A95FE6B468372DFB0092092177F23C00AD91F5D46741B1A8CA29085B416395B128E2268DFB5C0A2B3DB6CEAC1666F9682E7C1E0F0786DE46753715AAF
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,....K/H.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............U.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:48:06 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2681
              Entropy (8bit):3.9694949860749835
              Encrypted:false
              SSDEEP:48:8PdST0LKY0H5idAKZdA1hehBiZUk1W1qehWy+C:88QmYj92y
              MD5:70CE82F8A72BDA433673B0FFBF3AC48E
              SHA1:B87BB38F14E2BF07A4248810A1AC46746148DDD5
              SHA-256:513E88B780EC5EC49A336556319A6867305F70AB955408C22363DFE38715984F
              SHA-512:B94224CCB7721FA3BA4D9732B49E56B6AF9ACD8E17261EF28B75D156136C1E1081753E28DDE51F22CFB0698EC16832B7BB9371B6711D7CFDD6272C1AC334E93B
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,...._.X.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............U.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

              Download File
              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:48:05 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
              Category:dropped
              Size (bytes):2683
              Entropy (8bit):3.979561761079626
              Encrypted:false
              SSDEEP:48:8FdST0LKY0H5idAKZdA1duT+ehOuTbbiZUk5OjqehOuTboy+yT+:8qQmYTT/TbxWOvTboy7T
              MD5:859E6F47FACFC1B1DC49B0C317C443ED
              SHA1:FD8BAE1A42600998BE48DC2EF503310734EADC51
              SHA-256:6D8CECA125B1C22F7BEA2032C30AA0C08AB74E5C0E621A4B259453EEC8E0909A
              SHA-512:E72C41B9768321C09373A1AF00AAA5DF40DC4B24F8866BE78B51D82291BBFF598E0C0F395A9C21334296E4EA03A3D65068FDE51E56B82248D194B500A47329E1
              Malicious:false
              Reputation:low
              Preview:L..................F.@.. ...$+.,......>.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............U.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

