Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9

Overview

General Information

Sample URL:https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bff
Analysis ID:1541191
Infos:

Detection

Score:2
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Detected non-DNS traffic on DNS port
Detected suspicious crossdomain redirect
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

  • System is w10x64
  • chrome.exe (PID: 3320 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • chrome.exe (PID: 5620 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1936,i,17094413292302700489,7076371066922537553,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • chrome.exe (PID: 4776 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9rLCjHUvOPofo9kbFG_yCuTUfPY6UB7yZ5VxhRUVVgisgV7CtFVrxjgs1Dx8NjmnyzpnSVIv-2F-2B-2B7j2fu-2FYCagNFZJHRH19RPwY10f0pPoVHgwnfCVfMYlFqMrHnUU6GAuAouzjqh20ONbYN2VfftLDjoqAJGBN2kft-2Bv04fAoIy3MzG3kdrru9Yvxu0ygDfWuzlgjcvrxqBlkV4BY2mkCzwA5jBN5rjxz-2F-2BsyMnQfHWkNxjMIZv6IBWkL8j0xWgvEID-2F-2FdgkC79m6T4CLF4Ru4slCqOKEuK45ntF4FGnfu-2BxNk2Yj1VxgsHmsl4jo7NJJbvAyMZAVVI0boEhoqSUrvJbAEVFWFdB3lpZlsfcw-3D-3D" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
  • OUTLOOK.EXE (PID: 6432 cmdline: "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /ical "C:\Users\user\Downloads\EventCalendarServlet.ics" MD5: 91A5292942864110ED734005B7E005C0)
  • cleanup
No configs have been found
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 23.206.229.209:443 -> 192.168.2.9:49720 version: TLS 1.0
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.9:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.9:59895 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.9:59898 version: TLS 1.2
Source: global trafficTCP traffic: 192.168.2.9:59893 -> 162.159.36.2:53
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: email.sg.on24event.com to https://event.on24.com/eventregistration/eventcalendarservlet.ics?token=kftt50zsj17t2p9m38%2fn8wkm3iwib%2bqqrdfa4nwk4u3u0lazoob6jrby7waexx8g668bxath15qd32xtlryyow%3d%3d
Source: unknownHTTPS traffic detected: 23.206.229.209:443 -> 192.168.2.9:49720 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknownTCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
Source: global trafficHTTP traffic detected: GET /ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9rLCjHUvOPofo9kbFG_yCuTUfPY6UB7yZ5VxhRUVVgisgV7CtFVrxjgs1Dx8NjmnyzpnSVIv-2F-2B-2B7j2fu-2FYCagNFZJHRH19RPwY10f0pPoVHgwnfCVfMYlFqMrHnUU6GAuAouzjqh20ONbYN2VfftLDjoqAJGBN2kft-2Bv04fAoIy3MzG3kdrru9Yvxu0ygDfWuzlgjcvrxqBlkV4BY2mkCzwA5jBN5rjxz-2F-2BsyMnQfHWkNxjMIZv6IBWkL8j0xWgvEID-2F-2FdgkC79m6T4CLF4Ru4slCqOKEuK45ntF4FGnfu-2BxNk2Yj1VxgsHmsl4jo7NJJbvAyMZAVVI0boEhoqSUrvJbAEVFWFdB3lpZlsfcw-3D-3D HTTP/1.1Host: email.sg.on24event.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /eventRegistration/EventCalendarServlet.ics?token=kFTT50zSJ17t2P9m38%2FN8wKm3IwiB%2BqqrDFA4nWK4U3U0lAzoOb6Jrby7waexx8G668BXath15Qd32XtlryYow%3D%3D HTTP/1.1Host: event.on24.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=CPtZpdrxCupbKwW&MD=Rc5Ru4Zk HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=CPtZpdrxCupbKwW&MD=Rc5Ru4Zk HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficDNS traffic detected: DNS query: email.sg.on24event.com
Source: global trafficDNS traffic detected: DNS query: event.on24.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownHTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHContent-type: text/xmlX-Agent-DeviceId: 01000A4109008071X-BM-CBT: 1696497265X-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x984X-BM-DeviceDimensionsLogical: 784x984X-BM-DeviceScale: 100X-BM-DTZ: 60X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Device-ClientSession: 3967AB70E8E74431908B580AED7E67B3X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A4109008071X-MSEdge-ExternalExp: bfbwsbghf928t,bfbwsbrs0830tf,d-thshldspcl40,fliptrac6,optfsc,spofglclickserpf2,wsbqfasmsall_t,wsbqfminiserp600,wsbref-cX-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=0; DaylightBias=-60; TimeZoneKeyName=GMT Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comContent-Length: 516Connection: Keep-AliveCache-Control: no-cacheCookie: SRCHUID=V=2&GUID=507B984BF29F418EA13B8912FCE289B0&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231005; SRCHHPGUSR=SRCHLANG=en&LUT=1696497029183&IPMH=5c67ba25&IPMID=1696497265539&HV=1696497179; MUID=531305E83CE64DE088676FE94B9682C4; _SS=SID=3314E043C3866D730FEDF3E2C2436C30&CPID=1696497266478&AC=1&CPH=c11e7441; _EDGE_S=SID=3314E043C3866D730FEDF3E2C2436C30; MUIDB=531305E83CE64DE088676FE94B9682C4
Source: chromecache_61.1.dr, 097ea4c4-1015-45b1-b3db-829d6f27e0bd.tmp.0.drString found in binary or memory: http://event.on24.com/utils/test/testYourSystem.html?eventid=4722034&sessionid=1&key=261F9AAF3C393FC
Source: chromecache_61.1.dr, 097ea4c4-1015-45b1-b3db-829d6f27e0bd.tmp.0.drString found in binary or memory: https://event.on24.com/wcc/r/4722034/261F9AAF3C393FCA6149DB1F700CA1E1
Source: unknownNetwork traffic detected: HTTP traffic on port 59949 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59926 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59970 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59947
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59946
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59949
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59948
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59943
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59942
Source: unknownNetwork traffic detected: HTTP traffic on port 59898 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59945
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59944
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59950
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59935 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59958 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59912 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59952
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59951
Source: unknownNetwork traffic detected: HTTP traffic on port 59929 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59961 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59906 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59969 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59923 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59944 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59973 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59958
Source: unknownNetwork traffic detected: HTTP traffic on port 59952 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59957
Source: unknownNetwork traffic detected: HTTP traffic on port 59917 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59959
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59954
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59953
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59956
Source: unknownNetwork traffic detected: HTTP traffic on port 59895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59961
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59960
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59963
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59962
Source: unknownNetwork traffic detected: HTTP traffic on port 59938 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59941 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59903 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59976 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59920 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 59947 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59972 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59953 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59969
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59968
Source: unknownNetwork traffic detected: HTTP traffic on port 59930 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59914 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59965
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59964
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59967
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59966
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59972
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59971
Source: unknownNetwork traffic detected: HTTP traffic on port 59908 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59974
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59973
Source: unknownNetwork traffic detected: HTTP traffic on port 59956 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59970
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 59927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59925 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59950 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59967 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59975 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59976
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59975
Source: unknownNetwork traffic detected: HTTP traffic on port 59936 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59964 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 59922 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59907
Source: unknownNetwork traffic detected: HTTP traffic on port 59968 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59974 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59906
Source: unknownNetwork traffic detected: HTTP traffic on port 49676 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59951 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59909
Source: unknownNetwork traffic detected: HTTP traffic on port 59945 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59908
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59903
Source: unknownNetwork traffic detected: HTTP traffic on port 59916 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59902
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59905
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59904
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59901
Source: unknownNetwork traffic detected: HTTP traffic on port 59954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59939 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59942 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59902 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59918
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59917
Source: unknownNetwork traffic detected: HTTP traffic on port 59948 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59919
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59914
Source: unknownNetwork traffic detected: HTTP traffic on port 59965 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59913
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59916
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59915
Source: unknownNetwork traffic detected: HTTP traffic on port 59931 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59910
Source: unknownNetwork traffic detected: HTTP traffic on port 59913 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59912
Source: unknownNetwork traffic detected: HTTP traffic on port 59934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59959 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59907 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59962 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59924 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59929
