Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://us-usps-qgleum.xyz/update/

Overview

General Information

Sample URL:https://us-usps-qgleum.xyz/update/
Analysis ID:1526984
Tags:openphish
Infos:
Errors
  • URL not reachable

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Performs DNS queries to domains with low reputation
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3012 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 2952 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=2000,i,4751949160752344263,348731842178357154,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6348 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-qgleum.xyz/update/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://us-usps-qgleum.xyz/update/SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49719 version: TLS 1.0
Source: unknownHTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:49720 version: TLS 1.2

Networking

barindex
Performs DNS queries to domains with low reputation
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-qgleum.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-qgleum.xyz
Source: DNS query: us-usps-qgleum.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-qgleum.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-qgleum.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-qgleum.xyz
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDNS query: us-usps-qgleum.xyz
Source: DNS query: us-usps-qgleum.xyz
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49719 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: us-usps-qgleum.xyz
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 13.107.253.72:443 -> 192.168.2.5:49720 version: TLS 1.2
Source: classification engineClassification label: mal52.troj.win@19/6@12/3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=2000,i,4751949160752344263,348731842178357154,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-qgleum.xyz/update/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=2000,i,4751949160752344263,348731842178357154,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://us-usps-qgleum.xyz/update/100%SlashNextFraudulent Website type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
google.com
142.250.184.206
truefalse
    		unknown
    s-part-0044.t-0009.fb-t-msedge.net
    		13.107.253.72
    		truefalse
      		unknown
      www.google.com
      		142.250.185.132
      		truefalse
        		unknown
        fp2e7a.wpc.phicdn.net
        		192.229.221.95
        		truefalse
          		unknown
          us-usps-qgleum.xyz
          		unknown
          		unknowntrue
            		unknown

            World Map of Contacted IPs

            • No. of IPs < 25%
            • 25% < No. of IPs < 50%
            • 50% < No. of IPs < 75%
            • 75% < No. of IPs

            Public IPs

            IPDomainCountryFlagASNASN NameMalicious
            239.255.255.250
            		unknownReserved
            		unknownunknownfalse
            142.250.185.132
            		www.google.comUnited States
            		15169GOOGLEUSfalse

            Private

            IP
            192.168.2.5

            General Information

            Joe Sandbox version:41.0.0 Charoite
            Analysis ID:1526984
            Start date and time:2024-10-06 18:53:11 +02:00
            Joe Sandbox product:CloudBasic
            Overall analysis duration:0h 1m 57s
            Hypervisor based Inspection enabled:false
            Report type:full
            Cookbook file name:browseurl.jbs
            Sample URL:https://us-usps-qgleum.xyz/update/
            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
            Number of analysed new started processes analysed:6
            Number of new started drivers analysed:0
            Number of existing processes analysed:0
            Number of existing drivers analysed:0
            Number of injected processes analysed:0
            Technologies:
            • HCA enabled
            • EGA enabled
            • AMSI enabled
            Analysis Mode:default
            Analysis stop reason:Timeout
            Detection:MAL
            Classification:mal52.troj.win@19/6@12/3
            EGA Information:Failed
            HCA Information:
            • Successful, ratio: 100%
            • Number of executed functions: 0
            • Number of non-executed functions: 0
            Cookbook Comments:
            • URL browsing timeout or error

            Errors

            • URL not reachable

            Warnings

            • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe, svchost.exe
            • Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.250.185.142, 74.125.133.84, 34.104.35.123, 184.28.90.27, 52.149.20.212, 88.221.110.91, 2.16.100.168, 192.229.221.95, 40.69.42.241
            • Excluded domains from analysis (whitelisted): azurefd-t-fb-prod.trafficmanager.net, slscr.update.microsoft.com, otelrules.afd.azureedge.net, clientservices.googleapis.com, a767.dspw65.akamai.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, clients2.google.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, prod.fs.microsoft.com.akadns.net, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, azureedge-t-prod.trafficmanager.net, clients.l.google.com
            • Not all processes where analyzed, report is missing behavior information
            • Report size getting too big, too many NtSetInformationFile calls found.
            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
            • VT rate limit hit for: https://us-usps-qgleum.xyz/update/

            Simulations

            Behavior and APIs

            No simulations

            Joe Sandbox View / Context

            IPs

            No context

            Domains

            No context

            ASNs

            No context

            JA3 Fingerprints

            No context

            Dropped Files

            No context

            Created / dropped Files

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:54:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2677
            Entropy (8bit):3.977418836194644
            Encrypted:false
            SSDEEP:48:8VpdroTLssPHMidAKZdA19ehwiZUklqehAy+3:8SXSPy
            MD5:5CFBC6243729D7C503403E5F6ADFB9DF
            SHA1:2AD6C971505DF41E98E0968954EE2C677250E02C
            SHA-256:4CA5E100558A0071F79C3E5E7205CD3C24E784B4E517850A5E7A4E559682948B
            SHA-512:6A2209865F64A1506DC3A2CCD91B0D34FA98F948CFBFA1E8AE61F44E4A383F878F24AC35D7487DA67DEC90F3F852DBF7A0FDEDFF2AD643527FF60E2460E84B1D
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......F\....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:54:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2679
            Entropy (8bit):3.994615697339952
            Encrypted:false
            SSDEEP:48:85droTLssPHMidAKZdA1weh/iZUkAQkqeh/y+2:84XI9Qiy
            MD5:548EE3E485CDCED183FCD6D5EABDD7AE
            SHA1:DADBC3C09D7F21E74A7AE88A93FDB88FD6891F1E
            SHA-256:8E11DC44E7EA8B169C6A0AB2BC1186141838D60CD5F11A5FE33283B1BE087CE1
            SHA-512:FC119628E7011A397C3E6212099D8044A785CCFA5199875FAE257577DE1341DB5D8C794D9870A40202C26298BC738E6A654377BA7714409B4D59E53281539BE2
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....N.;\....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2693
            Entropy (8bit):4.008291722172149
            Encrypted:false
            SSDEEP:48:8xVdroTLsssHMidAKZdA14tseh7sFiZUkmgqeh7sZy+BX:8xkXlnLy
            MD5:504A8CD36BA8F7A9625D1B136DA7B41C
            SHA1:19461F9212289F4E30F3D64BC33B7A34922DDEEE
            SHA-256:D9CF7C7A1F6E480B79617313D2E7930112007DC9F8121215362200AE110E1772
            SHA-512:4EB61234723D7579B3EB8665D628FA6D7AFAF2C753E499A22C51305A32C6BF4FA6B68B79650169F00491DA8FCC2B6E4209FBA90D665F04082F5D81237A07CCA6
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:54:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.991511175292695
            Encrypted:false
            SSDEEP:48:8/droTLssPHMidAKZdA1vehDiZUkwqehTy+R:8iXTBy
            MD5:710F173FD59F1ABF99B8461E9712632F
            SHA1:2BA8AAE84E0FB59EA2F80F0B06FBBC7BFC9FF169
            SHA-256:EE880C1A91B19CB41DCDC479D42D2C54B7FFC0436A39137E098A5503F6B40672
            SHA-512:7F054626B00D36EE8EFBDE3465AF2AE0C3B05E36AA81930A0DAEB77472813B997E025AB4CEB4C86586A9EA27A54FE921F9F6D77D77C57DEB2EF3EBA28C795C4C
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,......5\....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:54:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2681
            Entropy (8bit):3.9806392200611986
            Encrypted:false
            SSDEEP:48:8mdroTLssPHMidAKZdA1hehBiZUk1W1qehVy+C:8xXD91y
            MD5:3EF8CBBF69B9F408C6BA94FFD7CD8F88
            SHA1:5278F57D61224AF5889585F7462CD6195305D770
            SHA-256:D50DCD97DBD61E3421ECF5F60745C037BC5A14018636E61C96398E08436F6824
            SHA-512:E9A920B54BE34177EF205A7E7D438E38BD11537FDC6F956E22B86301C3081FD488A2244967C85C2A90421768F847E3BA9221059EF2125417254A3989E45F8742
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,.....A\....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