              Static File Info

              No static file info

              Network Behavior

              Network Port Distribution

              TCP Packets

              TimestampSource PortDest PortSource IPDest IP
              Oct 6, 2024 18:47:54.831691027 CEST49674443192.168.2.523.1.237.91
              Oct 6, 2024 18:47:54.941063881 CEST49673443192.168.2.523.1.237.91
              Oct 6, 2024 18:47:54.941194057 CEST49675443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:04.607562065 CEST49675443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:04.607569933 CEST49673443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:04.607569933 CEST49674443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:06.148309946 CEST4434970323.1.237.91192.168.2.5
              Oct 6, 2024 18:48:06.148514032 CEST49703443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:08.788783073 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:08.788873911 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:08.789596081 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:08.790097952 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:08.790132046 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:09.432723999 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:09.437688112 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:09.437784910 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:09.439403057 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:09.439501047 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:09.442415953 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:09.442519903 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:09.513895035 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:09.513925076 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:09.639259100 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:16.930080891 CEST49703443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:16.935590982 CEST4434970323.1.237.91192.168.2.5
              Oct 6, 2024 18:48:16.936722994 CEST49703443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:16.938491106 CEST49718443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:16.938585997 CEST4434971823.1.237.91192.168.2.5
              Oct 6, 2024 18:48:16.938920021 CEST49718443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:16.942014933 CEST49718443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:16.942014933 CEST4434970323.1.237.91192.168.2.5
              Oct 6, 2024 18:48:16.942039013 CEST4434971823.1.237.91192.168.2.5
              Oct 6, 2024 18:48:17.530061960 CEST4434971823.1.237.91192.168.2.5
              Oct 6, 2024 18:48:17.530153990 CEST49718443192.168.2.523.1.237.91
              Oct 6, 2024 18:48:18.477813005 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:18.477869034 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:18.478367090 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:18.480122089 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:18.480156898 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.162636995 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.162996054 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.211256981 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.211301088 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.211637974 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.222830057 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.263493061 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.335583925 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:19.335732937 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:19.336071968 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:19.352673054 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.352699995 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.352746010 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.352950096 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.353024006 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.353070974 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.353408098 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.436741114 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.436762094 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.436888933 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.436952114 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.437067032 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.443238020 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.443250895 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.443342924 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.443423986 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.443773031 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.526521921 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.526546001 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.526742935 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.526807070 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.526887894 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.527601004 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.527623892 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.527686119 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.527703047 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.527802944 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.529247046 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.529272079 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.529360056 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.529373884 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.529438019 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.533509970 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.533533096 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.533643007 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.533658028 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.533714056 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.617070913 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.617089987 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.617180109 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.617247105 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.617309093 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.617938995 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.617953062 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.618016005 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.618031979 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.618156910 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.618830919 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.618845940 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.618927002 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.618941069 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.618993998 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.619853973 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.619868994 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.619935036 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.619949102 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.620016098 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.620659113 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.620673895 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.620752096 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.620764971 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.620831013 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.621644020 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.621659040 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.621733904 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.621747971 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.621809006 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.621865988 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.621881008 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.621906042 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.621953964 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.622148991 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.622184992 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.622212887 CEST49722443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.622226954 CEST4434972213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.737189054 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.737241030 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.737373114 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.739272118 CEST49724443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.739403009 CEST4434972413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.739581108 CEST49724443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.741342068 CEST49725443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.741379976 CEST4434972513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.741455078 CEST49725443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.741835117 CEST49725443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.741848946 CEST4434972513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.741913080 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.741944075 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.743191957 CEST49726443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.743199110 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.743504047 CEST49726443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.744182110 CEST49724443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.744223118 CEST4434972413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.745235920 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.745265961 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.745417118 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.745635033 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.745659113 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:19.745855093 CEST49726443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:19.745867014 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.401690006 CEST4434972413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.404851913 CEST49724443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.404912949 CEST4434972413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.405680895 CEST49724443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.405694962 CEST4434972413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.415934086 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.416529894 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.416680098 CEST49726443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.416724920 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.417934895 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.418154955 CEST49726443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.418162107 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.418812037 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.418834925 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.419905901 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.419910908 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.420398951 CEST4434972513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.421128035 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.421164036 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.422216892 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.422229052 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.422522068 CEST49725443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.422530890 CEST4434972513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.423149109 CEST49725443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.423155069 CEST4434972513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.470967054 CEST49711443192.168.2.5216.58.206.68
              Oct 6, 2024 18:48:20.471003056 CEST44349711216.58.206.68192.168.2.5
              Oct 6, 2024 18:48:20.687066078 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687068939 CEST4434972413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687087059 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687136889 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687156916 CEST4434972413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687189102 CEST49726443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.687206984 CEST49724443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.687403917 CEST4434972513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687422991 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687453032 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687465906 CEST4434972513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687505960 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.687530041 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687558889 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687561035 CEST49725443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.687568903 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.687602997 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.687791109 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687841892 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687863111 CEST49726443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.687880039 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.687886000 CEST4434972613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687896967 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.687959909 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.688138962 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.690473080 CEST49725443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.690479040 CEST4434972513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.691462994 CEST49723443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.691481113 CEST4434972313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.692405939 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.692420959 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.692497015 CEST49727443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.692502022 CEST4434972713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.693332911 CEST49724443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.693336964 CEST4434972413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.698530912 CEST49728443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.698554039 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.698616982 CEST49728443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.701006889 CEST49729443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.701097012 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.701255083 CEST49729443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.702945948 CEST49730443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.702981949 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.703049898 CEST49730443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.703268051 CEST49728443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.703279018 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.704046965 CEST49731443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.704055071 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.704152107 CEST49731443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.704320908 CEST49731443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.704329967 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.705365896 CEST49732443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.705393076 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.705447912 CEST49732443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.705642939 CEST49729443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.705698967 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.705936909 CEST49730443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.705964088 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:20.706063986 CEST49732443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:20.706077099 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.508614063 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.509125948 CEST49729443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.509176970 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.509578943 CEST49729443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.509586096 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.515324116 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.515671968 CEST49728443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.515710115 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.516052961 CEST49728443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.516058922 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.516232967 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.516413927 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.516495943 CEST49731443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.516508102 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.516746044 CEST49732443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.516818047 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.516891956 CEST49731443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.516896963 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.516906023 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.517155886 CEST49732443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.517173052 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.517312050 CEST49730443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.517338037 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.517620087 CEST49730443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.517625093 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.617552996 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.617633104 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.617784977 CEST49729443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.617826939 CEST49729443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.617849112 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.617866039 CEST49729443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.617872953 CEST4434972913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.620537996 CEST49733443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.620574951 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.620650053 CEST49733443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.620819092 CEST49733443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.620832920 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.621644020 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.621795893 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.621855974 CEST49728443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.621906042 CEST49728443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.621906042 CEST49728443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.621922970 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.621933937 CEST4434972813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.624315023 CEST49734443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.624324083 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.624393940 CEST49734443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.624490023 CEST49734443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.624500990 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.626192093 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.626334906 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.626393080 CEST49731443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.626435995 CEST49731443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.626435995 CEST49731443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.626442909 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.626451015 CEST4434973113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.627269983 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.627445936 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.627513885 CEST49732443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.627593040 CEST49732443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.627593040 CEST49732443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.627645969 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.627666950 CEST4434973213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.628676891 CEST49735443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.628722906 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.628782988 CEST49735443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.628911018 CEST49735443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.628938913 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.629039049 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.629177094 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.629261017 CEST49730443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.629509926 CEST49730443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.629513979 CEST49736443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.629519939 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.629535913 CEST49730443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.629540920 CEST4434973013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.629599094 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.630027056 CEST49736443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.630134106 CEST49736443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.630162954 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.631488085 CEST49737443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.631573915 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:21.631649017 CEST49737443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.631772995 CEST49737443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:21.631803989 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.282171965 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.282654047 CEST49734443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.282677889 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.283107042 CEST49734443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.283112049 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.285861015 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.286196947 CEST49735443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.286267996 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.286545038 CEST49735443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.286557913 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.287492037 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.287775993 CEST49736443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.287837982 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.288109064 CEST49736443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.288122892 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.302309036 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.302639008 CEST49733443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.302647114 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.303020000 CEST49733443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.303025007 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.337632895 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.338007927 CEST49737443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.338064909 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.338386059 CEST49737443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.338399887 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.387929916 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.388098001 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.388174057 CEST49734443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.388201952 CEST49734443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.388219118 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.388226986 CEST49734443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.388232946 CEST4434973413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.390726089 CEST49738443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.390784025 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.390902042 CEST49738443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.391033888 CEST49738443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.391062021 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.394272089 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.394413948 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.394529104 CEST49736443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.394607067 CEST49736443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.394607067 CEST49736443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.394651890 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.394680023 CEST4434973613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.395114899 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.395248890 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.395401955 CEST49735443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.395483971 CEST49735443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.395523071 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.395572901 CEST49735443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.395589113 CEST4434973513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.397445917 CEST49739443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.397516012 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.397600889 CEST49739443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.397730112 CEST49740443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.397738934 CEST49739443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.397775888 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.397814035 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.397890091 CEST49740443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.397994041 CEST49740443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.398030043 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.414849043 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.414916992 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.414966106 CEST49733443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.415018082 CEST49733443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.415023088 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.415050983 CEST49733443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.415054083 CEST4434973313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.416790962 CEST49741443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.416825056 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.416970015 CEST49741443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.417092085 CEST49741443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.417110920 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.452557087 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.452685118 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.452855110 CEST49737443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.452990055 CEST49737443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.452990055 CEST49737443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.453033924 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.453064919 CEST4434973713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.455837011 CEST49742443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.455851078 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:22.455981970 CEST49742443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.456098080 CEST49742443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:22.456108093 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.094538927 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.094957113 CEST49740443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.095005035 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.095037937 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.095345020 CEST49738443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.095417976 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.095467091 CEST49740443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.095479012 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.095918894 CEST49738443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.095933914 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.114952087 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.115086079 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.115345001 CEST49739443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.115382910 