Source: unknownNetwork traffic detected: HTTP traffic on port 59918 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59928
Source: unknownNetwork traffic detected: HTTP traffic on port 59943 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59966 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59925
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59924
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59927
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59926
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59921
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59920
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59923
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59922
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59895
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59910 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59930
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59897
Source: unknownNetwork traffic detected: HTTP traffic on port 59937 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59963 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59904 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59940 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59939
Source: unknownNetwork traffic detected: HTTP traffic on port 59946 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59971 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59936
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59935
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59938
Source: unknownNetwork traffic detected: HTTP traffic on port 59915 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59937
Source: unknownNetwork traffic detected: HTTP traffic on port 59897 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59932
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59898
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59931
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59934
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59933
Source: unknownNetwork traffic detected: HTTP traffic on port 59909 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59960 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59941
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 59940
Source: unknownNetwork traffic detected: HTTP traffic on port 59932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59957 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 59901 -> 443
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.9:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.9:59895 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.9:59898 version: TLS 1.2
Source: classification engineClassification label: clean2.win@18/12@6/6
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEFile created: C:\Users\user\AppData\Local\Temp\Outlook Logging\Jump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1936,i,17094413292302700489,7076371066922537553,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9rLCjHUvOPofo9kbFG_yCuTUfPY6UB7yZ5VxhRUVVgisgV7CtFVrxjgs1Dx8NjmnyzpnSVIv-2F-2B-2B7j2fu-2FYCagNFZJHRH19RPwY10f0pPoVHgwnfCVfMYlFqMrHnUU6GAuAouzjqh20ONbYN2VfftLDjoqAJGBN2kft-2Bv04fAoIy3MzG3kdrru9Yvxu0ygDfWuzlgjcvrxqBlkV4BY2mkCzwA5jBN5rjxz-2F-2BsyMnQfHWkNxjMIZv6IBWkL8j0xWgvEID-2F-2FdgkC79m6T4CLF4Ru4slCqOKEuK45ntF4FGnfu-2BxNk2Yj1VxgsHmsl4jo7NJJbvAyMZAVVI0boEhoqSUrvJbAEVFWFdB3lpZlsfcw-3D-3D"
Source: unknownProcess created: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /ical "C:\Users\user\Downloads\EventCalendarServlet.ics"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1936,i,17094413292302700489,7076371066922537553,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\CommonJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXEProcess information set: NOOPENFILEERRORBOXJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder
1
Process Injection
1
Masquerading
OS Credential Dumping1
System Information Discovery
Remote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer
Traffic DuplicationData Destruction
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.210.172
truefalse
    unknown
    s-part-0017.t-0009.t-msedge.net
    13.107.246.45
    truefalse
      unknown
      www.google.com
      142.250.185.164
      truefalse
        unknown
        r-email.sg.on24event.com
        199.83.44.68
        truefalse
          unknown
          r-event.on24.com
          199.83.44.71
          truefalse
            unknown
            event.on24.com
            unknown
            unknownfalse
              unknown
              email.sg.on24event.com
              unknown
              unknownfalse
                unknown
                NameMaliciousAntivirus DetectionReputation
                https://event.on24.com/eventRegistration/EventCalendarServlet.ics?token=kFTT50zSJ17t2P9m38%2FN8wKm3IwiB%2BqqrDFA4nWK4U3U0lAzoOb6Jrby7waexx8G668BXath15Qd32XtlryYow%3D%3Dfalse
                  unknown
                  https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9rLCjHUvOPofo9kbFG_yCuTUfPY6UB7yZ5VxhRUVVgisgV7CtFVrxjgs1Dx8NjmnyzpnSVIv-2F-2B-2B7j2fu-2FYCagNFZJHRH19RPwY10f0pPoVHgwnfCVfMYlFqMrHnUU6GAuAouzjqh20ONbYN2VfftLDjoqAJGBN2kft-2Bv04fAoIy3MzG3kdrru9Yvxu0ygDfWuzlgjcvrxqBlkV4BY2mkCzwA5jBN5rjxz-2F-2BsyMnQfHWkNxjMIZv6IBWkL8j0xWgvEID-2F-2FdgkC79m6T4CLF4Ru4slCqOKEuK45ntF4FGnfu-2BxNk2Yj1VxgsHmsl4jo7NJJbvAyMZAVVI0boEhoqSUrvJbAEVFWFdB3lpZlsfcw-3D-3Dfalse
                    unknown
                    NameSourceMaliciousAntivirus DetectionReputation
                    http://event.on24.com/utils/test/testYourSystem.html?eventid=4722034&sessionid=1&key=261F9AAF3C393FCchromecache_61.1.dr, 097ea4c4-1015-45b1-b3db-829d6f27e0bd.tmp.0.drfalse
                      unknown
                      https://event.on24.com/wcc/r/4722034/261F9AAF3C393FCA6149DB1F700CA1E1chromecache_61.1.dr, 097ea4c4-1015-45b1-b3db-829d6f27e0bd.tmp.0.drfalse
                        unknown
                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs
                        IPDomainCountryFlagASNASN NameMalicious
                        239.255.255.250
                        unknownReserved
                        unknownunknownfalse
                        199.83.44.71
                        r-event.on24.comUnited States
                        18742ON24-SACUSfalse
                        142.250.185.164
                        www.google.comUnited States
                        15169GOOGLEUSfalse
                        199.83.44.68
                        r-email.sg.on24event.comUnited States
                        18742ON24-SACUSfalse
                        IP
                        192.168.2.16
                        192.168.2.9
                        Joe Sandbox version:41.0.0 Charoite
                        Analysis ID:1541191
                        Start date and time:2024-10-24 15:05:44 +02:00
                        Joe Sandbox product:CloudBasic
                        Overall analysis duration:0h 3m 25s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:browseurl.jbs
                        Sample URL:https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9rLCjHUvOPofo9kbFG_yCuTUfPY6UB7yZ5VxhRUVVgisgV7CtFVrxjgs1Dx8NjmnyzpnSVIv-2F-2B-2B7j2fu-2FYCagNFZJHRH19RPwY10f0pPoVHgwnfCVfMYlFqMrHnUU6GAuAouzjqh20ONbYN2VfftLDjoqAJGBN2kft-2Bv04fAoIy3MzG3kdrru9Yvxu0ygDfWuzlgjcvrxqBlkV4BY2mkCzwA5jBN5rjxz-2F-2BsyMnQfHWkNxjMIZv6IBWkL8j0xWgvEID-2F-2FdgkC79m6T4CLF4Ru4slCqOKEuK45ntF4FGnfu-2BxNk2Yj1VxgsHmsl4jo7NJJbvAyMZAVVI0boEhoqSUrvJbAEVFWFdB3lpZlsfcw-3D-3D
                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                        Number of analysed new started processes analysed:9
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Detection:CLEAN
                        Classification:clean2.win@18/12@6/6
                        EGA Information:Failed
                        HCA Information:
                        • Successful, ratio: 100%
                        • Number of executed functions: 0
                        • Number of non-executed functions: 0
                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe
                        • Excluded IPs from analysis (whitelisted): 142.250.185.67, 142.250.185.142, 173.194.76.84, 34.104.35.123, 192.229.221.95, 199.232.210.172, 13.85.23.206, 13.95.31.18, 142.250.181.227, 93.184.221.240
                        • Excluded domains from analysis (whitelisted): accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, 7.4.8.4.4.3.1.4.0.0.0.0.0.0.0.0.0.0.0.a.0.0.1.f.1.1.1.0.1.0.a.2.ip6.arpa, otelrules.afd.azureedge.net, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, update.googleapis.com, hlb.apr-52dd2-0.edgecastdns.net, azureedge-t-prod.trafficmanager.net, clients.l.google.com, wu-b-net.trafficmanager.net
                        • Not all processes where analyzed, report is missing behavior information
                        • Report size getting too big, too many NtSetInformationFile calls found.
                        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                        • VT rate limit hit for: https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9rLCjHUvOPofo9kbFG_yCuTUfPY6UB7yZ5VxhRUVVgisgV7CtFVrxjgs1Dx8NjmnyzpnSVIv-2F-2B-2B7j2fu-2FYCagNFZJHRH19RPwY10f0pPoVHgwnfCVfMYlFqMrHnUU6GAuAouzjqh20ONbYN2VfftLDjoqAJGBN2kft-2Bv04fAoIy3MzG3kdrru9Yvxu0ygDfWuzlgjcvrxqBlkV4BY2mkCzwA5jBN5rjxz-2F-2BsyMnQfHWkNxjMIZv6IBWkL8j0xWgvEID-2F-2FdgkC79m6T4CLF4Ru4slCqOKEuK45ntF4FGnfu-2BxNk2Yj1VxgsHmsl4jo7NJJbvAyMZAVVI0boEhoqSUrvJbAEVFWFdB3lpZlsfcw-3D-3D
                        No simulations
                        No context
                        No context
                        No context
                        No context
                        No context
                        Process:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                        File Type:data
                        Category:dropped
                        Size (bytes):4096
                        Entropy (8bit):1.2553565515864111
                        Encrypted:false
                        SSDEEP:12:nwPqF69Fq5T7NslPlaMsQ11xwpTSAljlaVZ:wP1X9la4Hx8TS2lO
                        MD5:3C1CD28788D880E96BA19CE5EB6C2D6F
                        SHA1:46FE8D6635508D9A9FD3F12F5BB0B09CF773132C
                        SHA-256:90F3E4512757A714472E9B159B3EF9EEC6A7EF629AB4B7E8126334CFC9096E8F
                        SHA-512:83721CEC4604504AE51B8ECF38A552EFE22924CE602D6F9473354A30B366CFF25DA636AC49275CF5F97EF548C9B3B9FF1A87BE2AA04777B4BFA15D60A248FE3C
                        Malicious:false
                        Reputation:low
                        Preview:............................................................................`....... ....j...&..................eJ..............Zb..2...................................,...@.t.z.r.e.s...d.l.l.,.-.1.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.1.1.1...........................................................`..b............j...&..........v.2._.O.U.T.L.O.O.K.:.1.9.2.0.:.2.0.e.c.7.5.9.b.0.4.0.f.4.4.2.7.a.a.6.8.5.3.b.3.6.a.4.1.3.0.0.0...C.:.\.U.s.e.r.s.\.t.i.n.a.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.O.u.t.l.o.o.k. .L.o.g.g.i.n.g.\.O.U.T.L.O.O.K._.1.6._.0._.1.6.8.2.7._.2.0.1.3.0.-.2.0.2.4.1.0.2.4.T.0.9.0.8.1.4.0.1.6.5.-.6.4.3.2...e.t.l.......P.P..... ....j...&..........................................................................................................................................................................................................................................................................................................