            Download File
            Process:C:\Program Files\Google\Chrome\Application\chrome.exe
            File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Oct 6 15:54:08 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
            Category:dropped
            Size (bytes):2683
            Entropy (8bit):3.9925655260572492
            Encrypted:false
            SSDEEP:48:8udroTLssPHMidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbLy+yT+:8ZXzT/TbxWOvTbLy7T
            MD5:71A73615A774DE61B24BA8D6AE1BC627
            SHA1:A8C6C4AD885DC129D4518C506F55B80E90068C2C
            SHA-256:89B4977710103F237082A25CB92095206E6080CCA3B6A1605C8C0C1A7BA30ECF
            SHA-512:C39A0004FE70D3E793EE94AE895998F0C341427CD74CAD8ECA85B8426193AC9EA4F4C84E4753BF14E00CFD71142CBB6E103B33DD70503687E110C956C95399BE
            Malicious:false
            Reputation:low
            Preview:L..................F.@.. ...$+.,....q.+\....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IFY.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VFY.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VFY.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VFY............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFY............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

            Static File Info

            No static file info

            Network Behavior

            Network Port Distribution

            TCP Packets

            TimestampSource PortDest PortSource IPDest IP
            Oct 6, 2024 18:53:59.384881973 CEST49675443192.168.2.523.1.237.91
            Oct 6, 2024 18:53:59.384990931 CEST49674443192.168.2.523.1.237.91
            Oct 6, 2024 18:53:59.511442900 CEST49673443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:09.084187984 CEST49674443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:09.084283113 CEST49675443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:09.281358957 CEST49673443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:10.754628897 CEST4434970323.1.237.91192.168.2.5
            Oct 6, 2024 18:54:10.754719019 CEST49703443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:11.715867996 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:11.715929031 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:11.716702938 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:11.717006922 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:11.717026949 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:12.366020918 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:12.377851963 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:12.377878904 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:12.379293919 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:12.379379988 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:12.387598038 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:12.387763977 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:12.443447113 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:12.443458080 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:12.490407944 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:21.580704927 CEST49703443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:21.580704927 CEST49703443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:21.584577084 CEST49719443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:21.584614992 CEST4434971923.1.237.91192.168.2.5
            Oct 6, 2024 18:54:21.584765911 CEST49719443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:21.585632086 CEST4434970323.1.237.91192.168.2.5
            Oct 6, 2024 18:54:21.585647106 CEST4434970323.1.237.91192.168.2.5
            Oct 6, 2024 18:54:21.585665941 CEST49719443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:21.585692883 CEST4434971923.1.237.91192.168.2.5
            Oct 6, 2024 18:54:21.588571072 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:21.588644981 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:21.592813969 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:21.592813969 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:21.592897892 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.203216076 CEST4434971923.1.237.91192.168.2.5
            Oct 6, 2024 18:54:22.203342915 CEST49719443192.168.2.523.1.237.91
            Oct 6, 2024 18:54:22.261090994 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.261198997 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.264178038 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.264220953 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.264645100 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.266561031 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:22.266649961 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:22.266707897 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:22.286395073 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.327470064 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.396034956 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.396090984 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.396114111 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.396153927 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.396158934 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.396209955 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.396231890 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.396267891 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.396267891 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.396267891 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.396296978 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.477241993 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.477299929 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.477339029 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.477370024 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.477395058 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.477412939 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.482594967 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.482644081 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.482708931 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.482723951 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.482758045 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.482777119 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.562988043 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.563035011 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.563083887 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.563128948 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.563159943 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.563182116 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.564076900 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.564120054 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.564166069 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.564186096 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.564208984 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.564235926 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.565776110 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.565820932 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.565870047 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.565884113 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.565910101 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.565929890 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.569420099 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.569463015 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.569511890 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.569525003 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.569577932 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.569598913 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.658587933 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.658637047 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.658689022 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.658740997 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.658772945 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.658793926 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.658849001 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.658888102 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.658921003 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.658941984 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.658977032 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.658998966 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659017086 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659056902 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659084082 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659096003 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659126997 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659145117 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659173012 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659214020 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659235954 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659248114 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659277916 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659300089 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659333944 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659374952 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659420967 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659439087 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659463882 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659497976 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659502983 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659533024 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659568071 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659584045 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659601927 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659615993 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659643888 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659666061 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659691095 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659765005 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659776926 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659832001 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.659837008 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.659895897 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.661179066 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.662672997 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.662698984 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.662723064 CEST49720443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.662738085 CEST4434972013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.719240904 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.719332933 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.719412088 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.721107006 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.721143007 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.722429037 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.722464085 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.722522974 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.722654104 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.722671032 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.723627090 CEST49725443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.723720074 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.723793983 CEST49725443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.724221945 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.724245071 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.724309921 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.725282907 CEST49727443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.725295067 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.725342989 CEST49727443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.728640079 CEST49727443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.728656054 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.728719950 CEST49725443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.728753090 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:22.728893042 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:22.728914976 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.374063015 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.375216007 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.375267029 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.375286102 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.377448082 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.377460003 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.378254890 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.378256083 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.378269911 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.378288984 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.379580975 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.380352974 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.380435944 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.380964041 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.380979061 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.397463083 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.398082972 CEST49725443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.398112059 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.399255037 CEST49725443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.399265051 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.406503916 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.407180071 CEST49727443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.407196999 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.408580065 CEST49727443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.408586025 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.481718063 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.481746912 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.482021093 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.482059002 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.487498999 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.487550020 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.487554073 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.487675905 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.487711906 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.488662004 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.488692045 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.488704920 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.488853931 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.488899946 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.495031118 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.505161047 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.505265951 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.509058952 CEST49725443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.519220114 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.519284010 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.521476030 CEST49727443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.522680044 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.522700071 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.522739887 CEST49723443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.522754908 CEST4434972313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.522880077 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.522880077 CEST49726443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.522917032 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.522929907 CEST4434972613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.522973061 CEST49725443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.522973061 CEST49725443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.522989035 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.523015976 CEST4434972513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.523049116 CEST49727443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.523049116 CEST49727443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.523061991 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.523070097 CEST4434972713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.524070024 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.524070024 CEST49724443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.524075031 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.524080992 CEST4434972413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.527570009 CEST49728443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.527595997 CEST4434972813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.527636051 CEST49729443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.527673960 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.527710915 CEST49728443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.527992964 CEST49730443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528004885 CEST4434973013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.528034925 CEST49729443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528247118 CEST49730443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528428078 CEST49731443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528446913 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.528512001 CEST49732443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528527021 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.528537989 CEST49730443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528553009 CEST4434973013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.528585911 CEST49731443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528644085 CEST49729443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528652906 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.528716087 CEST49732443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528784037 CEST49728443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528810978 CEST4434972813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.528850079 CEST49732443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528851986 CEST49731443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:23.528862000 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:23.528873920 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.014519930 CEST49711443192.168.2.5142.250.185.132
            Oct 6, 2024 18:54:24.014547110 CEST44349711142.250.185.132192.168.2.5