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.115454912 CEST49742443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.115463972 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.115905046 CEST49742443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.115910053 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.116039991 CEST49739443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.116050005 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.122493982 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.122781038 CEST49741443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.122790098 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.123152018 CEST49741443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.123157024 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.201884031 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.202018976 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.202085972 CEST49740443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.202163935 CEST49740443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.202194929 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.202209949 CEST49740443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.202218056 CEST4434974013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.204941988 CEST49743443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.204991102 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.205132008 CEST49743443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.205287933 CEST49743443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.205311060 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.209446907 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.209532976 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.209635019 CEST49738443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.209712029 CEST49738443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.209712029 CEST49738443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.209754944 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.209795952 CEST4434973813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.211467981 CEST49744443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.211502075 CEST4434974413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.211566925 CEST49744443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.211666107 CEST49744443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.211677074 CEST4434974413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.224284887 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.224348068 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.224422932 CEST49742443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.224484921 CEST49742443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.224498987 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.224509954 CEST49742443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.224515915 CEST4434974213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.226968050 CEST49745443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.227052927 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.227133989 CEST49745443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.227264881 CEST49745443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.227298975 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.238167048 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.238245010 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.238322020 CEST49741443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.238343954 CEST49741443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.238353968 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.238357067 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.238368034 CEST49741443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.238373995 CEST4434974113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.238420963 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.238500118 CEST49739443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.238678932 CEST49739443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.238678932 CEST49739443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.238714933 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.238739967 CEST4434973913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.239981890 CEST49746443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.240005970 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.240094900 CEST49746443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.240189075 CEST49746443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.240214109 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.240499973 CEST49747443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.240513086 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.240736961 CEST49747443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.240854979 CEST49747443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.240868092 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.861695051 CEST4434974413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.862540960 CEST49744443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.862560987 CEST4434974413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.864095926 CEST49744443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.864101887 CEST4434974413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.890119076 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.890172005 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.890541077 CEST49746443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.890597105 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.890942097 CEST49746443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.890957117 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.890954018 CEST49743443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.891032934 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.891447067 CEST49743443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.891459942 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.895428896 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.895787954 CEST49745443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.895802975 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.897990942 CEST49745443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.898000002 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.901583910 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.901940107 CEST49747443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.901963949 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.902239084 CEST49747443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.902249098 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.969249964 CEST4434974413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.969376087 CEST4434974413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.969535112 CEST49744443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.969535112 CEST49744443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.969635010 CEST49744443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.969651937 CEST4434974413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.972660065 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.972708941 CEST4434974813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.972887039 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.972887039 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.972939014 CEST4434974813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.997906923 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.997976065 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.998193979 CEST49746443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.998337984 CEST49746443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.998338938 CEST49746443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:23.998383045 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:23.998409033 CEST4434974613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.001066923 CEST49749443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.001111031 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.001184940 CEST49749443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.001542091 CEST49749443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.001554966 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.003315926 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.003478050 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.003732920 CEST49743443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.003791094 CEST49743443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.003820896 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.003856897 CEST49743443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.003873110 CEST4434974313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.006455898 CEST49750443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.006468058 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.006536007 CEST49750443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.006743908 CEST49750443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.006756067 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.007291079 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.007369995 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.007421970 CEST49745443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.007821083 CEST49745443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.007821083 CEST49745443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.007852077 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.007879019 CEST4434974513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.010030031 CEST49751443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.010130882 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.010257959 CEST49751443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.010281086 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.010418892 CEST49751443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.010421991 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.010454893 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.010560036 CEST49747443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.010606050 CEST49747443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.010606050 CEST49747443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.010618925 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.010631084 CEST4434974713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.013372898 CEST49752443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.013397932 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.013469934 CEST49752443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.013766050 CEST49752443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.013786077 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.655107975 CEST4434974813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.655860901 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.655915022 CEST4434974813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.656574965 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.656588078 CEST4434974813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.661922932 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.662508011 CEST49751443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.662522078 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.663018942 CEST49751443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.663028002 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.663208961 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.663525105 CEST49750443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.663554907 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.663928986 CEST49750443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.663934946 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.667428017 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.667927980 CEST49749443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.667944908 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.668359995 CEST49749443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.668365002 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.694796085 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.695888996 CEST49752443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.695907116 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.696403027 CEST49752443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.696409941 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.771414042 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.771416903 CEST4434974813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.771477938 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.771616936 CEST4434974813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.771693945 CEST49751443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.771811008 CEST49751443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.771811008 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.771811008 CEST49751443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.771811008 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.771811962 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.771867990 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.771908998 CEST4434975113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.772624016 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.772753954 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.772813082 CEST49750443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.773216963 CEST49750443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.773231983 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.773243904 CEST49750443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.773251057 CEST4434975013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.774739027 CEST49753443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.774812937 CEST4434975313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.774912119 CEST49753443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.775059938 CEST49753443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.775079966 CEST4434975313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.775221109 CEST49754443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.775242090 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.775304079 CEST49754443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.775454998 CEST49754443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.775480986 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.776231050 CEST49755443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.776262045 CEST4434975513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.776346922 CEST49755443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.776468992 CEST49755443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.776475906 CEST4434975513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.778042078 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.778181076 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.778234005 CEST49749443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.778256893 CEST49749443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.778261900 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.778274059 CEST49749443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.778278112 CEST4434974913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.780282021 CEST49756443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.780364037 CEST4434975613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.780543089 CEST49756443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.780647039 CEST49756443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.780682087 CEST4434975613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.806286097 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.806428909 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.806503057 CEST49752443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.806570053 CEST49752443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.806570053 CEST49752443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.806583881 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.806595087 CEST4434975213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.808320999 CEST49757443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.808366060 CEST4434975713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:24.808429003 CEST49757443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.808516026 CEST49757443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:24.808533907 CEST4434975713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.076210022 CEST49748443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.076266050 CEST4434974813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.434844971 CEST4434975613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.435787916 CEST49756443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.435867071 CEST4434975613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.436173916 CEST49756443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.436189890 CEST4434975613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.447052002 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.447666883 CEST49754443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.447716951 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.448199034 CEST49754443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.448213100 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.463047981 CEST4434975713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.463479996 CEST49757443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.463522911 CEST4434975713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.463954926 CEST49757443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.463963985 CEST4434975713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.466137886 CEST4434975313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.466531992 CEST49753443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.466552019 CEST4434975313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.466908932 CEST49753443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.466918945 CEST4434975313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.469955921 CEST4434975513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.470448017 CEST49755443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.470460892 CEST4434975513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.470813990 CEST49755443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.470818996 CEST4434975513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.543678045 CEST4434975613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.543826103 CEST4434975613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.544018984 CEST49756443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.544018984 CEST49756443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.544125080 CEST49756443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.544167995 CEST4434975613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.547118902 CEST49758443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.547199011 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.547293901 CEST49758443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.547475100 CEST49758443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.547489882 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.558938980 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.559000015 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.559094906 CEST49754443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.559178114 CEST49754443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.559218884 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.559253931 CEST49754443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.559269905 CEST4434975413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.561506987 CEST49759443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.561597109 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.561810970 CEST49759443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.561810970 CEST49759443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.561893940 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.571054935 CEST4434975713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.571197987 CEST4434975713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.571281910 CEST49757443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.571281910 CEST49757443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.571831942 CEST49757443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.571857929 CEST4434975713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.573498964 CEST49760443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.573580027 CEST4434976013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.573781013 CEST49760443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.573781013 CEST49760443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.573857069 CEST4434976013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.580950022 CEST4434975313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.581116915 CEST4434975313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.581250906 CEST49753443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.581250906 CEST49753443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.581444979 CEST49753443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.581466913 CEST4434975313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.583426952 CEST49761443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.583476067 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.583641052 CEST49761443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.583641052 CEST49761443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.583684921 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.585077047 CEST4434975513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.585141897 CEST4434975513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.585314035 CEST49755443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.585314035 CEST49755443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.585467100 CEST49755443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.585491896 CEST4434975513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.587188959 CEST49762443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.587227106 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:25.587441921 CEST49762443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.587441921 CEST49762443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:25.587482929 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.205826998 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.206518888 CEST49758443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.206590891 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.207055092 CEST49758443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.207067966 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.219537973 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.219980955 CEST49759443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.220026970 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.220460892 CEST49759443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.220468044 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.251074076 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.251537085 CEST49762443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.251559973 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.251955032 CEST49762443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.251960993 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.289973974 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.290507078 CEST49761443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.290538073 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.290874958 CEST49761443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.290884018 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.291662931 CEST4434976013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.292026043 CEST49760443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.292053938 CEST4434976013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.292504072 CEST49760443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.292510033 CEST4434976013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.314781904 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.314920902 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.314987898 CEST49758443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.315184116 CEST49758443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.315222979 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.315258026 CEST49758443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.315273046 CEST4434975813.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.318377972 CEST49763443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.318428993 CEST4434976313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.318595886 CEST49763443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.318634033 CEST49763443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.318643093 CEST4434976313.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.330913067 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.331039906 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.331259012 CEST49759443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.331320047 CEST49759443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.331334114 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.331361055 CEST49759443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.331367016 CEST4434975913.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.333636045 CEST49764443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.333664894 CEST4434976413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.333790064 CEST49764443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.333962917 CEST49764443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.333973885 CEST4434976413.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.362098932 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.362153053 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.362226009 CEST49762443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.362366915 CEST49762443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.362380981 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.362410069 CEST49762443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.362416029 CEST4434976213.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.364443064 CEST49765443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.364516020 CEST4434976513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.364749908 CEST49765443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.364749908 CEST49765443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.364799023 CEST4434976513.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.406197071 CEST4434976013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.406354904 CEST4434976013.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.406455040 CEST49760443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.406455040 CEST49760443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.406455040 CEST49760443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.406630993 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.406714916 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.406786919 CEST49761443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.406826019 CEST49761443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.406826973 CEST49761443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.406847000 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.406867027 CEST4434976113.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.408571005 CEST49766443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.408631086 CEST4434976613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.408694983 CEST49766443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.408797026 CEST49767443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.408821106 CEST49766443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.408827066 CEST4434976713.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.408842087 CEST4434976613.107.253.72192.168.2.5
              Oct 6, 2024 18:48:26.408920050 CEST49767443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.409112930 CEST49767443192.168.2.513.107.253.72
              Oct 6, 2024 18:48:26.409125090 CEST4434976713.107.253.72192.168.2.5