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 12:06:59 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2673
                        Entropy (8bit):3.979197002739469
                        Encrypted:false
                        SSDEEP:48:8tdQT8JHTidAKZdA1P4ehwiZUklqehqy+3:8wIHOpy
                        MD5:2C876B789E4B9760BDA9CFE4E60B1F26
                        SHA1:13EB433769F99AC847A8B88C570A8AB43906CB6E
                        SHA-256:10F0385467EB57EA558398923DEFEC7C65972586E3AB90A21F6D29AF0BFB5CB8
                        SHA-512:31707B2DE4B4A6921D1A63EF0F3B58C0520002A993DAD27337F0BB497E5C91BDF9EF7128C77B8E356624E79EC3955D99E63378CC53CE4C826386CD6C7FFE8FCA
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,....0~K..&....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.IXY.h....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.h....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.VXY.h....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.VXY.h.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VXY.h...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Z.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 12:06:59 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2675
                        Entropy (8bit):3.996574736098408
                        Encrypted:false
                        SSDEEP:48:8mdQT8JHTidAKZdA1+4eh/iZUkAQkqehZy+2:8pIWF9QQy
                        MD5:5C55C5A21D18CCC7AD1E3A41B68667DF
                        SHA1:919E4DD7EF8EF9C47F83EDB81F01DF3AF098C9E1
                        SHA-256:736F566547726B1A2286D1D22C68F97C57373B5EF927D57D2981551F07FF531C
                        SHA-512:C355D1CA36066B6A0D1FAAF54F26CB3E8FB9E1D5748EDE737B0F6717C9CFD65FBEA9A44BEF99699A332732F6BE1113A033FDAD0968E9AFF0CDF03AFCBAED866E
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,......3..&....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.IXY.h....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.h....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.VXY.h....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.VXY.h.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VXY.h...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Z.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:56:51 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2689
                        Entropy (8bit):4.004840831397033
                        Encrypted:false
                        SSDEEP:48:8sdQT8VHTidAKZdA1404eh7sFiZUkmgqeh7sny+BX:8TIXIn1y
                        MD5:AB21FC7EE8531C393E1165503E19A370
                        SHA1:C8684A7540D6C0FCFB28D00AB46A171195AE91E7
                        SHA-256:402F2E9F39FD8476EA9969E2B7DE4CF04F574DDC1947D54173D374139AB42356
                        SHA-512:48634CAD132BD3D426F78FE9721D1ED7E299F963E4E6BEC94F5016C99F9FA173C23CB2DEA7B4871F9B9171F395D47C87AB8CBA5774639B81CD1AE18671C9C6D4
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,.....<}.i.....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.IXY.h....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.h....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.VXY.h....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.VXY.h.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VEW.F...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Z.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 12:06:59 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2677
                        Entropy (8bit):3.9935976351099995
                        Encrypted:false
                        SSDEEP:48:8XwdQT8JHTidAKZdA1p4ehDiZUkwqehNy+R:8XIh5/y
                        MD5:C41039AFEFE9D4F8E1E6955B5D96AA38
                        SHA1:5893D025962AABF9C59ACD003456AF02762A9F47
                        SHA-256:A473DD05BF30DFD3A6A4F214D2EC5DAE7EE6C2451C21D9F3C5B6691572792471
                        SHA-512:69442F55FB1912B3E563F954CCCDBC6404DF9AB790794E35B808A2A467C17597CC3D301FEEF19DE6F8C211EE5072DBDAD562B303C5EEE46E3F46A5FDB9AD53B0
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,......,..&....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.IXY.h....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.h....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.VXY.h....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.VXY.h.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VXY.h...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Z.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 12:06:59 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2677
                        Entropy (8bit):3.9830920789440243
                        Encrypted:false
                        SSDEEP:48:8GdQT8JHTidAKZdA1X4ehBiZUk1W1qehDy+C:8JIfb9jy
                        MD5:DF0F1F0662F607943BBE3E958E97A675
                        SHA1:4B562DA612087369D88A53A23BA4A1C407D2C484
                        SHA-256:42D926DED9409E8A74B9B51F23A34641756D7749E1073D5913E874A86EA586A9
                        SHA-512:1B1C597E1BF22BAAE1587BF06669664D052F0A9B37F45B5A880A95C9FB89EC8852FE48982613BDC22E0DBACC153C7059FC892DB50EEBFDBBCF097E3A2BF0DBF7
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,......:..&....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.IXY.h....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.h....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.VXY.h....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.VXY.h.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VXY.h...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Z.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 12:06:59 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide
                        Category:dropped
                        Size (bytes):2679
                        Entropy (8bit):3.991503855729137
                        Encrypted:false
                        SSDEEP:48:8RPdQT8JHTidAKZdA1duTc4ehOuTbbiZUk5OjqehOuTb1y+yT+:8RGIoTcJTbxWOvTb1y7T
                        MD5:0AD9EB407FD35AD9FA58EEB1FE6ADA37
                        SHA1:DD85021DF07621D1C5D0970A82ECEA318E9906CC
                        SHA-256:8DC014F7AA0A8B8F929BFCF905D39EAAE16F04696C8251281A48FFD9C2E52CB2
                        SHA-512:2F5124C5DD6D35A6ACA395621EC140E3ECA81EF1B74C418403DA9A0ACBCCF408E8BEF407F7779CDEB16DD99B98E6828CAD3C73CF085B7F9DEDDD08684326024E
                        Malicious:false
                        Reputation:low
                        Preview:L..................F.@.. ...$+.,.....2...&....v'&... w......................1....P.O. .:i.....+00.../C:\.....................1.....EW.I..PROGRA~1..t......O.IXY.h....B...............J.....\...P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VXY.h....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.F..Chrome..>......CW.VXY.h....M......................O..C.h.r.o.m.e.....`.1.....EW.F..APPLIC~1..H......CW.VXY.h.............................A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.L .CHROME~1.EXE..R......CW.VXY.h...........................).c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........Z.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:vCalendar calendar file
                        Category:dropped
                        Size (bytes):1105
                        Entropy (8bit):5.601905597557794
                        Encrypted:false
                        SSDEEP:24:ERV+vV+9f6g2rbMJ1SWj8jZOFEOGv13C6TuSLUJSdESJZLUcojQfNvnjP:ERWUf92rbesc0BOm13C675z7Hos9jP
                        MD5:193B21152CC61C6E2475C38B2AFF669A
                        SHA1:9E4381C5004704A2DF2A9C689D385D18E750D64D
                        SHA-256:4F376E789585D64622AB840395AF141CD295C6C632D5E317BB499885FC44248D
                        SHA-512:15E71697C2C2DA67256AA308FBCA0E9D1CA6FCB592D6EAEB6D80EB21587EE54B48460BBA3547D2D64AAD8DACA7231FCFFD067125F088B2CF46C890F30732E7E1
                        Malicious:false
                        Reputation:low
                        Preview:BEGIN:VCALENDAR.PRODID:-//ON24 Corporation//ON24 Corporation//EN.VERSION:2.0.METHOD:PUBLISH.BEGIN:VEVENT.DTSTART:20241107T180000Z.DTEND:20241107T190000Z.LOCATION:Optum Webinar .TRANSP:OPAQUE.UID:39060177420241024T130700Z.DTSTAMP:20241024T130701Z.SUMMARY:Optum Payer Monthly PPS PRS Webinar.DESCRIPTION:Thank you for registering for Optum Payer Monthly PPS PRS Webinar. \n\nLIVE WEBINAR DATE: November 07, 2024 \nLIVE WEBINAR TIME: 01:00 PM EST \n\nUse the link below to enter the webinar up to 15 minutes before the start. \n\nWEBINAR LINK: https://event.on24.com/wcc/r/4722034/261F9AAF3C393FCA6149DB1F700CA1E1 \n\n\nSYSTEM TEST: Test your computer to make sure you meet the minimum technical requirements. \nTest Your System: http://event.on24.com/utils/test/testYourSystem.html?eventid=4722034&sessionid=1&key=261F9AAF3C393FCA6149DB1F700CA1E1&checkBrowser=true&checkOS=true&checkBandwidth=true&checkCookie=true&ngwebcast=true&ngwebcast=true \n\n\nThank you and enjoy the webinar!.PRIORITY:5.CLA
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:vCalendar calendar file
                        Category:dropped
                        Size (bytes):1105
                        Entropy (8bit):5.601905597557794
                        Encrypted:false
                        SSDEEP:24:ERV+vV+9f6g2rbMJ1SWj8jZOFEOGv13C6TuSLUJSdESJZLUcojQfNvnjP:ERWUf92rbesc0BOm13C675z7Hos9jP
                        MD5:193B21152CC61C6E2475C38B2AFF669A
                        SHA1:9E4381C5004704A2DF2A9C689D385D18E750D64D
                        SHA-256:4F376E789585D64622AB840395AF141CD295C6C632D5E317BB499885FC44248D
                        SHA-512:15E71697C2C2DA67256AA308FBCA0E9D1CA6FCB592D6EAEB6D80EB21587EE54B48460BBA3547D2D64AAD8DACA7231FCFFD067125F088B2CF46C890F30732E7E1
                        Malicious:false
                        Reputation:low
                        Preview:BEGIN:VCALENDAR.PRODID:-//ON24 Corporation//ON24 Corporation//EN.VERSION:2.0.METHOD:PUBLISH.BEGIN:VEVENT.DTSTART:20241107T180000Z.DTEND:20241107T190000Z.LOCATION:Optum Webinar .TRANSP:OPAQUE.UID:39060177420241024T130700Z.DTSTAMP:20241024T130701Z.SUMMARY:Optum Payer Monthly PPS PRS Webinar.DESCRIPTION:Thank you for registering for Optum Payer Monthly PPS PRS Webinar. \n\nLIVE WEBINAR DATE: November 07, 2024 \nLIVE WEBINAR TIME: 01:00 PM EST \n\nUse the link below to enter the webinar up to 15 minutes before the start. \n\nWEBINAR LINK: https://event.on24.com/wcc/r/4722034/261F9AAF3C393FCA6149DB1F700CA1E1 \n\n\nSYSTEM TEST: Test your computer to make sure you meet the minimum technical requirements. \nTest Your System: http://event.on24.com/utils/test/testYourSystem.html?eventid=4722034&sessionid=1&key=261F9AAF3C393FCA6149DB1F700CA1E1&checkBrowser=true&checkOS=true&checkBandwidth=true&checkCookie=true&ngwebcast=true&ngwebcast=true \n\n\nThank you and enjoy the webinar!.PRIORITY:5.CLA
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:vCalendar calendar file
                        Category:dropped
                        Size (bytes):1105
                        Entropy (8bit):5.601905597557794
                        Encrypted:false
                        SSDEEP:24:ERV+vV+9f6g2rbMJ1SWj8jZOFEOGv13C6TuSLUJSdESJZLUcojQfNvnjP:ERWUf92rbesc0BOm13C675z7Hos9jP
                        MD5:193B21152CC61C6E2475C38B2AFF669A
                        SHA1:9E4381C5004704A2DF2A9C689D385D18E750D64D
                        SHA-256:4F376E789585D64622AB840395AF141CD295C6C632D5E317BB499885FC44248D
                        SHA-512:15E71697C2C2DA67256AA308FBCA0E9D1CA6FCB592D6EAEB6D80EB21587EE54B48460BBA3547D2D64AAD8DACA7231FCFFD067125F088B2CF46C890F30732E7E1
                        Malicious:false
                        Reputation:low
                        Preview:BEGIN:VCALENDAR.PRODID:-//ON24 Corporation//ON24 Corporation//EN.VERSION:2.0.METHOD:PUBLISH.BEGIN:VEVENT.DTSTART:20241107T180000Z.DTEND:20241107T190000Z.LOCATION:Optum Webinar .TRANSP:OPAQUE.UID:39060177420241024T130700Z.DTSTAMP:20241024T130701Z.SUMMARY:Optum Payer Monthly PPS PRS Webinar.DESCRIPTION:Thank you for registering for Optum Payer Monthly PPS PRS Webinar. \n\nLIVE WEBINAR DATE: November 07, 2024 \nLIVE WEBINAR TIME: 01:00 PM EST \n\nUse the link below to enter the webinar up to 15 minutes before the start. \n\nWEBINAR LINK: https://event.on24.com/wcc/r/4722034/261F9AAF3C393FCA6149DB1F700CA1E1 \n\n\nSYSTEM TEST: Test your computer to make sure you meet the minimum technical requirements. \nTest Your System: http://event.on24.com/utils/test/testYourSystem.html?eventid=4722034&sessionid=1&key=261F9AAF3C393FCA6149DB1F700CA1E1&checkBrowser=true&checkOS=true&checkBandwidth=true&checkCookie=true&ngwebcast=true&ngwebcast=true \n\n\nThank you and enjoy the webinar!.PRIORITY:5.CLA
                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                        File Type:vCalendar calendar file
                        Category:downloaded
                        Size (bytes):1105
                        Entropy (8bit):5.601905597557794
                        Encrypted:false
                        SSDEEP:24:ERV+vV+9f6g2rbMJ1SWj8jZOFEOGv13C6TuSLUJSdESJZLUcojQfNvnjP:ERWUf92rbesc0BOm13C675z7Hos9jP
                        MD5:193B21152CC61C6E2475C38B2AFF669A
                        SHA1:9E4381C5004704A2DF2A9C689D385D18E750D64D
                        SHA-256:4F376E789585D64622AB840395AF141CD295C6C632D5E317BB499885FC44248D
                        SHA-512:15E71697C2C2DA67256AA308FBCA0E9D1CA6FCB592D6EAEB6D80EB21587EE54B48460BBA3547D2D64AAD8DACA7231FCFFD067125F088B2CF46C890F30732E7E1
                        Malicious:false
                        Reputation:low
                        URL:https://event.on24.com/eventRegistration/EventCalendarServlet.ics?token=kFTT50zSJ17t2P9m38%2FN8wKm3IwiB%2BqqrDFA4nWK4U3U0lAzoOb6Jrby7waexx8G668BXath15Qd32XtlryYow%3D%3D
                        Preview:BEGIN:VCALENDAR.PRODID:-//ON24 Corporation//ON24 Corporation//EN.VERSION:2.0.METHOD:PUBLISH.BEGIN:VEVENT.DTSTART:20241107T180000Z.DTEND:20241107T190000Z.LOCATION:Optum Webinar .TRANSP:OPAQUE.UID:39060177420241024T130700Z.DTSTAMP:20241024T130701Z.SUMMARY:Optum Payer Monthly PPS PRS Webinar.DESCRIPTION:Thank you for registering for Optum Payer Monthly PPS PRS Webinar. \n\nLIVE WEBINAR DATE: November 07, 2024 \nLIVE WEBINAR TIME: 01:00 PM EST \n\nUse the link below to enter the webinar up to 15 minutes before the start. \n\nWEBINAR LINK: https://event.on24.com/wcc/r/4722034/261F9AAF3C393FCA6149DB1F700CA1E1 \n\n\nSYSTEM TEST: Test your computer to make sure you meet the minimum technical requirements. \nTest Your System: http://event.on24.com/utils/test/testYourSystem.html?eventid=4722034&sessionid=1&key=261F9AAF3C393FCA6149DB1F700CA1E1&checkBrowser=true&checkOS=true&checkBandwidth=true&checkCookie=true&ngwebcast=true&ngwebcast=true \n\n\nThank you and enjoy the webinar!.PRIORITY:5.CLA
                        No static file info
                        Icon Hash:00b29a8e86828200
                        TimestampSource PortDest PortSource IPDest IP
                        Oct 24, 2024 15:06:45.436800957 CEST49676443192.168.2.923.206.229.209
                        Oct 24, 2024 15:06:45.436924934 CEST49675443192.168.2.923.206.229.209
                        Oct 24, 2024 15:06:45.468039036 CEST49674443192.168.2.923.206.229.209
                        Oct 24, 2024 15:06:51.331382990 CEST49677443192.168.2.920.189.173.11
                        Oct 24, 2024 15:06:55.089636087 CEST49676443192.168.2.923.206.229.209
                        Oct 24, 2024 15:06:55.089663982 CEST49675443192.168.2.923.206.229.209
                        Oct 24, 2024 15:06:55.089797974 CEST49674443192.168.2.923.206.229.209
                        Oct 24, 2024 15:06:56.848407984 CEST4434970423.206.229.209192.168.2.9
                        Oct 24, 2024 15:06:56.848517895 CEST49704443192.168.2.923.206.229.209
                        Oct 24, 2024 15:06:59.278163910 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:06:59.278220892 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:06:59.278297901 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:06:59.278625011 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:06:59.278671980 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:06:59.278728962 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:06:59.278842926 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:06:59.278856039 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:06:59.279026985 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:06:59.279040098 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.084569931 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.085167885 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.085189104 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.086241007 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.086319923 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.087434053 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.087496042 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.087734938 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.087742090 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.090205908 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.090403080 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.090430975 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.091712952 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.091783047 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.096339941 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.096415043 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.136614084 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.136626005 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.136663914 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.183464050 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.287029028 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.287743092 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.287771940 CEST44349714199.83.44.68192.168.2.9
                        Oct 24, 2024 15:07:00.287844896 CEST49714443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:00.299249887 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:00.299295902 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:00.299374104 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:00.299577951 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:00.299592972 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:00.944268942 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:00.944880962 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:00.944900036 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:00.945939064 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:00.946048975 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:00.947359085 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:00.947459936 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:00.947582960 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:00.947592020 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:00.995949984 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:01.191515923 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:01.191606998 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:01.191684008 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:01.193367958 CEST49716443192.168.2.9199.83.44.71
                        Oct 24, 2024 15:07:01.193387985 CEST44349716199.83.44.71192.168.2.9