            Oct 6, 2024 18:54:24.181967974 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.182887077 CEST49731443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.182921886 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.185091019 CEST49731443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.185105085 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.201733112 CEST4434973013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.203260899 CEST49730443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.203277111 CEST4434973013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.203675985 CEST4434972813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.203871012 CEST49730443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.203876972 CEST4434973013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.204507113 CEST49728443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.204536915 CEST4434972813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.206908941 CEST49728443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.206914902 CEST4434972813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.207508087 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.208360910 CEST49732443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.208360910 CEST49732443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.208373070 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.208389997 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.212559938 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.213265896 CEST49729443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.213274002 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.214379072 CEST49729443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.214384079 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.289839029 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.289905071 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.289968967 CEST49731443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.312474012 CEST4434973013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.312632084 CEST4434973013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.312700987 CEST49730443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.313895941 CEST4434972813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.314027071 CEST4434972813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.314188957 CEST49728443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.318886995 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.318969965 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.319025040 CEST49732443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.327879906 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.327924013 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.327981949 CEST49729443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.461328030 CEST49731443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.461349010 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.461436987 CEST49731443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.461452007 CEST4434973113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.464863062 CEST49732443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.464881897 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.464890957 CEST49732443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.464896917 CEST4434973213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.466983080 CEST49729443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.467004061 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.467017889 CEST49729443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.467025042 CEST4434972913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.469353914 CEST49730443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.469360113 CEST4434973013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.471503973 CEST49728443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.471518040 CEST4434972813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.477263927 CEST49733443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.477354050 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.477444887 CEST49733443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.478598118 CEST49733443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.478636980 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.482429981 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.482451916 CEST4434973413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.482532978 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.483675957 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.483700991 CEST4434973413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.485589981 CEST49735443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.485610962 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.485666990 CEST49735443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.485945940 CEST49735443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.485959053 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.488879919 CEST49736443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.488920927 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.488985062 CEST49736443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.490833044 CEST49736443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.490850925 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.492234945 CEST49737443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.492274046 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:24.492352009 CEST49737443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.492604971 CEST49737443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:24.492624998 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.146037102 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.146601915 CEST49736443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.146697998 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.147334099 CEST49736443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.147349119 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.149029970 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.149589062 CEST49733443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.149679899 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.150192976 CEST49733443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.150249004 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.162401915 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.162847996 CEST49735443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.162867069 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.163371086 CEST49735443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.163376093 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.168231010 CEST4434973413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.168823957 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.168910027 CEST4434973413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.169342041 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.169397116 CEST4434973413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.169826984 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.170252085 CEST49737443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.170264006 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.170763016 CEST49737443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.170769930 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.260917902 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.261059999 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.261173964 CEST49736443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.261322021 CEST49736443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.261367083 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.261398077 CEST49736443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.261414051 CEST4434973613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.263756037 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.263881922 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.264106035 CEST49733443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.264329910 CEST49733443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.264380932 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.264414072 CEST49733443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.264430046 CEST4434973313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.264836073 CEST49738443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.264874935 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.265045881 CEST49738443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.265192986 CEST49738443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.265206099 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.267601013 CEST49739443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.267643929 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.267746925 CEST49739443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.267913103 CEST49739443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.267931938 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.274033070 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.274095058 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.274318933 CEST49735443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.274379969 CEST49735443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.274391890 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.274411917 CEST49735443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.274416924 CEST4434973513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.277144909 CEST49740443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.277232885 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.277328014 CEST49740443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.277519941 CEST49740443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.277554989 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.282238960 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.282326937 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.282399893 CEST49737443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.282553911 CEST49737443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.282567024 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.282577991 CEST49737443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.282583952 CEST4434973713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.285020113 CEST49741443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.285047054 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.285403967 CEST49741443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.285573006 CEST49741443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.285588980 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.547677994 CEST4434973413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.547810078 CEST4434973413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.548052073 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.548052073 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.548053026 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.550652027 CEST49742443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.550692081 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.550756931 CEST49742443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.550910950 CEST49742443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.550924063 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.849970102 CEST49734443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.849996090 CEST4434973413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.926141977 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.926577091 CEST49739443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.926636934 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.927145958 CEST49739443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.927160025 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.930453062 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.930787086 CEST49738443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.930809021 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.931313038 CEST49738443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.931318998 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.940666914 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.941070080 CEST49741443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.941083908 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.941593885 CEST49741443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.941601992 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.975409985 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.975750923 CEST49740443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.975827932 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:25.976289034 CEST49740443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:25.976303101 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.037281036 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.037415028 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.037483931 CEST49739443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.037561893 CEST49739443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.037579060 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.037591934 CEST49739443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.037600040 CEST4434973913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.039244890 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.039433002 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.039505959 CEST49738443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.039607048 CEST49738443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.039623022 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.039635897 CEST49738443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.039642096 CEST4434973813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.040421963 CEST49743443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.040451050 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.040546894 CEST49743443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.040792942 CEST49743443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.040807962 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.041851997 CEST49744443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.041887045 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.042084932 CEST49744443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.042223930 CEST49744443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.042244911 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.050926924 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.051084042 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.051223040 CEST49741443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.051249981 CEST49741443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.051274061 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.051285982 CEST49741443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.051295042 CEST4434974113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.054311037 CEST49745443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.054342031 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.054403067 CEST49745443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.054524899 CEST49745443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.054538965 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.091412067 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.091559887 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.091626883 CEST49740443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.091669083 CEST49740443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.091669083 CEST49740443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.091692924 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.091730118 CEST4434974013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.093905926 CEST49746443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.093918085 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.093976021 CEST49746443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.094079018 CEST49746443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.094085932 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.203097105 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.203505993 CEST49742443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.203527927 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.204109907 CEST49742443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.204118013 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.312319040 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.312369108 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.312433004 CEST49742443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.312611103 CEST49742443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.312628984 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.312640905 CEST49742443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.312648058 CEST4434974213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.314886093 CEST49747443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.314913034 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.314980030 CEST49747443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.315139055 CEST49747443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.315155983 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.701421022 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.701623917 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.701796055 CEST49744443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.701822996 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.702150106 CEST49743443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.702184916 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.702366114 CEST49744443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.702388048 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.702703953 CEST49743443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.702718019 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.703921080 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.704220057 CEST49745443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.704243898 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.704606056 CEST49745443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.704612970 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.748476982 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.748812914 CEST49746443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.748830080 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.749355078 CEST49746443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.749360085 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.810579062 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.810719967 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.810786963 CEST49744443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.810827017 CEST49744443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.810844898 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.810857058 CEST49744443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.810864925 CEST4434974413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.812335968 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.812407017 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.812599897 CEST49745443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.812649965 CEST49745443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.812658072 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.812669039 CEST49745443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.812674046 CEST4434974513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.813157082 CEST49748443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.813191891 CEST4434974813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.813246965 CEST49748443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.813445091 CEST49748443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.813462019 CEST4434974813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.813611031 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.813756943 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.813816071 CEST49743443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.813867092 CEST49743443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.813867092 CEST49743443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.813899040 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.813922882 CEST4434974313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.815318108 CEST49749443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.815422058 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.815459967 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.815485001 CEST4434975013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.815521955 CEST49749443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.815578938 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.815617085 CEST49749443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.815638065 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.815673113 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.815697908 CEST4434975013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.876708984 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.876853943 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.876956940 CEST49746443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.876998901 CEST49746443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.877002954 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.877033949 CEST49746443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.877038002 CEST4434974613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.879462957 CEST49751443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.879484892 CEST4434975113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.879545927 CEST49751443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.879687071 CEST49751443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.879699945 CEST4434975113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.965533018 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.965893030 CEST49747443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.965919018 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:26.966252089 CEST49747443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:26.966263056 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.073800087 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.073837996 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.073904037 CEST49747443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.073997974 CEST49747443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.074018955 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.074033022 CEST49747443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.074039936 CEST4434974713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.076067924 CEST49752443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.076095104 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.076220989 CEST49752443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.076329947 CEST49752443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.076353073 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.468383074 CEST4434975013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.468705893 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.468751907 CEST4434975013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.469151974 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.469163895 CEST4434975013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.476838112 CEST4434974813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.477189064 CEST49748443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.477214098 CEST4434974813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.477744102 CEST49748443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.477750063 CEST4434974813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.497123003 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.497958899 CEST49749443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.497958899 CEST49749443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.497977018 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.497991085 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.577989101 CEST4434975113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.578521967 CEST49751443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.578541994 CEST4434975113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.578675032 CEST49751443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.578680992 CEST4434975113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.584985971 CEST4434974813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.585048914 CEST4434974813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.585187912 CEST49748443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.585187912 CEST49748443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.585329056 