              UDP Packets

              TimestampSource PortDest PortSource IPDest IP
              Oct 6, 2024 18:48:04.469893932 CEST53495411.1.1.1192.168.2.5
              Oct 6, 2024 18:48:04.470470905 CEST53583031.1.1.1192.168.2.5
              Oct 6, 2024 18:48:05.665626049 CEST53551791.1.1.1192.168.2.5
              Oct 6, 2024 18:48:05.788950920 CEST5459153192.168.2.51.1.1.1
              Oct 6, 2024 18:48:05.789381981 CEST5702753192.168.2.51.1.1.1
              Oct 6, 2024 18:48:05.799166918 CEST53570271.1.1.1192.168.2.5
              Oct 6, 2024 18:48:05.804501057 CEST53545911.1.1.1192.168.2.5
              Oct 6, 2024 18:48:05.805241108 CEST5328253192.168.2.51.1.1.1
              Oct 6, 2024 18:48:05.881969929 CEST53532821.1.1.1192.168.2.5
              Oct 6, 2024 18:48:05.950045109 CEST5134853192.168.2.58.8.8.8
              Oct 6, 2024 18:48:05.950592995 CEST6369353192.168.2.51.1.1.1
              Oct 6, 2024 18:48:05.956904888 CEST53513488.8.8.8192.168.2.5
              Oct 6, 2024 18:48:05.957535982 CEST53636931.1.1.1192.168.2.5
              Oct 6, 2024 18:48:06.975358009 CEST4976153192.168.2.51.1.1.1
              Oct 6, 2024 18:48:06.975543022 CEST6454753192.168.2.51.1.1.1
              Oct 6, 2024 18:48:06.984920025 CEST53645471.1.1.1192.168.2.5
              Oct 6, 2024 18:48:06.985503912 CEST53497611.1.1.1192.168.2.5
              Oct 6, 2024 18:48:06.999756098 CEST5121253192.168.2.51.1.1.1
              Oct 6, 2024 18:48:06.999851942 CEST5810653192.168.2.51.1.1.1
              Oct 6, 2024 18:48:07.010914087 CEST53512121.1.1.1192.168.2.5
              Oct 6, 2024 18:48:07.016645908 CEST53581061.1.1.1192.168.2.5
              Oct 6, 2024 18:48:08.749331951 CEST5741653192.168.2.51.1.1.1
              Oct 6, 2024 18:48:08.750091076 CEST6046653192.168.2.51.1.1.1
              Oct 6, 2024 18:48:08.756453991 CEST53574161.1.1.1192.168.2.5
              Oct 6, 2024 18:48:08.759118080 CEST53604661.1.1.1192.168.2.5
              Oct 6, 2024 18:48:12.056835890 CEST6047553192.168.2.51.1.1.1
              Oct 6, 2024 18:48:12.056974888 CEST4957053192.168.2.51.1.1.1
              Oct 6, 2024 18:48:12.082298040 CEST53495701.1.1.1192.168.2.5
              Oct 6, 2024 18:48:12.082457066 CEST53604751.1.1.1192.168.2.5
              Oct 6, 2024 18:48:12.084552050 CEST5444853192.168.2.51.1.1.1
              Oct 6, 2024 18:48:12.093831062 CEST53544481.1.1.1192.168.2.5
              Oct 6, 2024 18:48:22.725941896 CEST53563441.1.1.1192.168.2.5