                        Oct 24, 2024 15:07:01.444864988 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:01.444906950 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:01.445072889 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:01.445198059 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:01.445209026 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:02.313536882 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:02.318434000 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:02.318463087 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:02.319770098 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:02.319849014 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:02.331480026 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:02.331727028 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:02.371922970 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:02.371952057 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:02.413412094 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:06.013745070 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:06.013786077 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:06.013853073 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:06.017288923 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:06.017306089 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:06.805947065 CEST49704443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:06.806842089 CEST49704443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:06.810787916 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:06.810846090 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:06.810925961 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:06.811367035 CEST4434970423.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:06.812211037 CEST4434970423.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:06.813164949 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:06.813175917 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.111078978 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:07.111202002 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:07.128206015 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:07.128233910 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:07.128498077 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:07.177762985 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:07.484004974 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.484088898 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:07.503149986 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:07.503180981 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.504416943 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.504488945 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:07.505132914 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:07.505196095 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.505460024 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:07.551332951 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.758970022 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.759030104 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:07.759736061 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.759804010 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:07.759826899 CEST4434972023.206.229.209192.168.2.9
                        Oct 24, 2024 15:07:07.759875059 CEST49720443192.168.2.923.206.229.209
                        Oct 24, 2024 15:07:08.067229986 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:08.111335993 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.429083109 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.429111004 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.429117918 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.429127932 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.429148912 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.429341078 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:08.429354906 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.429366112 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.429608107 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:08.541606903 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.541666985 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:08.541723967 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:09.063936949 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:09.063936949 CEST49719443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:09.063961983 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:09.063973904 CEST443497194.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:12.333949089 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:12.334017992 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:12.334073067 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:13.715063095 CEST49717443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:07:13.715087891 CEST44349717142.250.185.164192.168.2.9
                        Oct 24, 2024 15:07:35.500432968 CEST5989353192.168.2.9162.159.36.2
                        Oct 24, 2024 15:07:35.505918980 CEST5359893162.159.36.2192.168.2.9
                        Oct 24, 2024 15:07:35.506004095 CEST5989353192.168.2.9162.159.36.2
                        Oct 24, 2024 15:07:35.506112099 CEST5989353192.168.2.9162.159.36.2
                        Oct 24, 2024 15:07:35.511424065 CEST5359893162.159.36.2192.168.2.9
                        Oct 24, 2024 15:07:36.111098051 CEST5359893162.159.36.2192.168.2.9
                        Oct 24, 2024 15:07:36.125813961 CEST5989353192.168.2.9162.159.36.2
                        Oct 24, 2024 15:07:36.131676912 CEST5359893162.159.36.2192.168.2.9
                        Oct 24, 2024 15:07:36.131733894 CEST5989353192.168.2.9162.159.36.2
                        Oct 24, 2024 15:07:36.516923904 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:36.516961098 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:36.517015934 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:36.517554998 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:36.517571926 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:37.673362017 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:37.673445940 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:37.676603079 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:37.676609993 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:37.676922083 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:37.681602001 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:37.723334074 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.043266058 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.043306112 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.043334007 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.043387890 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:38.043402910 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.043437958 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:38.043461084 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:38.045126915 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.045173883 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.045226097 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:38.045234919 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.045284986 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:38.047657967 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:38.047667980 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.047903061 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.047918081 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:38.047951937 CEST443598954.245.163.56192.168.2.9
                        Oct 24, 2024 15:07:38.048001051 CEST59895443192.168.2.94.245.163.56
                        Oct 24, 2024 15:07:45.148617029 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:07:45.148632050 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:08:01.567805052 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:08:01.567907095 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:08:01.568123102 CEST59897443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:08:01.568129063 CEST44349713199.83.44.68192.168.2.9
                        Oct 24, 2024 15:08:01.568164110 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:01.568232059 CEST59897443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:08:01.569835901 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:08:01.569835901 CEST49713443192.168.2.9199.83.44.68
                        Oct 24, 2024 15:08:01.573246956 CEST59897443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:08:01.573260069 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:02.437978983 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:02.438376904 CEST59897443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:08:02.438385963 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:02.438733101 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:02.439091921 CEST59897443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:08:02.439160109 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:02.482439041 CEST59897443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:08:07.338828087 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:07.338869095 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:07.338951111 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:07.339375019 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:07.339385986 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.076229095 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.076304913 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.078339100 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.078349113 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.078643084 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.090050936 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.131335020 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.314330101 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.314372063 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.314407110 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.314440012 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.314464092 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.314498901 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.314517975 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.336771965 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.336807966 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.336874962 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.336893082 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.337137938 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.431885004 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.431921959 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.432044029 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.432044029 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.432064056 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.432276011 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.453218937 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.453246117 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.453648090 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.453660965 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.453856945 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.454912901 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.454937935 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.455014944 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.455014944 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.455020905 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.455374956 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.456617117 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.456634998 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.456712961 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.456718922 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.456902981 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.549395084 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.549418926 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.549732924 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.549747944 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.552968979 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.570012093 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.570033073 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.570277929 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.570286989 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.570549965 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.571228981 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.571280956 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.571367979 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.571367979 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.571376085 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.572105885 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.572124004 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.572206974 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.572206974 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.572215080 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.572360039 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.573163986 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.573179007 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.573291063 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.573297024 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.573626041 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.574717999 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.574733019 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.574891090 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.574896097 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.575653076 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.575690031 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.575706005 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.575804949 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.575804949 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.575812101 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.576076031 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.665968895 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.666102886 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.666160107 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.666786909 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.667049885 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.667049885 CEST59898443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.667068958 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.667081118 CEST4435989813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.720294952 CEST59901443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.720350027 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.720828056 CEST59901443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.720835924 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.720885038 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.721167088 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.723189116 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.723212004 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.723428965 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.725182056 CEST59905443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.725191116 CEST59904443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.725209951 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.725233078 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.725578070 CEST59905443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.725579977 CEST59904443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.725584030 CEST59901443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.725606918 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.726953983 CEST59905443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.726967096 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.727070093 CEST59904443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.727085114 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.727384090 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.727397919 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:08.727410078 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:08.727413893 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.456609011 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.457349062 CEST59901443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.457374096 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.459713936 CEST59901443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.459729910 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.470024109 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.470347881 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.470787048 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.470789909 CEST59905443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.470809937 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.470812082 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.471266031 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.471271992 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.471621037 CEST59905443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.471626043 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.472315073 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.472656965 CEST59904443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.472681999 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.473316908 CEST59904443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.473321915 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.480093956 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.480645895 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.480664015 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.481070042 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.481076002 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.587104082 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.587250948 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.587342978 CEST59901443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.588713884 CEST59901443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.588732004 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.588793039 CEST59901443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.588799953 CEST4435990113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.595161915 CEST59906443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.595201969 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.595274925 CEST59906443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.595781088 CEST59906443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.595793009 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.601636887 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.601933002 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.601984978 CEST59905443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.603352070 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.603379011 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.603516102 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.603527069 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.603583097 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.603626966 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.603626966 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.603975058 CEST59905443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.603992939 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.604003906 CEST59905443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.604011059 CEST4435990513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.604545116 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.604572058 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.604633093 CEST59904443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.604643106 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.604706049 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.604846954 CEST59904443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.607489109 