CEST49748443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.585340977 CEST4434974813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.586837053 CEST49753443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.586922884 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.587073088 CEST49753443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.587137938 CEST49753443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.587157965 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.595909119 CEST4434975013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.595972061 CEST4434975013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.596227884 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.596227884 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.596227884 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.598099947 CEST49754443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.598169088 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.598373890 CEST49754443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.598373890 CEST49754443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.598449945 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.610701084 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.610842943 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.610919952 CEST49749443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.611078024 CEST49749443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.611078024 CEST49749443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.611108065 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.611130953 CEST4434974913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.612777948 CEST49755443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.612811089 CEST4434975513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.612993002 CEST49755443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.612993002 CEST49755443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.613024950 CEST4434975513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.703511000 CEST4434975113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.703660011 CEST4434975113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.703777075 CEST49751443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.703777075 CEST49751443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.704452038 CEST49751443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.704459906 CEST4434975113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.705646992 CEST49756443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.705684900 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.705815077 CEST49756443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.706082106 CEST49756443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.706100941 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.733160973 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.733611107 CEST49752443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.733623028 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.733818054 CEST49752443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.733835936 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.841319084 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.841454029 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.841743946 CEST49752443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.841778994 CEST49752443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.841778994 CEST49752443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.841793060 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.841804981 CEST4434975213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.843697071 CEST49757443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.843774080 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.843964100 CEST49757443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.844109058 CEST49757443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.844142914 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:27.896864891 CEST49750443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:27.896908998 CEST4434975013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.273513079 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.273874044 CEST49753443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.273935080 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.274247885 CEST49753443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.274261951 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.288225889 CEST4434975513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.288568020 CEST49755443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.288578987 CEST4434975513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.289083004 CEST49755443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.289089918 CEST4434975513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.294725895 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.295003891 CEST49754443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.295018911 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.295339108 CEST49754443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.295347929 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.373847961 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.374167919 CEST49756443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.374197006 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.374492884 CEST49756443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.374500990 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.384541988 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.384634972 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.384692907 CEST49753443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.384924889 CEST49753443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.384955883 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.385003090 CEST49753443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.385018110 CEST4434975313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.387401104 CEST49758443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.387487888 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.387576103 CEST49758443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.387687922 CEST49758443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.387707949 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.399858952 CEST4434975513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.400013924 CEST4434975513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.400116920 CEST49755443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.400116920 CEST49755443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.400240898 CEST49755443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.400269985 CEST4434975513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.402107954 CEST49759443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.402141094 CEST4434975913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.402277946 CEST49759443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.402456999 CEST49759443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.402475119 CEST4434975913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.402816057 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.402959108 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.403177977 CEST49754443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.403321028 CEST49754443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.403321981 CEST49754443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.403340101 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.403359890 CEST4434975413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.405464888 CEST49760443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.405474901 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.405586004 CEST49760443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.405700922 CEST49760443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.405715942 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.491807938 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.491955996 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.492013931 CEST49756443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.492042065 CEST49756443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.492060900 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.492073059 CEST49756443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.492079973 CEST4434975613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.493772984 CEST49761443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.493804932 CEST4434976113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.493870020 CEST49761443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.493974924 CEST49761443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.493989944 CEST4434976113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.505678892 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.505990982 CEST49757443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.506009102 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.506427050 CEST49757443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.506437063 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.614459038 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.614605904 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.614792109 CEST49757443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.614876986 CEST49757443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.614876986 CEST49757443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.614907026 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.614933014 CEST4434975713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.624955893 CEST49762443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.624988079 CEST4434976213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:28.625058889 CEST49762443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.625147104 CEST49762443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:28.625179052 CEST4434976213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.105720043 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.106165886 CEST49758443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.106204033 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.106628895 CEST49758443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.106638908 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.109044075 CEST4434975913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.109348059 CEST49759443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.109361887 CEST4434975913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.109689951 CEST49759443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.109695911 CEST4434975913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.116533041 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.116833925 CEST49760443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.116842985 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.117161036 CEST49760443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.117166042 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.208257914 CEST4434976113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.208589077 CEST49761443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.208615065 CEST4434976113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.208970070 CEST49761443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.208976030 CEST4434976113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.217756987 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.217835903 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.217981100 CEST49758443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.218015909 CEST49758443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.218015909 CEST49758443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.218036890 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.218049049 CEST4434975813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.219322920 CEST4434975913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.219563961 CEST4434975913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.219662905 CEST49759443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.219662905 CEST49759443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.219741106 CEST49759443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.219758034 CEST4434975913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.220455885 CEST49763443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.220483065 CEST4434976313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.220563889 CEST49763443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.220649004 CEST49763443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.220657110 CEST4434976313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.221560001 CEST49764443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.221600056 CEST4434976413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.221775055 CEST49764443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.221775055 CEST49764443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.221812963 CEST4434976413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.232323885 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.232394934 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.232469082 CEST49760443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.232525110 CEST49760443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.232525110 CEST49760443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.232532978 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.232542038 CEST4434976013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.234422922 CEST49765443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.234488964 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.234597921 CEST49765443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.234833002 CEST49765443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.234863997 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.281177044 CEST4434976213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.281790018 CEST49762443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.281790972 CEST49762443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.281819105 CEST4434976213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.281830072 CEST4434976213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.321826935 CEST4434976113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.321971893 CEST4434976113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.322213888 CEST49761443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.322213888 CEST49761443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.322343111 CEST49761443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.322360039 CEST4434976113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.323802948 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.323832035 CEST4434976613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.324003935 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.324170113 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.324193001 CEST4434976613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.389403105 CEST4434976213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.389533997 CEST4434976213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.389612913 CEST49762443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.389612913 CEST49762443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.389766932 CEST49762443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.389782906 CEST4434976213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.391221046 CEST49767443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.391262054 CEST4434976713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.391324997 CEST49767443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.391433001 CEST49767443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.391458988 CEST4434976713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.876312971 CEST4434976413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.876944065 CEST49764443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.876964092 CEST4434976413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.877217054 CEST49764443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.877223969 CEST4434976413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.898152113 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.898529053 CEST49765443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.898564100 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.898926020 CEST49765443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.898941040 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.903373957 CEST4434976313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.903814077 CEST49763443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.903846979 CEST4434976313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.904088020 CEST49763443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.904097080 CEST4434976313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.983522892 CEST4434976413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.983588934 CEST4434976413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.983781099 CEST49764443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.983781099 CEST49764443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.984044075 CEST49764443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.984060049 CEST4434976413.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.986174107 CEST49768443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.986202002 CEST4434976813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:29.986355066 CEST49768443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.986511946 CEST49768443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:29.986534119 CEST4434976813.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.013514996 CEST4434976613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.013827085 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.013850927 CEST4434976613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.014246941 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.014256954 CEST4434976613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.019490957 CEST4434976313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.019520044 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.019665956 CEST4434976313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.019680977 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.019730091 CEST49763443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.019881964 CEST49763443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.019887924 CEST49765443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.019895077 CEST4434976313.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.019931078 CEST49765443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.019980907 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.020011902 CEST49765443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.020025015 CEST4434976513.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.022084951 CEST49769443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.022126913 CEST4434976913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.022151947 CEST49770443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.022167921 CEST4434977013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.022214890 CEST49769443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.022337914 CEST49770443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.022337914 CEST49770443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.022394896 CEST4434977013.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.022425890 CEST49769443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.022440910 CEST4434976913.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.047154903 CEST4434976713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.047502995 CEST49767443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.047519922 CEST4434976713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.047930002 CEST49767443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.047950983 CEST4434976713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.128889084 CEST4434976613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.129036903 CEST4434976613.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.129153013 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.129153967 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.129153967 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.130949974 CEST49771443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.130975008 CEST4434977113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.131032944 CEST49771443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.131192923 CEST49771443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.131202936 CEST4434977113.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.161880016 CEST4434976713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.162026882 CEST4434976713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.162166119 CEST49767443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.162166119 CEST49767443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.162211895 CEST49767443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.162231922 CEST4434976713.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.163995028 CEST49772443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.164086103 CEST4434977213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.164211988 CEST49772443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.164295912 CEST49772443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.164319038 CEST4434977213.107.253.72192.168.2.5
            Oct 6, 2024 18:54:30.443804026 CEST49766443192.168.2.513.107.253.72
            Oct 6, 2024 18:54:30.443856001 CEST4434976613.107.253.72192.168.2.5