              DNS Queries

              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
              Oct 6, 2024 18:48:05.788950920 CEST192.168.2.51.1.1.10xd377Standard query (0)us-usps-wukhzy.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:05.789381981 CEST192.168.2.51.1.1.10x977Standard query (0)us-usps-wukhzy.xyz65IN (0x0001)false
              Oct 6, 2024 18:48:05.805241108 CEST192.168.2.51.1.1.10xce9bStandard query (0)us-usps-wukhzy.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:05.950045109 CEST192.168.2.58.8.8.80xe3a6Standard query (0)google.comA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:05.950592995 CEST192.168.2.51.1.1.10x6bcaStandard query (0)google.comA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:06.975358009 CEST192.168.2.51.1.1.10x4cd4Standard query (0)us-usps-wukhzy.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:06.975543022 CEST192.168.2.51.1.1.10xf046Standard query (0)us-usps-wukhzy.xyz65IN (0x0001)false
              Oct 6, 2024 18:48:06.999756098 CEST192.168.2.51.1.1.10x747aStandard query (0)us-usps-wukhzy.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:06.999851942 CEST192.168.2.51.1.1.10xc5aaStandard query (0)us-usps-wukhzy.xyz65IN (0x0001)false
              Oct 6, 2024 18:48:08.749331951 CEST192.168.2.51.1.1.10xc8b6Standard query (0)www.google.comA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:08.750091076 CEST192.168.2.51.1.1.10xa2e5Standard query (0)www.google.com65IN (0x0001)false
              Oct 6, 2024 18:48:12.056835890 CEST192.168.2.51.1.1.10xb692Standard query (0)us-usps-wukhzy.xyzA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:12.056974888 CEST192.168.2.51.1.1.10xc563Standard query (0)us-usps-wukhzy.xyz65IN (0x0001)false
              Oct 6, 2024 18:48:12.084552050 CEST192.168.2.51.1.1.10x388dStandard query (0)us-usps-wukhzy.xyzA (IP address)IN (0x0001)false

              DNS Answers

              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
              Oct 6, 2024 18:48:05.799166918 CEST1.1.1.1192.168.2.50x977Name error (3)us-usps-wukhzy.xyznonenone65IN (0x0001)false
              Oct 6, 2024 18:48:05.804501057 CEST1.1.1.1192.168.2.50xd377Name error (3)us-usps-wukhzy.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:05.881969929 CEST1.1.1.1192.168.2.50xce9bName error (3)us-usps-wukhzy.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:05.956904888 CEST8.8.8.8192.168.2.50xe3a6No error (0)google.com142.250.184.206A (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:05.957535982 CEST1.1.1.1192.168.2.50x6bcaNo error (0)google.com142.250.185.174A (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:06.984920025 CEST1.1.1.1192.168.2.50xf046Name error (3)us-usps-wukhzy.xyznonenone65IN (0x0001)false
              Oct 6, 2024 18:48:06.985503912 CEST1.1.1.1192.168.2.50x4cd4Name error (3)us-usps-wukhzy.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:07.010914087 CEST1.1.1.1192.168.2.50x747aName error (3)us-usps-wukhzy.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:07.016645908 CEST1.1.1.1192.168.2.50xc5aaName error (3)us-usps-wukhzy.xyznonenone65IN (0x0001)false
              Oct 6, 2024 18:48:08.756453991 CEST1.1.1.1192.168.2.50xc8b6No error (0)www.google.com216.58.206.68A (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:08.759118080 CEST1.1.1.1192.168.2.50xa2e5No error (0)www.google.com65IN (0x0001)false
              Oct 6, 2024 18:48:12.082298040 CEST1.1.1.1192.168.2.50xc563Name error (3)us-usps-wukhzy.xyznonenone65IN (0x0001)false
              Oct 6, 2024 18:48:12.082457066 CEST1.1.1.1192.168.2.50xb692Name error (3)us-usps-wukhzy.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:12.093831062 CEST1.1.1.1192.168.2.50x388dName error (3)us-usps-wukhzy.xyznonenoneA (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:15.421664000 CEST1.1.1.1192.168.2.50xe9d7No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:15.421664000 CEST1.1.1.1192.168.2.50xe9d7No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:16.186178923 CEST1.1.1.1192.168.2.50xaa95No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
              Oct 6, 2024 18:48:16.186178923 CEST1.1.1.1192.168.2.50xaa95No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
              Oct 6, 2024 18:48:18.476483107 CEST1.1.1.1192.168.2.50x9243No error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.netazurefd-t-fb-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
              Oct 6, 2024 18:48:18.476483107 CEST1.1.1.1192.168.2.50x9243No error (0)dual.s-part-0044.t-0009.fb-t-msedge.nets-part-0044.t-0009.fb-t-msedge.netCNAME (Canonical name)IN (0x0001)false
              Oct 6, 2024 18:48:18.476483107 CEST1.1.1.1192.168.2.50x9243No error (0)s-part-0044.t-0009.fb-t-msedge.net13.107.253.72A (IP address)IN (0x0001)false

              HTTP Request Dependency Graph

              • otelrules.azureedge.net

              HTTPS Proxied Packets

              Session IDSource IPSource PortDestination IPDestination Port
              0192.168.2.54972213.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:19 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:19 UTC561INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:19 GMT
              Content-Type: text/plain
              Content-Length: 218853
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public
              Last-Modified: Fri, 04 Oct 2024 23:21:50 GMT
              ETag: "0x8DCE4CB535A72FA"
              x-ms-request-id: 4dad204e-401e-005b-4bf5-169c0c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164819Z-r154656d9bcn4d55dey6ma44b00000000d8000000000e81r
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:19 UTC15823INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
              Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
              2024-10-06 16:48:19 UTC16384INData Raw: 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
              Data Ascii: <S T="1" F="0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L>
              2024-10-06 16:48:19 UTC16384INData Raw: 3c 53 20 54 3d 22 33 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d
              Data Ascii: <S T="3" /> </T> <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-
              2024-10-06 16:48:19 UTC16384INData Raw: 6e 74 73 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a
              Data Ascii: nts" /> </C> <C T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" />
              2024-10-06 16:48:19 UTC16384INData Raw: 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
              Data Ascii: </S> <C T="U32" I="0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32"
              2024-10-06 16:48:19 UTC16384INData Raw: 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20
              Data Ascii: _Count"> <C> <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S
              2024-10-06 16:48:19 UTC16384INData Raw: 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22
              Data Ascii: <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3"
              2024-10-06 16:48:19 UTC16384INData Raw: 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65
              Data Ascii: </L> <R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false
              2024-10-06 16:48:19 UTC16384INData Raw: 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20
              Data Ascii: T="B" /> </R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" />
              2024-10-06 16:48:19 UTC16384INData Raw: 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54
              Data Ascii: O> </F> <F T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T