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.607501030 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.608916044 CEST59902443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.608922958 CEST4435990213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.610347986 CEST59904443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.610362053 CEST4435990413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.612248898 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.612274885 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.612329960 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.612353086 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.612409115 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.612449884 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.612497091 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.612700939 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.617908955 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.617908955 CEST59903443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.617921114 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.617928028 CEST4435990313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.628010988 CEST59907443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.628041983 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.628109932 CEST59907443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.628909111 CEST59907443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.628918886 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.632442951 CEST59908443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.632477999 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.632541895 CEST59908443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.632812977 CEST59908443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.632826090 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.633636951 CEST59909443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.633661985 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.633723021 CEST59909443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.634073019 CEST59910443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.634094954 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.634185076 CEST59910443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.634268999 CEST59909443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.634288073 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:09.634331942 CEST59910443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:09.634342909 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.321813107 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.322534084 CEST59906443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.322565079 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.323121071 CEST59906443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.323128939 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.360121012 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.360735893 CEST59907443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.360760927 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.361316919 CEST59907443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.361323118 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.380911112 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.382246971 CEST59910443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.382265091 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.382551908 CEST59910443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.382550001 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.382559061 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.383167982 CEST59908443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.383191109 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.383733034 CEST59908443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.383738041 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.387207031 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.392869949 CEST59909443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.392885923 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.393426895 CEST59909443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.393430948 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.452821970 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.452933073 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.453165054 CEST59906443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.453203917 CEST59906443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.453221083 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.453232050 CEST59906443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.453238010 CEST4435990613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.456784964 CEST59912443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.456819057 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.456962109 CEST59912443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.457123041 CEST59912443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.457134008 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.490876913 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.490948915 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.491126060 CEST59907443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.491532087 CEST59907443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.491552114 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.491564989 CEST59907443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.491570950 CEST4435990713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.495543003 CEST59913443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.495583057 CEST4435991313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.495652914 CEST59913443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.495822906 CEST59913443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.495840073 CEST4435991313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.514673948 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.514916897 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.515064001 CEST59908443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.515221119 CEST59908443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.515221119 CEST59908443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.515240908 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.515244961 CEST4435990813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.518460989 CEST59914443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.518495083 CEST4435991413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.518666029 CEST59914443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.518821001 CEST59914443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.518830061 CEST4435991413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.519054890 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.519326925 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.519399881 CEST59909443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.519431114 CEST59909443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.519448042 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.519469023 CEST59909443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.519474030 CEST4435990913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.522274971 CEST59915443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.522313118 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.522401094 CEST59915443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.522569895 CEST59915443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.522584915 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.528450966 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.528698921 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.528817892 CEST59910443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.528844118 CEST59910443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.528844118 CEST59910443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.528865099 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.528875113 CEST4435991013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.532083035 CEST59916443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.532121897 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:10.532193899 CEST59916443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.532360077 CEST59916443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:10.532372952 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.207344055 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.207988024 CEST59912443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.208014965 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.209825039 CEST59912443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.209835052 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.227087975 CEST4435991313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.227794886 CEST59913443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.227824926 CEST4435991313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.228359938 CEST59913443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.228363991 CEST4435991313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.254165888 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.255372047 CEST59915443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.255398035 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.256058931 CEST59915443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.256066084 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.259656906 CEST4435991413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.260252953 CEST59914443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.260273933 CEST4435991413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.262818098 CEST59914443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.262830019 CEST4435991413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.276118994 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.291078091 CEST59916443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.291105986 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.291790009 CEST59916443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.291795015 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.340641022 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.340924025 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.341058016 CEST59912443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.343216896 CEST59912443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.343239069 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.343287945 CEST59912443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.343293905 CEST4435991213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.347291946 CEST59917443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.347349882 CEST4435991713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.347527027 CEST59917443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.347875118 CEST59917443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.347887039 CEST4435991713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.356453896 CEST4435991313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.356643915 CEST4435991313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.356729031 CEST59913443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.356853962 CEST59913443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.356868029 CEST4435991313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.359864950 CEST59918443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.359901905 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.359975100 CEST59918443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.360163927 CEST59918443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.360176086 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.383871078 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.384587049 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.384649992 CEST59915443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.384742022 CEST59915443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.384763002 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.384776115 CEST59915443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.384782076 CEST4435991513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.388866901 CEST59919443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.388906002 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.389364004 CEST59919443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.389564037 CEST59919443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.389569998 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.394946098 CEST4435991413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.395136118 CEST4435991413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.395189047 CEST59914443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.401348114 CEST59914443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.401374102 CEST4435991413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.405534983 CEST59920443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.405576944 CEST4435992013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.405895948 CEST59920443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.406270027 CEST59920443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.406284094 CEST4435992013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.419958115 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.420022964 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.420156956 CEST59916443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.420288086 CEST59916443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.420305967 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.420315027 CEST59916443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.420320988 CEST4435991613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.423494101 CEST59921443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.423527002 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:11.423666000 CEST59921443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.423856974 CEST59921443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:11.423865080 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.076616049 CEST4435991713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.105818033 CEST59917443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.105849981 CEST4435991713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.107948065 CEST59917443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.107954979 CEST4435991713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.108623981 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.108952045 CEST59918443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.108967066 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.109385967 CEST59918443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.109390020 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.123832941 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.124758959 CEST59919443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.124778032 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.125475883 CEST59919443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.125482082 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.153199911 CEST4435992013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.154019117 CEST59920443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.154052019 CEST4435992013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.154707909 CEST59920443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.154731989 CEST4435992013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.170236111 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.170897007 CEST59921443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.170922995 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.171634912 CEST59921443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.171642065 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.232340097 CEST4435991713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.232471943 CEST4435991713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.232577085 CEST59917443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.232788086 CEST59917443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.232800007 CEST4435991713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.238169909 CEST59922443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.238214016 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.238544941 CEST59922443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.238838911 CEST59922443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.238850117 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.241442919 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.241698980 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.241758108 CEST59918443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.241836071 CEST59918443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.241847992 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.241856098 CEST59918443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.241861105 CEST4435991813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.246898890 CEST59923443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.246929884 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.246994019 CEST59923443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.247231960 CEST59923443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.247241974 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.254692078 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.254780054 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.254873991 CEST59919443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.255604982 CEST59919443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.255614996 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.255629063 CEST59919443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.255634069 CEST4435991913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.261281967 CEST59924443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.261306047 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.261368036 CEST59924443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.261584997 CEST59924443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.261593103 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.287159920 CEST4435992013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.287231922 CEST4435992013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.287328959 CEST59920443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.288454056 CEST59920443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.288469076 CEST4435992013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.293567896 CEST59925443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.293606997 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.293724060 CEST59925443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.293987036 CEST59925443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.293997049 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.302553892 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.302735090 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.302860975 CEST59921443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.302922010 CEST59921443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.302937984 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.302954912 CEST59921443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.302961111 CEST4435992113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.308816910 CEST59926443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.308857918 