            UDP Packets

            TimestampSource PortDest PortSource IPDest IP
            Oct 6, 2024 18:54:07.352679968 CEST53522231.1.1.1192.168.2.5
            Oct 6, 2024 18:54:07.358923912 CEST53578711.1.1.1192.168.2.5
            Oct 6, 2024 18:54:08.509145975 CEST53537361.1.1.1192.168.2.5
            Oct 6, 2024 18:54:09.149660110 CEST5641753192.168.2.51.1.1.1
            Oct 6, 2024 18:54:09.149821043 CEST6093753192.168.2.51.1.1.1
            Oct 6, 2024 18:54:09.164040089 CEST53564171.1.1.1192.168.2.5
            Oct 6, 2024 18:54:09.165790081 CEST53609371.1.1.1192.168.2.5
            Oct 6, 2024 18:54:09.169111013 CEST5739353192.168.2.51.1.1.1
            Oct 6, 2024 18:54:09.188179970 CEST53573931.1.1.1192.168.2.5
            Oct 6, 2024 18:54:09.231338024 CEST5719953192.168.2.58.8.8.8
            Oct 6, 2024 18:54:09.231657982 CEST5077253192.168.2.51.1.1.1
            Oct 6, 2024 18:54:09.238213062 CEST53571998.8.8.8192.168.2.5
            Oct 6, 2024 18:54:09.238342047 CEST53507721.1.1.1192.168.2.5
            Oct 6, 2024 18:54:10.246553898 CEST6346553192.168.2.51.1.1.1
            Oct 6, 2024 18:54:10.246689081 CEST6442253192.168.2.51.1.1.1
            Oct 6, 2024 18:54:10.255165100 CEST53644221.1.1.1192.168.2.5
            Oct 6, 2024 18:54:10.273315907 CEST53634651.1.1.1192.168.2.5
            Oct 6, 2024 18:54:11.691811085 CEST6495353192.168.2.51.1.1.1
            Oct 6, 2024 18:54:11.692130089 CEST6214653192.168.2.51.1.1.1
            Oct 6, 2024 18:54:11.699194908 CEST53621461.1.1.1192.168.2.5
            Oct 6, 2024 18:54:11.699959040 CEST53649531.1.1.1192.168.2.5
            Oct 6, 2024 18:54:15.304270029 CEST5764653192.168.2.51.1.1.1
            Oct 6, 2024 18:54:15.304697037 CEST5130553192.168.2.51.1.1.1
            Oct 6, 2024 18:54:15.314341068 CEST53576461.1.1.1192.168.2.5
            Oct 6, 2024 18:54:15.319355965 CEST53513051.1.1.1192.168.2.5
            Oct 6, 2024 18:54:15.322833061 CEST5293553192.168.2.51.1.1.1
            Oct 6, 2024 18:54:15.334001064 CEST53529351.1.1.1192.168.2.5
            Oct 6, 2024 18:54:25.594073057 CEST53627241.1.1.1192.168.2.5

            DNS Queries

            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
            Oct 6, 2024 18:54:09.149660110 CEST192.168.2.51.1.1.10xd41eStandard query (0)us-usps-qgleum.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:09.149821043 CEST192.168.2.51.1.1.10xbb9eStandard query (0)us-usps-qgleum.xyz65IN (0x0001)false
            Oct 6, 2024 18:54:09.169111013 CEST192.168.2.51.1.1.10x6a93Standard query (0)us-usps-qgleum.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:09.231338024 CEST192.168.2.58.8.8.80x21bcStandard query (0)google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:09.231657982 CEST192.168.2.51.1.1.10x6cc6Standard query (0)google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:10.246553898 CEST192.168.2.51.1.1.10xf444Standard query (0)us-usps-qgleum.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:10.246689081 CEST192.168.2.51.1.1.10xe1f1Standard query (0)us-usps-qgleum.xyz65IN (0x0001)false
            Oct 6, 2024 18:54:11.691811085 CEST192.168.2.51.1.1.10xa426Standard query (0)www.google.comA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:11.692130089 CEST192.168.2.51.1.1.10x586eStandard query (0)www.google.com65IN (0x0001)false
            Oct 6, 2024 18:54:15.304270029 CEST192.168.2.51.1.1.10x139Standard query (0)us-usps-qgleum.xyzA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:15.304697037 CEST192.168.2.51.1.1.10xc78fStandard query (0)us-usps-qgleum.xyz65IN (0x0001)false
            Oct 6, 2024 18:54:15.322833061 CEST192.168.2.51.1.1.10x98c7Standard query (0)us-usps-qgleum.xyzA (IP address)IN (0x0001)false

            DNS Answers

            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
            Oct 6, 2024 18:54:09.164040089 CEST1.1.1.1192.168.2.50xd41eName error (3)us-usps-qgleum.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:09.165790081 CEST1.1.1.1192.168.2.50xbb9eName error (3)us-usps-qgleum.xyznonenone65IN (0x0001)false
            Oct 6, 2024 18:54:09.188179970 CEST1.1.1.1192.168.2.50x6a93Name error (3)us-usps-qgleum.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:09.238213062 CEST8.8.8.8192.168.2.50x21bcNo error (0)google.com142.250.184.206A (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:09.238342047 CEST1.1.1.1192.168.2.50x6cc6No error (0)google.com142.250.184.238A (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:10.255165100 CEST1.1.1.1192.168.2.50xe1f1Name error (3)us-usps-qgleum.xyznonenone65IN (0x0001)false
            Oct 6, 2024 18:54:10.273315907 CEST1.1.1.1192.168.2.50xf444Name error (3)us-usps-qgleum.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:11.699194908 CEST1.1.1.1192.168.2.50x586eNo error (0)www.google.com65IN (0x0001)false
            Oct 6, 2024 18:54:11.699959040 CEST1.1.1.1192.168.2.50xa426No error (0)www.google.com142.250.185.132A (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:15.314341068 CEST1.1.1.1192.168.2.50x139Name error (3)us-usps-qgleum.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:15.319355965 CEST1.1.1.1192.168.2.50xc78fName error (3)us-usps-qgleum.xyznonenone65IN (0x0001)false
            Oct 6, 2024 18:54:15.334001064 CEST1.1.1.1192.168.2.50x98c7Name error (3)us-usps-qgleum.xyznonenoneA (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:20.925345898 CEST1.1.1.1192.168.2.50x33edNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
            Oct 6, 2024 18:54:20.925345898 CEST1.1.1.1192.168.2.50x33edNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
            Oct 6, 2024 18:54:21.586250067 CEST1.1.1.1192.168.2.50x13f4No error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.netazurefd-t-fb-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
            Oct 6, 2024 18:54:21.586250067 CEST1.1.1.1192.168.2.50x13f4No error (0)dual.s-part-0044.t-0009.fb-t-msedge.nets-part-0044.t-0009.fb-t-msedge.netCNAME (Canonical name)IN (0x0001)false
            Oct 6, 2024 18:54:21.586250067 CEST1.1.1.1192.168.2.50x13f4No error (0)s-part-0044.t-0009.fb-t-msedge.net13.107.253.72A (IP address)IN (0x0001)false