              Session IDSource IPSource PortDestination IPDestination Port
              1192.168.2.54972413.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:20 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:20 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:20 GMT
              Content-Type: text/xml
              Content-Length: 450
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
              ETag: "0x8DC582BD4C869AE"
              x-ms-request-id: 92b6e55f-b01e-003d-50eb-17d32c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164820Z-1767f7688dc5plpppuk35q59aw0000000qpg00000000f2gw
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:20 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


              Session IDSource IPSource PortDestination IPDestination Port
              2192.168.2.54972613.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:20 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:20 UTC563INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:20 GMT
              Content-Type: text/xml
              Content-Length: 2980
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
              ETag: "0x8DC582BA80D96A1"
              x-ms-request-id: b9d87bc3-001e-008d-128c-15d91e000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164820Z-1767f7688dczvnhxbpcveghk5g0000000aag000000006xqm
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:20 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


              Session IDSource IPSource PortDestination IPDestination Port
              3192.168.2.54972313.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:20 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:20 UTC563INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:20 GMT
              Content-Type: text/xml
              Content-Length: 3788
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
              ETag: "0x8DC582BAC2126A6"
              x-ms-request-id: 265a1445-001e-00a2-25c7-17d4d5000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164820Z-1767f7688dc88qkvtwr7dy4vdn000000096000000000673t
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:20 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


              Session IDSource IPSource PortDestination IPDestination Port
              4192.168.2.54972713.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:20 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:20 UTC584INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:20 GMT
              Content-Type: text/xml
              Content-Length: 2160
              Connection: close
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Vary: Accept-Encoding
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
              ETag: "0x8DC582BA3B95D81"
              x-ms-request-id: ec1acd5e-601e-00ab-3736-1666f4000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164820Z-r154656d9bc5qmxtyvgyzcay0c0000000d5g00000000nm1v
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:20 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


              Session IDSource IPSource PortDestination IPDestination Port
              5192.168.2.54972513.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:20 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:20 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:20 GMT
              Content-Type: text/xml
              Content-Length: 408
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
              ETag: "0x8DC582BB56D3AFB"
              x-ms-request-id: 4b0a31e7-c01e-00ad-448c-15a2b9000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164820Z-r154656d9bcclz9cswng83z0t000000009g0000000002m7p
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:20 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              6192.168.2.54972913.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:21 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:21 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:21 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
              ETag: "0x8DC582BB10C598B"
              x-ms-request-id: 24b39cfc-301e-0096-2a8c-15e71d000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164821Z-r154656d9bcpnqc46yk454phh800000002k0000000005gq4
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:21 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              7192.168.2.54972813.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:21 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:21 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:21 GMT
              Content-Type: text/xml
              Content-Length: 474
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
              ETag: "0x8DC582B9964B277"
              x-ms-request-id: aa8826a4-b01e-0053-608c-15cdf8000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164821Z-r154656d9bc94jg685tuhe75qw0000000da0000000007ke9
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:21 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              8192.168.2.54973113.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:21 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:21 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:21 GMT
              Content-Type: text/xml
              Content-Length: 467
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
              ETag: "0x8DC582BA6C038BC"
              x-ms-request-id: b2393cc3-501e-005b-768c-15d7f7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164821Z-1767f7688dc5std64kd3n8sca4000000079g000000006eu1
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:21 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              9192.168.2.54973213.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:21 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:21 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:21 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
              ETag: "0x8DC582B9F6F3512"
              x-ms-request-id: 757ce4f4-401e-000a-128c-154a7b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164821Z-1767f7688dcsjpdx60gbb8v42g0000000a1000000000h37s
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:21 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              10192.168.2.54973013.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:21 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:21 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:21 GMT
              Content-Type: text/xml
              Content-Length: 632
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
              ETag: "0x8DC582BB6E3779E"
              x-ms-request-id: c55c0703-801e-00a0-3f04-182196000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164821Z-r154656d9bcvjnbgheqhz2uek80000000qug00000000e04m
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:21 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


              Session IDSource IPSource PortDestination IPDestination Port
              11192.168.2.54973413.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:22 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:22 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:22 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB344914B"
              x-ms-request-id: 1cc301c6-e01e-0071-6b8c-1508e7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164822Z-r154656d9bckpfgl7fe14swubc0000000dc00000000064g2
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:22 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              12192.168.2.54973513.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:22 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:22 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:22 GMT
              Content-Type: text/xml
              Content-Length: 427
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
              ETag: "0x8DC582BA310DA18"
              x-ms-request-id: 1cc301ca-e01e-0071-6f8c-1508e7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164822Z-1767f7688dcdvjcfkw13t1btbs0000000qv000000000hpf8
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:22 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              13192.168.2.54973613.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:22 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:22 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:22 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
              ETag: "0x8DC582B9018290B"
              x-ms-request-id: e0871f45-901e-00a0-0d8c-156a6d000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164822Z-r154656d9bczc24jcy1csnb0es000000017g000000003gvc
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:22 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              14192.168.2.54973313.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:22 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:22 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:22 GMT
              Content-Type: text/xml
              Content-Length: 407
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
              ETag: "0x8DC582BBAD04B7B"
              x-ms-request-id: cc223d3c-501e-008f-0ec7-179054000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164822Z-1767f7688dc5std64kd3n8sca40000000780000000008htn
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:22 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              15192.168.2.54973713.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:22 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:22 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:22 GMT
              Content-Type: text/xml
              Content-Length: 407
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
              ETag: "0x8DC582B9698189B"
              x-ms-request-id: 023e3944-a01e-003d-708c-1598d7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164822Z-1767f7688dcr9sxxmettbmaaq40000000r300000000004hk
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:22 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