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.308940887 CEST59926443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.309166908 CEST59926443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.309178114 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.424314022 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:12.424386024 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:12.424489021 CEST59897443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:08:12.968472958 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.969418049 CEST59922443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.969458103 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.969955921 CEST59922443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.969963074 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.977798939 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.978749990 CEST59923443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.978761911 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.979931116 CEST59923443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.979942083 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.991622925 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.995445013 CEST59924443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.995461941 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:12.996391058 CEST59924443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:12.996398926 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.028141022 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.044434071 CEST59925443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.044487953 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.045631886 CEST59925443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.045653105 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.049010992 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.049707890 CEST59926443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.049735069 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.050563097 CEST59926443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.050569057 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.099611044 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.099852085 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.099905968 CEST59922443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.107189894 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.107265949 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.107336998 CEST59923443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.124075890 CEST59922443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.124120951 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.124139071 CEST59922443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.124147892 CEST4435992213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.126072884 CEST59923443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.126072884 CEST59923443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.126092911 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.126102924 CEST4435992313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.127695084 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.127922058 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.127968073 CEST59924443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.132894039 CEST59924443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.132906914 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.132920027 CEST59924443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.132925987 CEST4435992413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.140420914 CEST59927443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.140467882 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.140532017 CEST59927443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.142510891 CEST59928443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.142544985 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.142601013 CEST59928443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.143507004 CEST59929443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.143558025 CEST4435992913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.143626928 CEST59929443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.144521952 CEST59927443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.144552946 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.144618034 CEST59928443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.144635916 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.144893885 CEST59929443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.144912004 CEST4435992913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.174726009 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.175442934 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.175507069 CEST59925443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.187915087 CEST59925443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.187915087 CEST59925443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.187951088 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.187962055 CEST4435992513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.193408012 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.193860054 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.193911076 CEST59926443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.198065042 CEST59926443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.198076010 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.198156118 CEST59926443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.198160887 CEST4435992613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.203142881 CEST59930443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.203181982 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.203270912 CEST59930443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.205688000 CEST59931443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.205723047 CEST4435993113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.205792904 CEST59931443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.206104994 CEST59930443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.206125021 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.206306934 CEST59931443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.206325054 CEST4435993113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.715331078 CEST59897443192.168.2.9142.250.185.164
                        Oct 24, 2024 15:08:13.715361118 CEST44359897142.250.185.164192.168.2.9
                        Oct 24, 2024 15:08:13.898046017 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.898314953 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.898509026 CEST4435992913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.900333881 CEST59927443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.900365114 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.900827885 CEST59927443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.900834084 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.901256084 CEST59928443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.901277065 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.901772022 CEST59928443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.901777029 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.902657032 CEST59929443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.902657032 CEST59929443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.902678967 CEST4435992913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.902698040 CEST4435992913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.937813044 CEST4435993113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.938060999 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.938507080 CEST59930443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.938515902 CEST59931443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.938529015 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.938539028 CEST4435993113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.939017057 CEST59931443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.939026117 CEST4435993113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:13.939407110 CEST59930443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:13.939414978 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.029161930 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.029330015 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.029380083 CEST59927443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.029622078 CEST59927443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.029642105 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.029663086 CEST59927443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.029669046 CEST4435992713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.030541897 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.031327009 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.031402111 CEST59928443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.031637907 CEST59928443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.031653881 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.031666040 CEST59928443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.031672001 CEST4435992813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.032392979 CEST4435992913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.032686949 CEST4435992913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.032854080 CEST59929443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.032854080 CEST59929443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.032937050 CEST59929443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.032953024 CEST4435992913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.033593893 CEST59932443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.033632994 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.033817053 CEST59932443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.033937931 CEST59932443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.033951044 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.035173893 CEST59933443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.035219908 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.035334110 CEST59933443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.035410881 CEST59933443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.035425901 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.035837889 CEST59934443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.035856962 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.035943985 CEST59934443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.036230087 CEST59934443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.036242962 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.067595959 CEST4435993113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.067821026 CEST4435993113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.068109035 CEST59931443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.068109035 CEST59931443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.068344116 CEST59931443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.068371058 CEST4435993113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.068600893 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.069247961 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.069325924 CEST59930443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.069742918 CEST59930443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.069761038 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.069771051 CEST59930443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.069777012 CEST4435993013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.072607040 CEST59935443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.072650909 CEST4435993513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.072794914 CEST59935443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.075193882 CEST59935443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.075206995 CEST4435993513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.076105118 CEST59936443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.076141119 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.076224089 CEST59936443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.076365948 CEST59936443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.076375961 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.763916016 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.764740944 CEST59932443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.764758110 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.765502930 CEST59932443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.765506983 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.778363943 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.778388977 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.779043913 CEST59933443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.779072046 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.779933929 CEST59933443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.779939890 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.780750990 CEST59934443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.780775070 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.784578085 CEST59934443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.784586906 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.808387995 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.808393955 CEST4435993513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.809161901 CEST59935443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.809185982 CEST4435993513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.809263945 CEST59936443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.809295893 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.809501886 CEST59935443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.809506893 CEST4435993513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.809824944 CEST59936443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.809834003 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.895132065 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.895203114 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.895322084 CEST59932443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.896023989 CEST59932443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.896023989 CEST59932443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.896044970 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.896054029 CEST4435993213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.902734995 CEST59937443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.902777910 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.902847052 CEST59937443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.903059006 CEST59937443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.903070927 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.911057949 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.911284924 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.911335945 CEST59934443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.911693096 CEST59934443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.911693096 CEST59934443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.911700964 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.911710024 CEST4435993413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.913707018 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.913764954 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.913930893 CEST59933443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.914207935 CEST59933443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.914228916 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.914331913 CEST59933443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.914340019 CEST4435993313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.918227911 CEST59938443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.918279886 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.918356895 CEST59938443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.918495893 CEST59938443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.918510914 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.919204950 CEST59939443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.919226885 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.919368982 CEST59939443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.919512987 CEST59939443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.919522047 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.939198017 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.939457893 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.939557076 CEST59936443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.939606905 CEST59936443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.939621925 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.939656019 CEST59936443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.939662933 CEST4435993613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.942364931 CEST4435993513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.942523956 CEST4435993513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.942771912 CEST59935443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.942771912 CEST59935443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.942832947 CEST59935443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.942843914 CEST4435993513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.943001032 CEST59940443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.943032026 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.943118095 CEST59940443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.943273067 CEST59940443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.943288088 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.945429087 CEST59941443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.945476055 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:14.945628881 CEST59941443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.947043896 CEST59941443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:14.947056055 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.634736061 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.635579109 CEST59937443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.635606050 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.636109114 CEST59937443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.636115074 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.661926985 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.662628889 CEST59938443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.662656069 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.663557053 CEST59938443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.663566113 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.673605919 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.674294949 CEST59940443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.674319029 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.674958944 CEST59940443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.674964905 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.677331924 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.677808046 CEST59941443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.677845955 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.678262949 CEST59941443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.678272963 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.699632883 