            HTTP Request Dependency Graph

            • otelrules.azureedge.net

            HTTPS Proxied Packets

            Session IDSource IPSource PortDestination IPDestination Port
            0192.168.2.54972013.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:22 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:22 UTC561INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:22 GMT
            Content-Type: text/plain
            Content-Length: 218853
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public
            Last-Modified: Fri, 04 Oct 2024 23:21:50 GMT
            ETag: "0x8DCE4CB535A72FA"
            x-ms-request-id: 5e64ff20-601e-005c-6bc1-17f06f000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165422Z-1767f7688dc97m2se6u6hv466400000006gg00000000fwmz
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:22 UTC15823INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
            Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
            2024-10-06 16:54:22 UTC16384INData Raw: 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
            Data Ascii: <S T="1" F="0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L>
            2024-10-06 16:54:22 UTC16384INData Raw: 3c 53 20 54 3d 22 33 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d
            Data Ascii: <S T="3" /> </T> <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-
            2024-10-06 16:54:22 UTC16384INData Raw: 6e 74 73 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a
            Data Ascii: nts" /> </C> <C T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" />
            2024-10-06 16:54:22 UTC16384INData Raw: 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
            Data Ascii: </S> <C T="U32" I="0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32"
            2024-10-06 16:54:22 UTC16384INData Raw: 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20
            Data Ascii: _Count"> <C> <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S
            2024-10-06 16:54:22 UTC16384INData Raw: 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22
            Data Ascii: <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3"
            2024-10-06 16:54:22 UTC16384INData Raw: 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65
            Data Ascii: </L> <R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false
            2024-10-06 16:54:22 UTC16384INData Raw: 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20
            Data Ascii: T="B" /> </R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" />
            2024-10-06 16:54:22 UTC16384INData Raw: 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54
            Data Ascii: O> </F> <F T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T


            Session IDSource IPSource PortDestination IPDestination Port
            1192.168.2.54972313.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:23 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:23 UTC563INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:23 GMT
            Content-Type: text/xml
            Content-Length: 3788
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
            ETag: "0x8DC582BAC2126A6"
            x-ms-request-id: 265a1445-001e-00a2-25c7-17d4d5000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165423Z-1767f7688dczvnhxbpcveghk5g0000000a7g00000000dm3a
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:23 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


            Session IDSource IPSource PortDestination IPDestination Port
            2192.168.2.54972413.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:23 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:23 UTC584INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:23 GMT
            Content-Type: text/xml
            Content-Length: 2160
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
            ETag: "0x8DC582BA3B95D81"
            x-ms-request-id: c59bb0f9-701e-0097-2d01-17b8c1000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165423Z-1767f7688dc7bfz42qn9t7yq500000000qs000000000kkqr
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:23 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


            Session IDSource IPSource PortDestination IPDestination Port
            3192.168.2.54972613.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:23 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:23 UTC584INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:23 GMT
            Content-Type: text/xml
            Content-Length: 2980
            Connection: close
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Vary: Accept-Encoding
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
            ETag: "0x8DC582BA80D96A1"
            x-ms-request-id: b9d87bc3-001e-008d-128c-15d91e000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165423Z-r154656d9bctbqfcgmyvqx3k100000000d6g00000000cdmg
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:23 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


            Session IDSource IPSource PortDestination IPDestination Port
            4192.168.2.54972513.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:23 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:23 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:23 GMT
            Content-Type: text/xml
            Content-Length: 450
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
            ETag: "0x8DC582BD4C869AE"
            x-ms-request-id: 92b6e55f-b01e-003d-50eb-17d32c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165423Z-1767f7688dcsjpdx60gbb8v42g0000000a1000000000hcym
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:23 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


            Session IDSource IPSource PortDestination IPDestination Port
            5192.168.2.54972713.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:23 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:23 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:23 GMT
            Content-Type: text/xml
            Content-Length: 408
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
            ETag: "0x8DC582BB56D3AFB"
            x-ms-request-id: 4b0a31e7-c01e-00ad-448c-15a2b9000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165423Z-r154656d9bcc2bdtn1pd2qfd4c0000000qu0000000008uk2
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:23 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            6192.168.2.54973113.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:24 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:24 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:24 GMT
            Content-Type: text/xml
            Content-Length: 632
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
            ETag: "0x8DC582BB6E3779E"
            x-ms-request-id: 3a0dc1eb-601e-0032-608c-15eebb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165424Z-1767f7688dcxjm7c0w73xyx8vs0000000qy000000000e2ab
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:24 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


            Session IDSource IPSource PortDestination IPDestination Port
            7192.168.2.54973013.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:24 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:24 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:24 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
            ETag: "0x8DC582B9F6F3512"
            x-ms-request-id: 757ce4f4-401e-000a-128c-154a7b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165424Z-1767f7688dc7bfz42qn9t7yq500000000qu000000000bedn
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:24 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            8192.168.2.54972813.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:24 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:24 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:24 GMT
            Content-Type: text/xml
            Content-Length: 474
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
            ETag: "0x8DC582B9964B277"
            x-ms-request-id: aa8826a4-b01e-0053-608c-15cdf8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165424Z-r154656d9bczmvnbrzm0xmzrs40000000d8g00000000er5y
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:24 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            9192.168.2.54973213.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:24 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:24 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:24 GMT
            Content-Type: text/xml
            Content-Length: 467
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
            ETag: "0x8DC582BA6C038BC"
            x-ms-request-id: b2393cc3-501e-005b-768c-15d7f7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165424Z-r154656d9bcpkd87yvea8r1dfg0000000cwg000000005kwb
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:24 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            10192.168.2.54972913.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:24 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:24 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:24 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
            ETag: "0x8DC582BB10C598B"
            x-ms-request-id: 24b39cfc-301e-0096-2a8c-15e71d000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165424Z-r154656d9bcmxqxrqrw0qrf8hg00000009kg00000000a0g5
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:24 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            11192.168.2.54973613.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:25 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:25 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
            ETag: "0x8DC582B9018290B"
            x-ms-request-id: e0871f45-901e-00a0-0d8c-156a6d000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165425Z-1767f7688dcdvjcfkw13t1btbs0000000r3000000000047u
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:25 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            12192.168.2.54973313.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:25 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:25 GMT
            Content-Type: text/xml
            Content-Length: 407
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
            ETag: "0x8DC582BBAD04B7B"
            x-ms-request-id: cc223d3c-501e-008f-0ec7-179054000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165425Z-r154656d9bcmxqxrqrw0qrf8hg00000009mg000000007qne
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:25 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            13192.168.2.54973513.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:25 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:25 GMT
            Content-Type: text/xml
            Content-Length: 427
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
            ETag: "0x8DC582BA310DA18"
            x-ms-request-id: 0e559fae-201e-006e-7ee7-17bbe3000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165425Z-r154656d9bc94jg685tuhe75qw0000000dag000000006tpw
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:25 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            14192.168.2.54973413.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:25 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:25 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB344914B"
            x-ms-request-id: 1cc301c6-e01e-0071-6b8c-1508e7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165425Z-r154656d9bcc2bdtn1pd2qfd4c0000000qvg000000006akv
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:25 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            15192.168.2.54973713.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:25 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:25 GMT
            Content-Type: text/xml
            Content-Length: 407
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
            ETag: "0x8DC582B9698189B"
            x-ms-request-id: 023e3944-a01e-003d-708c-1598d7000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165425Z-1767f7688dctps2t8qk28fz8yg0000000qs0000000008ty9
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:25 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