              Session IDSource IPSource PortDestination IPDestination Port
              16192.168.2.54974013.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:23 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 477
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
              ETag: "0x8DC582BB8CEAC16"
              x-ms-request-id: 5e74a9a8-b01e-003d-569e-15d32c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-1767f7688dczvnhxbpcveghk5g0000000adg000000000kzd
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:23 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              17192.168.2.54973813.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:23 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 469
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
              ETag: "0x8DC582BBA701121"
              x-ms-request-id: 77844cee-a01e-0032-35c7-171949000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-1767f7688dcvlhnc8mxy0v1nqw00000001rg00000000heyu
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:23 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              18192.168.2.54974213.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:23 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 494
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
              ETag: "0x8DC582BB7010D66"
              x-ms-request-id: 79ade187-001e-0065-788c-150b73000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-r154656d9bc4v6bg39gwnbf5vn00000005b000000000hbpp
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:23 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              19192.168.2.54973913.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:23 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
              ETag: "0x8DC582BA41997E3"
              x-ms-request-id: c54fb296-901e-008f-528c-1567a6000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-r154656d9bc2dpb46dmu3uezks0000000d9g0000000099an
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:23 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              20192.168.2.54974113.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:23 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 464
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
              ETag: "0x8DC582B97FB6C3C"
              x-ms-request-id: 348a4018-801e-0078-54c7-17bac6000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-1767f7688dcvlhnc8mxy0v1nqw00000001wg00000000554x
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:23 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


              Session IDSource IPSource PortDestination IPDestination Port
              21192.168.2.54974413.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:23 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 472
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
              ETag: "0x8DC582B9DACDF62"
              x-ms-request-id: 8e9c869d-201e-000c-4b8c-1579c4000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-1767f7688dccc6lkbm0py95vf00000000qy000000000e3tu
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:23 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              22192.168.2.54974613.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:23 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 468
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
              ETag: "0x8DC582B9C8E04C8"
              x-ms-request-id: f71a7e49-201e-000c-5aa4-1579c4000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-1767f7688dc5smv9fdkth3nru00000000qu0000000008xc7
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:23 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              23192.168.2.54974313.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:23 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
              ETag: "0x8DC582B9748630E"
              x-ms-request-id: 0da94923-701e-0097-168c-15b8c1000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-r154656d9bclprr71vn2nvcemn0000000qug00000000a091
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:23 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              24192.168.2.54974513.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:24 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 404
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
              ETag: "0x8DC582B9E8EE0F3"
              x-ms-request-id: 4f10c824-e01e-0085-1c8c-15c311000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-1767f7688dcxjm7c0w73xyx8vs0000000qwg00000000hd0v
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:24 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


              Session IDSource IPSource PortDestination IPDestination Port
              25192.168.2.54974713.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:23 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:24 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:23 GMT
              Content-Type: text/xml
              Content-Length: 428
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
              ETag: "0x8DC582BAC4F34CA"
              x-ms-request-id: bc3bb15e-601e-003d-16f8-176f25000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164823Z-r154656d9bczbzfnyr5sz58vdw0000000d6g00000000gn12
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:24 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              26192.168.2.54974813.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:24 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:24 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:24 GMT
              Content-Type: text/xml
              Content-Length: 499
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
              ETag: "0x8DC582B98CEC9F6"
              x-ms-request-id: 22e42897-601e-0070-65c7-17a0c9000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164824Z-1767f7688dc9hz5543dfnckp1w0000000f2000000000846w
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:24 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              27192.168.2.54975113.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:24 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:24 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:24 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB32BB5CB"
              x-ms-request-id: c2ca9d4d-801e-0035-458c-15752a000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164824Z-r154656d9bcv7txsqsufsswrks0000000d5g00000000gby2
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:24 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              28192.168.2.54975013.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:24 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:24 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:24 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
              ETag: "0x8DC582BB5815C4C"
              x-ms-request-id: a910d2e0-401e-005b-72a6-159c0c000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164824Z-1767f7688dcnlss9sm3w9wbbbn00000003800000000018pu
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:24 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              29192.168.2.54974913.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:24 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:24 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:24 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B988EBD12"
              x-ms-request-id: 1e32dda0-e01e-000c-2bf8-178e36000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164824Z-r154656d9bcc2bdtn1pd2qfd4c0000000qqg00000000gc01
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:24 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              30192.168.2.54975213.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:24 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:24 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:24 GMT
              Content-Type: text/xml
              Content-Length: 494
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
              ETag: "0x8DC582BB8972972"
              x-ms-request-id: cce90406-001e-005a-059e-15c3d0000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164824Z-1767f7688dccbx4fmf9wh4mm3c0000000qf000000000d4r2
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:24 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              31192.168.2.54975613.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:25 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:25 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:25 GMT
              Content-Type: text/xml
              Content-Length: 486
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
              ETag: "0x8DC582B92FCB436"
              x-ms-request-id: 76615707-c01e-0082-6a8c-15af72000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164825Z-1767f7688dcrlt4tm55zgvcmun0000000qs0000000005gnr
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:25 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              32192.168.2.54975413.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:25 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:25 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:25 GMT
              Content-Type: text/xml
              Content-Length: 472
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
              ETag: "0x8DC582B9D43097E"
              x-ms-request-id: cc1dda0d-101e-0079-139e-155913000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164825Z-1767f7688dctps2t8qk28fz8yg0000000qu000000000419p
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:25 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              33192.168.2.54975713.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:25 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:25 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:25 GMT
              Content-Type: text/xml
              Content-Length: 423
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
              ETag: "0x8DC582BB7564CE8"
              x-ms-request-id: bb2e28bd-501e-0016-0b8c-15181b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164825Z-r154656d9bckpfgl7fe14swubc0000000d9g00000000b4qt
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:25 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


              Session IDSource IPSource PortDestination IPDestination Port
              34192.168.2.54975313.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:25 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:25 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:25 GMT
              Content-Type: text/xml
              Content-Length: 420
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
              ETag: "0x8DC582B9DAE3EC0"
              x-ms-request-id: a7623418-001e-00a2-348c-15d4d5000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164825Z-1767f7688dcvlhnc8mxy0v1nqw00000001z00000000001vr
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:25 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


              Session IDSource IPSource PortDestination IPDestination Port
              35192.168.2.54975513.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:25 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:25 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:25 GMT
              Content-Type: text/xml
              Content-Length: 427
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
              ETag: "0x8DC582BA909FA21"
              x-ms-request-id: a62739ea-301e-005d-6402-17e448000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164825Z-r154656d9bczbzfnyr5sz58vdw0000000da0000000008feb
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:25 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