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.700831890 CEST59939443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.700831890 CEST59939443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.700851917 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.700864077 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.771054983 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.771132946 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.771217108 CEST59937443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.771471977 CEST59937443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.771471977 CEST59937443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.771491051 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.771501064 CEST4435993713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.776016951 CEST59942443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.776057005 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.776123047 CEST59942443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.776315928 CEST59942443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.776329994 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.801830053 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.802059889 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.802124977 CEST59940443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.802211046 CEST59940443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.802222967 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.802237988 CEST59940443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.802244902 CEST4435994013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.804327011 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.804550886 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.804594994 CEST59938443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.806278944 CEST59938443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.806299925 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.806313992 CEST59938443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.806319952 CEST4435993813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.806961060 CEST59943443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.807001114 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.807096004 CEST59943443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.807363033 CEST59943443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.807373047 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.808624029 CEST59944443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.808659077 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.808762074 CEST59944443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.808881998 CEST59944443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.808896065 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.809453011 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.809536934 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.809643984 CEST59941443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.809669971 CEST59941443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.809678078 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.809690952 CEST59941443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.809695005 CEST4435994113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.811904907 CEST59945443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.811934948 CEST4435994513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.812184095 CEST59945443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.812330008 CEST59945443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.812340021 CEST4435994513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.938586950 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.938736916 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.938860893 CEST59939443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.939054966 CEST59939443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.939070940 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.939089060 CEST59939443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.939099073 CEST4435993913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.942822933 CEST59946443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.942853928 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:15.942931890 CEST59946443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.943140984 CEST59946443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:15.943150997 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.519958019 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.520555019 CEST59942443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.520591974 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.521158934 CEST59942443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.521171093 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.530762911 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.531286001 CEST59943443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.531326056 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.531810045 CEST59943443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.531817913 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.552460909 CEST4435994513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.555692911 CEST59945443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.555721998 CEST4435994513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.555840969 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.556416988 CEST59945443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.556423903 CEST4435994513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.556751966 CEST59944443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.556765079 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.557192087 CEST59944443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.557195902 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.656256914 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.656327009 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.656404018 CEST59942443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.656878948 CEST59942443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.656914949 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.656927109 CEST59942443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.656934977 CEST4435994213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.660644054 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.660676003 CEST4435994713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.660788059 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.660991907 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.661001921 CEST4435994713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.661209106 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.661272049 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.661453962 CEST59943443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.661494970 CEST59943443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.661494970 CEST59943443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.661514044 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.661524057 CEST4435994313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.664316893 CEST59948443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.664346933 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.664496899 CEST59948443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.664671898 CEST59948443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.664679050 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.667960882 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.668586969 CEST59946443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.668606997 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.669084072 CEST59946443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.669090033 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.683598042 CEST4435994513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.683650970 CEST4435994513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.683806896 CEST59945443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.684052944 CEST59945443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.684067965 CEST4435994513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.687557936 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.687618971 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.687860012 CEST59944443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.688309908 CEST59944443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.688324928 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.688334942 CEST59944443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.688339949 CEST4435994413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.690104008 CEST59949443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.690152884 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.690213919 CEST59949443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.691065073 CEST59949443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.691080093 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.691961050 CEST59950443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.691982031 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.692353964 CEST59950443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.692498922 CEST59950443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.692511082 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.796808958 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.796895027 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.797022104 CEST59946443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.797250986 CEST59946443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.797267914 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.797283888 CEST59946443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.797291040 CEST4435994613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.801134109 CEST59951443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.801175117 CEST4435995113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:16.801541090 CEST59951443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.801695108 CEST59951443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:16.801703930 CEST4435995113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.399820089 CEST4435994713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.400677919 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.400723934 CEST4435994713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.401135921 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.401148081 CEST4435994713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.422641039 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.423278093 CEST59949443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.423300028 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.423832893 CEST59949443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.423839092 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.431379080 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.431907892 CEST59948443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.431925058 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.432455063 CEST59948443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.432466030 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.438546896 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.439070940 CEST59950443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.439102888 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.439780951 CEST59950443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.439788103 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.534173012 CEST4435994713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.534868956 CEST4435994713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.534995079 CEST4435995113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.534997940 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.534997940 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.534997940 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.535677910 CEST59951443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.535707951 CEST4435995113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.536937952 CEST59951443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.536952019 CEST4435995113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.539161921 CEST59952443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.539194107 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.539464951 CEST59952443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.540097952 CEST59952443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.540110111 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.555341005 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.555670023 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.555762053 CEST59949443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.556091070 CEST59949443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.556091070 CEST59949443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.556116104 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.556124926 CEST4435994913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.559756041 CEST59953443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.559793949 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.560005903 CEST59953443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.560197115 CEST59953443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.560209036 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.564515114 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.564579964 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.564716101 CEST59948443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.564740896 CEST59948443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.564754009 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.564764023 CEST59948443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.564769983 CEST4435994813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.567913055 CEST59954443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.567938089 CEST4435995413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.567994118 CEST59954443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.568236113 CEST59954443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.568244934 CEST4435995413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.574493885 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.574876070 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.574956894 CEST59950443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.574990988 CEST59950443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.574990988 CEST59950443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.575004101 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.575015068 CEST4435995013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.577646971 CEST59955443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.577667952 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.577773094 CEST59955443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.577920914 CEST59955443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.577934027 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.665581942 CEST4435995113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.665652990 CEST4435995113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.665971994 CEST59951443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.666163921 CEST59951443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.666179895 CEST4435995113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.669735909 CEST59956443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.669764042 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.670031071 CEST59956443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.670192957 CEST59956443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.670201063 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:17.835685015 CEST59947443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:17.835707903 CEST4435994713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.279445887 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.280100107 CEST59952443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.280134916 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.280618906 CEST59952443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.280625105 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.291266918 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.291732073 CEST59953443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.291754961 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.292196035 CEST59953443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.292201042 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.319973946 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.321238995 CEST59955443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.321258068 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.321753025 CEST59955443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.321757078 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.329539061 CEST4435995413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.329998970 CEST59954443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.330025911 CEST4435995413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.330457926 CEST59954443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.330463886 CEST4435995413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.398150921 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.399441004 CEST59956443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.399460077 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.400103092 CEST59956443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.400109053 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.411187887 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.411257982 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.411303043 CEST59952443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.411766052 CEST59952443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.411791086 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.411803007 CEST59952443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.411809921 CEST4435995213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.416299105 CEST59957443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.416346073 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.416465998 CEST59957443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.416663885 CEST59957443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.416678905 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.421466112 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.421716928 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.421765089 CEST59953443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.421849012 CEST59953443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.421860933 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.421870947 CEST59953443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.421878099 CEST4435995313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.426414967 CEST59958443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.426459074 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.426575899 CEST59958443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.426800966 CEST59958443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.426815033 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.451463938 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.451519966 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.451824903 CEST59955443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.451869011 