            Session IDSource IPSource PortDestination IPDestination Port
            16192.168.2.54973913.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:25 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
            ETag: "0x8DC582BA41997E3"
            x-ms-request-id: c54fb296-901e-008f-528c-1567a6000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165425Z-r154656d9bc94jg685tuhe75qw0000000dag000000006tqt
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            17192.168.2.54973813.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:25 GMT
            Content-Type: text/xml
            Content-Length: 469
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
            ETag: "0x8DC582BBA701121"
            x-ms-request-id: 77844cee-a01e-0032-35c7-171949000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165425Z-1767f7688dc2kzqgyrtc6e2gp40000000qpg000000009nzq
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            18192.168.2.54974113.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:25 GMT
            Content-Type: text/xml
            Content-Length: 464
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
            ETag: "0x8DC582B97FB6C3C"
            x-ms-request-id: 348a4018-801e-0078-54c7-17bac6000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165425Z-1767f7688dck2l7961u6s0hrtn0000000qyg00000000a2w8
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


            Session IDSource IPSource PortDestination IPDestination Port
            19192.168.2.54974013.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:25 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:26 GMT
            Content-Type: text/xml
            Content-Length: 477
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
            ETag: "0x8DC582BB8CEAC16"
            x-ms-request-id: 24b39fc0-301e-0096-298c-15e71d000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165426Z-r154656d9bcdp2lt7d5tpscfcn0000000r1g0000000023dr
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            20192.168.2.54974213.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:26 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:26 GMT
            Content-Type: text/xml
            Content-Length: 494
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
            ETag: "0x8DC582BB7010D66"
            x-ms-request-id: 79ade187-001e-0065-788c-150b73000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165426Z-1767f7688dcjgr4ssr2c6t2x2s0000000qyg00000000huvm
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            21192.168.2.54974413.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:26 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:26 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
            ETag: "0x8DC582B9DACDF62"
            x-ms-request-id: 8e9c869d-201e-000c-4b8c-1579c4000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165426Z-1767f7688dcdplk6tmg02e519n0000000qyg00000000emat
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            22192.168.2.54974313.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:26 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:26 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
            ETag: "0x8DC582B9748630E"
            x-ms-request-id: 09392ef7-101e-0046-3f05-1791b0000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165426Z-1767f7688dccc6lkbm0py95vf00000000r3g000000002r18
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            23192.168.2.54974513.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:26 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:26 GMT
            Content-Type: text/xml
            Content-Length: 404
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
            ETag: "0x8DC582B9E8EE0F3"
            x-ms-request-id: f57b7c9f-801e-00a0-4a13-172196000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165426Z-r154656d9bc5gm9nqxzv5c87e8000000049g00000000betk
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


            Session IDSource IPSource PortDestination IPDestination Port
            24192.168.2.54974613.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:26 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:26 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:26 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
            ETag: "0x8DC582B9C8E04C8"
            x-ms-request-id: f71a7e49-201e-000c-5aa4-1579c4000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165426Z-1767f7688dccc6lkbm0py95vf00000000qzg00000000ava7
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:26 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            25192.168.2.54974713.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:26 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:27 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:26 GMT
            Content-Type: text/xml
            Content-Length: 428
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
            ETag: "0x8DC582BAC4F34CA"
            x-ms-request-id: 82f8b22c-c01e-0014-5a8c-15a6a3000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165426Z-1767f7688dc6trhkx0ckh4u3qn0000000r6g0000000024k8
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:27 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            26192.168.2.54975013.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:27 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:27 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:27 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
            ETag: "0x8DC582BB5815C4C"
            x-ms-request-id: e44feb8c-a01e-0084-742d-169ccd000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165427Z-r154656d9bcx62tnuqgh46euy400000006tg00000000cfud
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:27 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            27192.168.2.54974813.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:27 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:27 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:27 GMT
            Content-Type: text/xml
            Content-Length: 499
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
            ETag: "0x8DC582B98CEC9F6"
            x-ms-request-id: 22e42897-601e-0070-65c7-17a0c9000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165427Z-1767f7688dc7tjsxtc1ffgx97w0000000qwg000000005xkx
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:27 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            28192.168.2.54974913.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:27 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:27 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:27 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B988EBD12"
            x-ms-request-id: 1e32dda0-e01e-000c-2bf8-178e36000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165427Z-r154656d9bcvjnbgheqhz2uek80000000qt000000000k1ub
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:27 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            29192.168.2.54975113.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:27 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:27 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:27 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB32BB5CB"
            x-ms-request-id: c2ca9d4d-801e-0035-458c-15752a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165427Z-1767f7688dc5kg9bwc8fvfnfb40000000r1000000000676y
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:27 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            30192.168.2.54975213.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:27 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:27 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:27 GMT
            Content-Type: text/xml
            Content-Length: 494
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
            ETag: "0x8DC582BB8972972"
            x-ms-request-id: cce90406-001e-005a-059e-15c3d0000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165427Z-1767f7688dc97m2se6u6hv466400000006q00000000040yw
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:27 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            31192.168.2.54975313.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:28 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:28 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:28 GMT
            Content-Type: text/xml
            Content-Length: 420
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
            ETag: "0x8DC582B9DAE3EC0"
            x-ms-request-id: a7623418-001e-00a2-348c-15d4d5000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165428Z-r154656d9bczmvnbrzm0xmzrs40000000df0000000000e20
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:28 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


            Session IDSource IPSource PortDestination IPDestination Port
            32192.168.2.54975513.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:28 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:28 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:28 GMT
            Content-Type: text/xml
            Content-Length: 427
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
            ETag: "0x8DC582BA909FA21"
            x-ms-request-id: a62739ea-301e-005d-6402-17e448000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165428Z-r154656d9bcqqgssyv95384a1c0000000qvg0000000086d8
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:28 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


            Session IDSource IPSource PortDestination IPDestination Port
            33192.168.2.54975413.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:28 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:28 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:28 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
            ETag: "0x8DC582B9D43097E"
            x-ms-request-id: cc1dda0d-101e-0079-139e-155913000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165428Z-1767f7688dcp6rq9vksdbz5r100000000qug000000003vvv
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:28 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            34192.168.2.54975613.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:28 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:28 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:28 GMT
            Content-Type: text/xml
            Content-Length: 486
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
            ETag: "0x8DC582B92FCB436"
            x-ms-request-id: 76615707-c01e-0082-6a8c-15af72000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165428Z-1767f7688dc4zx8hzkgqpgqkb400000008k0000000009xun
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:28 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            35192.168.2.54975713.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:28 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:28 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:28 GMT
            Content-Type: text/xml
            Content-Length: 423
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
            ETag: "0x8DC582BB7564CE8"
            x-ms-request-id: e8bdadc1-401e-0067-74c7-1709c2000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165428Z-1767f7688dc7tjsxtc1ffgx97w0000000qv0000000008r99
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:28 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


            Session IDSource IPSource PortDestination IPDestination Port
            36192.168.2.54975813.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:29 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:29 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:29 GMT
            Content-Type: text/xml
            Content-Length: 478
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
            ETag: "0x8DC582B9B233827"
            x-ms-request-id: c4ad759c-701e-0001-2422-16b110000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165429Z-r154656d9bcpnqc46yk454phh800000002kg000000005dfv
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:29 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            37192.168.2.54975913.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:29 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:29 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:29 GMT
            Content-Type: text/xml
            Content-Length: 404
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
            ETag: "0x8DC582B95C61A3C"
            x-ms-request-id: 0dcb6c6d-e01e-0003-668c-150fa8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165429Z-1767f7688dccnqqfuv6uyx4er00000000190000000009fzs
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:29 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


            Session IDSource IPSource PortDestination IPDestination Port
            38192.168.2.54976013.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:29 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:29 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:29 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
            ETag: "0x8DC582BB046B576"
            x-ms-request-id: 8789ddbb-a01e-0084-6a8c-159ccd000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165429Z-r154656d9bcjfw87mb0kw1h2480000000d8g0000000078u9
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:29 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            39192.168.2.54976113.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:29 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:29 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:29 GMT
            Content-Type: text/xml
            Content-Length: 400
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
            ETag: "0x8DC582BB2D62837"
            x-ms-request-id: 9bed673a-001e-0046-278c-15da4b000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165429Z-1767f7688dcjgr4ssr2c6t2x2s0000000qy000000000kqpc
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:29 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