              Session IDSource IPSource PortDestination IPDestination Port
              36192.168.2.54975813.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:26 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:26 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:26 GMT
              Content-Type: text/xml
              Content-Length: 478
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
              ETag: "0x8DC582B9B233827"
              x-ms-request-id: c4ad759c-701e-0001-2422-16b110000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164826Z-r154656d9bcmxqxrqrw0qrf8hg00000009qg000000000rvn
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:26 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              37192.168.2.54975913.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:26 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:26 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:26 GMT
              Content-Type: text/xml
              Content-Length: 404
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
              ETag: "0x8DC582B95C61A3C"
              x-ms-request-id: 0dcb6c6d-e01e-0003-668c-150fa8000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164826Z-1767f7688dc2kzqgyrtc6e2gp40000000qr0000000006bre
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:26 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


              Session IDSource IPSource PortDestination IPDestination Port
              38192.168.2.54976213.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:26 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:26 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:26 GMT
              Content-Type: text/xml
              Content-Length: 479
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
              ETag: "0x8DC582BB7D702D0"
              x-ms-request-id: ed9c017d-601e-000d-3e22-162618000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164826Z-r154656d9bc27nzfvdqr2guqt000000000q0000000004sya
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:26 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
              39192.168.2.54976113.107.253.724433868C:\Program Files\Google\Chrome\Application\chrome.exe
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:26 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:26 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:26 GMT
              Content-Type: text/xml
              Content-Length: 400
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
              ETag: "0x8DC582BB2D62837"
              x-ms-request-id: 9bed673a-001e-0046-278c-15da4b000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164826Z-1767f7688dcvlhnc8mxy0v1nqw00000001z00000000001wg
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:26 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


              Session IDSource IPSource PortDestination IPDestination Port
              40192.168.2.54976013.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:26 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:26 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:26 GMT
              Content-Type: text/xml
              Content-Length: 468
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
              ETag: "0x8DC582BB046B576"
              x-ms-request-id: 8789ddbb-a01e-0084-6a8c-159ccd000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164826Z-r154656d9bcc4snr2sy7ntt13c0000000a70000000007xtw
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:26 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              41192.168.2.54976313.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:26 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 425
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
              ETag: "0x8DC582BBA25094F"
              x-ms-request-id: 3a0dcc46-601e-0032-6c8c-15eebb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-r154656d9bczbzfnyr5sz58vdw0000000dc0000000004fp0
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


              Session IDSource IPSource PortDestination IPDestination Port
              42192.168.2.54976413.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 475
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
              ETag: "0x8DC582BB2BE84FD"
              x-ms-request-id: 15fe0b87-a01e-0002-3b8c-155074000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-1767f7688dcwt84hd6d7u4c7700000000qvg00000000bhsa
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              43192.168.2.54976513.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 448
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
              ETag: "0x8DC582BB389F49B"
              x-ms-request-id: 1f480944-c01e-002b-018c-156e00000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-r154656d9bcrxcdc4sxf91b6u400000007mg000000005q9u
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


              Session IDSource IPSource PortDestination IPDestination Port
              44192.168.2.54976613.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 491
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B98B88612"
              x-ms-request-id: 85e8bebc-601e-0032-1873-16eebb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-1767f7688dc5plpppuk35q59aw0000000qvg000000000mxe
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              45192.168.2.54976713.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 416
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
              ETag: "0x8DC582BAEA4B445"
              x-ms-request-id: 75858473-001e-000b-318c-1515a7000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-1767f7688dcnlss9sm3w9wbbbn000000031000000000gd4e
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


              Session IDSource IPSource PortDestination IPDestination Port
              46192.168.2.54976813.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 479
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
              ETag: "0x8DC582B989EE75B"
              x-ms-request-id: 76252b1b-c01e-0066-488c-15a1ec000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-r154656d9bc27nzfvdqr2guqt000000000kg00000000aqyu
              x-fd-int-roxy-purgeid: 0
              X-Cache-Info: L1_T2
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              47192.168.2.54976913.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC491INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 415
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
              ETag: "0x8DC582BA80D96A1"
              x-ms-request-id: cc687b4d-101e-0079-45b6-155913000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-r154656d9bcpnqc46yk454phh800000002e000000000dmp3
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              X-Cache-Info: L1_T2
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


              Session IDSource IPSource PortDestination IPDestination Port
              48192.168.2.54977013.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 471
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
              ETag: "0x8DC582B97E6FCDD"
              x-ms-request-id: b83a8dc4-f01e-003f-308c-15d19d000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-1767f7688dc4zx8hzkgqpgqkb400000008ng000000004nb2
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Session IDSource IPSource PortDestination IPDestination Port
              49192.168.2.54977113.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 419
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
              ETag: "0x8DC582B9C710B28"
              x-ms-request-id: c276760a-301e-0051-159c-1538bb000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-r154656d9bcgk58qzsfr5pfzg40000000qwg0000000091ge
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


              Session IDSource IPSource PortDestination IPDestination Port
              50192.168.2.54977213.107.253.72443
              TimestampBytes transferredDirectionData
              2024-10-06 16:48:27 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
              Connection: Keep-Alive
              Accept-Encoding: gzip
              User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
              Host: otelrules.azureedge.net
              2024-10-06 16:48:27 UTC470INHTTP/1.1 200 OK
              Date: Sun, 06 Oct 2024 16:48:27 GMT
              Content-Type: text/xml
              Content-Length: 477
              Connection: close
              Cache-Control: public, max-age=604800, immutable
              Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
              ETag: "0x8DC582BA54DCC28"
              x-ms-request-id: 7be6812e-d01e-008e-528c-15387a000000
              x-ms-version: 2018-03-28
              x-azure-ref: 20241006T164827Z-1767f7688dcdss7lwsep0egpxs0000000qqg000000008zu8
              x-fd-int-roxy-purgeid: 0
              X-Cache: TCP_HIT
              Accept-Ranges: bytes
              2024-10-06 16:48:27 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
              Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


              Statistics

              CPU Usage

              Click to jump to process

              Memory Usage

              Click to jump to process

              Behavior

              Click to jump to process

              System Behavior

              General

              Target ID:0
              Start time:12:47:58
              Start date:06/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:2
              Start time:12:48:03
              Start date:06/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=2000,i,17161473894225688281,10000816620996369041,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:false

              General

              Target ID:3
              Start time:12:48:05
              Start date:06/10/2024
              Path:C:\Program Files\Google\Chrome\Application\chrome.exe
              Wow64 process (32bit):false
              Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-wukhzy.xyz/update/"
              Imagebase:0x7ff715980000
              File size:3'242'272 bytes
              MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
              Has elevated privileges:true
              Has administrator privileges:true
              Programmed in:C, C++ or other language
              Reputation:low
              Has exited:true

              Disassembly

              No disassembly