            Session IDSource IPSource PortDestination IPDestination Port
            40192.168.2.54976213.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:29 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:29 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:29 GMT
            Content-Type: text/xml
            Content-Length: 479
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
            ETag: "0x8DC582BB7D702D0"
            x-ms-request-id: ed9c017d-601e-000d-3e22-162618000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165429Z-r154656d9bczmvnbrzm0xmzrs40000000ddg000000004dre
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:29 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            41192.168.2.54976413.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:29 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:29 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:29 GMT
            Content-Type: text/xml
            Content-Length: 475
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
            ETag: "0x8DC582BB2BE84FD"
            x-ms-request-id: c5dbf9be-001e-0017-2cf1-160c3c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165429Z-r154656d9bcpkd87yvea8r1dfg0000000cr000000000fzhn
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:29 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            42192.168.2.54976513.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:29 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:29 GMT
            Content-Type: text/xml
            Content-Length: 448
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
            ETag: "0x8DC582BB389F49B"
            x-ms-request-id: 1f480944-c01e-002b-018c-156e00000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165429Z-r154656d9bczc24jcy1csnb0es0000000140000000009r8q
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


            Session IDSource IPSource PortDestination IPDestination Port
            43192.168.2.54976313.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:29 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:29 GMT
            Content-Type: text/xml
            Content-Length: 425
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
            ETag: "0x8DC582BBA25094F"
            x-ms-request-id: cbb781ac-501e-0047-14a6-15ce6c000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165429Z-1767f7688dc5kg9bwc8fvfnfb40000000qz000000000adf0
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


            Session IDSource IPSource PortDestination IPDestination Port
            44192.168.2.54976613.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:30 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:30 GMT
            Content-Type: text/xml
            Content-Length: 491
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B98B88612"
            x-ms-request-id: 85e8bebc-601e-0032-1873-16eebb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165430Z-1767f7688dcp6rq9vksdbz5r100000000qrg00000000ae63
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            45192.168.2.54976713.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:30 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:30 GMT
            Content-Type: text/xml
            Content-Length: 416
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
            ETag: "0x8DC582BAEA4B445"
            x-ms-request-id: 4b3baa61-c01e-00ad-4e9e-15a2b9000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165430Z-r154656d9bclprr71vn2nvcemn0000000qv000000000acr9
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


            Session IDSource IPSource PortDestination IPDestination Port
            46192.168.2.54976813.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:30 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:30 GMT
            Content-Type: text/xml
            Content-Length: 479
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
            ETag: "0x8DC582B989EE75B"
            x-ms-request-id: 76252b1b-c01e-0066-488c-15a1ec000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165430Z-r154656d9bclhnqxthdkb0ps8000000006p000000000hkxh
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            47192.168.2.54976913.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:30 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:30 GMT
            Content-Type: text/xml
            Content-Length: 471
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
            ETag: "0x8DC582B97E6FCDD"
            x-ms-request-id: b83a8dc4-f01e-003f-308c-15d19d000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165430Z-1767f7688dc2kzqgyrtc6e2gp40000000qpg000000009p5g
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            48192.168.2.54977013.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:30 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:30 GMT
            Content-Type: text/xml
            Content-Length: 415
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
            ETag: "0x8DC582BA80D96A1"
            x-ms-request-id: cc687b4d-101e-0079-45b6-155913000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165430Z-r154656d9bcclz9cswng83z0t000000009c000000000anfv
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


            Session IDSource IPSource PortDestination IPDestination Port
            49192.168.2.54977113.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:30 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:30 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
            ETag: "0x8DC582B9C710B28"
            x-ms-request-id: c276760a-301e-0051-159c-1538bb000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165430Z-r154656d9bclhnqxthdkb0ps8000000006v0000000004xtq
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            50192.168.2.54977213.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:30 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:30 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:30 GMT
            Content-Type: text/xml
            Content-Length: 477
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
            ETag: "0x8DC582BA54DCC28"
            x-ms-request-id: 3883747d-501e-008c-279e-15cd39000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165430Z-r154656d9bc4v6bg39gwnbf5vn00000005bg00000000efew
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            X-Cache-Info: L1_T2
            Accept-Ranges: bytes
            2024-10-06 16:54:30 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            51192.168.2.54977313.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:31 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:31 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:31 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
            ETag: "0x8DC582BB7F164C3"
            x-ms-request-id: 1f480aea-c01e-002b-028c-156e00000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165431Z-r154656d9bcvjnbgheqhz2uek80000000qx0000000008aws
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:31 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            52192.168.2.54977513.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:31 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:31 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:31 GMT
            Content-Type: text/xml
            Content-Length: 419
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
            ETag: "0x8DC582B9FF95F80"
            x-ms-request-id: 16d3a614-701e-0032-288c-15a540000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165431Z-1767f7688dccc6lkbm0py95vf00000000r20000000005q4z
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:31 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


            Session IDSource IPSource PortDestination IPDestination Port
            53192.168.2.54977413.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:31 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:31 UTC470INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:31 GMT
            Content-Type: text/xml
            Content-Length: 477
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
            ETag: "0x8DC582BA48B5BDD"
            x-ms-request-id: 7be6821c-d01e-008e-398c-15387a000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165431Z-1767f7688dcxs7gvbd5dcgxeys0000000qk000000000aq9b
            x-fd-int-roxy-purgeid: 0
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:31 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            54192.168.2.54977613.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:31 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:31 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:31 GMT
            Content-Type: text/xml
            Content-Length: 472
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
            ETag: "0x8DC582BB650C2EC"
            x-ms-request-id: aa883537-b01e-0053-4c8c-15cdf8000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165431Z-r154656d9bc27nzfvdqr2guqt000000000h000000000ay8d
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:31 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


            Session IDSource IPSource PortDestination IPDestination Port
            55192.168.2.54977713.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:31 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net
            2024-10-06 16:54:31 UTC491INHTTP/1.1 200 OK
            Date: Sun, 06 Oct 2024 16:54:31 GMT
            Content-Type: text/xml
            Content-Length: 468
            Connection: close
            Cache-Control: public, max-age=604800, immutable
            Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
            ETag: "0x8DC582BB3EAF226"
            x-ms-request-id: cce0beff-001e-0082-398c-155880000000
            x-ms-version: 2018-03-28
            x-azure-ref: 20241006T165431Z-1767f7688dc7tjsxtc1ffgx97w0000000qz0000000001auy
            x-fd-int-roxy-purgeid: 0
            X-Cache-Info: L1_T2
            X-Cache: TCP_HIT
            Accept-Ranges: bytes
            2024-10-06 16:54:31 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
            Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


            Session IDSource IPSource PortDestination IPDestination Port
            56192.168.2.54977813.107.253.72443
            TimestampBytes transferredDirectionData
            2024-10-06 16:54:32 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
            Connection: Keep-Alive
            Accept-Encoding: gzip
            User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
            Host: otelrules.azureedge.net


            Statistics

            CPU Usage

            Click to jump to process

            Memory Usage

            Click to jump to process

            Behavior

            Click to jump to process

            System Behavior

            General

            Target ID:0
            Start time:12:54:01
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:2
            Start time:12:54:05
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=2000,i,4751949160752344263,348731842178357154,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:false

            General

            Target ID:3
            Start time:12:54:07
            Start date:06/10/2024
            Path:C:\Program Files\Google\Chrome\Application\chrome.exe
            Wow64 process (32bit):false
            Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-usps-qgleum.xyz/update/"
            Imagebase:0x7ff715980000
            File size:3'242'272 bytes
            MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
            Has elevated privileges:true
            Has administrator privileges:true
            Programmed in:C, C++ or other language
            Reputation:low
            Has exited:true

            Disassembly

            No disassembly