CEST59955443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.451883078 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.451905012 CEST59955443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.451911926 CEST4435995513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.456052065 CEST59959443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.456085920 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.456170082 CEST59959443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.456363916 CEST59959443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.456378937 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.461333990 CEST4435995413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.461755037 CEST4435995413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.461868048 CEST59954443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.461904049 CEST59954443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.461921930 CEST4435995413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.465867043 CEST59960443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.465897083 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.466078997 CEST59960443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.466336966 CEST59960443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.466346025 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.537767887 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.537866116 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.538404942 CEST59956443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.539330959 CEST59956443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.539330959 CEST59956443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.539350033 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.539378881 CEST4435995613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.543215036 CEST59961443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.543252945 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:18.543427944 CEST59961443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.543577909 CEST59961443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:18.543591976 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.161590099 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.162282944 CEST59958443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.162300110 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.163041115 CEST59958443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.163044930 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.167448997 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.167820930 CEST59957443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.167849064 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.168291092 CEST59957443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.168297052 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.199174881 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.199651957 CEST59959443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.199676037 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.200460911 CEST59959443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.200465918 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.204896927 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.213995934 CEST59960443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.214025974 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.214436054 CEST59960443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.214445114 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.270905018 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.271617889 CEST59961443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.271636963 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.272223949 CEST59961443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.272228956 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.291843891 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.292701006 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.292773008 CEST59958443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.292836905 CEST59958443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.292836905 CEST59958443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.292851925 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.292855978 CEST4435995813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.296963930 CEST59962443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.297004938 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.297136068 CEST59962443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.297449112 CEST59962443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.297458887 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.300915003 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.301018953 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.301074982 CEST59957443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.301142931 CEST59957443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.301167011 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.301178932 CEST59957443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.301186085 CEST4435995713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.303550959 CEST59963443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.303589106 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.303940058 CEST59963443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.304218054 CEST59963443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.304231882 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.331120968 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.331305027 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.331383944 CEST59959443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.334296942 CEST59959443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.334311008 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.334326029 CEST59959443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.334332943 CEST4435995913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.340291977 CEST59964443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.340346098 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.340396881 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.340450048 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.340488911 CEST59964443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.340532064 CEST59960443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.340671062 CEST59964443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.340708971 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.340775013 CEST59960443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.340795040 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.340806007 CEST59960443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.340811014 CEST4435996013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.343130112 CEST59965443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.343166113 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.343348980 CEST59965443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.343651056 CEST59965443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.343662977 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.400331974 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.400593996 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.400660992 CEST59961443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.401230097 CEST59961443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.401258945 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.401276112 CEST59961443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.401283026 CEST4435996113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.404553890 CEST59966443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.404601097 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:19.404680014 CEST59966443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.404827118 CEST59966443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:19.404841900 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.051738024 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.052362919 CEST59963443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.052381039 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.053075075 CEST59963443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.053081036 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.083221912 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.083822012 CEST59962443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.083853006 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.084348917 CEST59962443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.084358931 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.117616892 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.118180037 CEST59964443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.118221045 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.118449926 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.118863106 CEST59965443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.118879080 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.119136095 CEST59964443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.119143009 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.119307995 CEST59965443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.119321108 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.166776896 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.167531967 CEST59966443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.167577028 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.168421984 CEST59966443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.168440104 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.187057018 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.187254906 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.187321901 CEST59963443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.187604904 CEST59963443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.187623024 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.187632084 CEST59963443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.187637091 CEST4435996313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.191049099 CEST59967443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.191087961 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.191262007 CEST59967443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.191464901 CEST59967443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.191479921 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.244278908 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.244925022 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.244995117 CEST59962443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.245309114 CEST59962443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.245338917 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.245352030 CEST59962443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.245361090 CEST4435996213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.249542952 CEST59968443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.249561071 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.249666929 CEST59968443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.250015020 CEST59968443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.250026941 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.257262945 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.257384062 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.257440090 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.257487059 CEST59965443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.257591009 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.257667065 CEST59965443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.257675886 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.257704973 CEST59964443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.257711887 CEST59965443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.257716894 CEST4435996513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.257742882 CEST59964443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.257762909 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.257777929 CEST59964443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.257782936 CEST4435996413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.261513948 CEST59969443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.261553049 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.261607885 CEST59969443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.261626005 CEST59970443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.261637926 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.261704922 CEST59970443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.261871099 CEST59970443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.261881113 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.261974096 CEST59969443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.261989117 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.308648109 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.309133053 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.309201002 CEST59966443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.309274912 CEST59966443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.309299946 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.309310913 CEST59966443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.309317112 CEST4435996613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.313060045 CEST59971443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.313091040 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:20.313167095 CEST59971443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.314076900 CEST59971443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:20.314089060 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.093525887 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.094118118 CEST59967443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.094137907 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.094727993 CEST59967443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.094733000 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.462810993 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.463382006 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.463458061 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.463468075 CEST59970443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.463486910 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.463546038 CEST59967443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.463855028 CEST59967443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.463870049 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.463881969 CEST59967443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.463887930 CEST4435996713.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.464153051 CEST59970443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.464158058 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.466965914 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.467494965 CEST59972443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.467540026 CEST4435997213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.467746973 CEST59972443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.467850924 CEST59969443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.467880964 CEST59972443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.467886925 CEST4435997213.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.467890978 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.468120098 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.468377113 CEST59969443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.468386889 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.468858957 CEST59968443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.468874931 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.469290972 CEST59968443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.469295979 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.469769001 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.470138073 CEST59971443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.470172882 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.470742941 CEST59971443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.470755100 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.596674919 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.596981049 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.597058058 CEST59971443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.597110033 CEST59971443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.597110033 CEST59971443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.597143888 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.597158909 CEST4435997113.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.597518921 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.598243952 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.598562002 CEST59970443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.598743916 CEST59970443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.598757029 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.598767042 CEST59970443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.598773003 CEST4435997013.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.601605892 CEST59973443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.601660013 CEST4435997313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.601720095 CEST59973443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.601941109 CEST59973443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.601954937 CEST4435997313.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.601974964 CEST59974443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.602010965 CEST4435997413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.602062941 CEST59974443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.602183104 CEST59974443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.602200985 CEST4435997413.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.603655100 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.603868961 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.604099989 CEST59969443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.604136944 CEST59969443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.604144096 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.604156017 CEST59969443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.604161024 CEST4435996913.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.607482910 CEST59975443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.607513905 CEST4435997513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.607597113 CEST59975443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.607851028 CEST59975443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.607865095 CEST4435997513.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.744025946 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.744101048 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.744354010 CEST59968443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.744463921 CEST59968443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.744463921 CEST59968443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.744482040 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.744494915 CEST4435996813.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.748599052 CEST59976443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.748641968 CEST4435997613.107.246.45192.168.2.9
                        Oct 24, 2024 15:08:21.748944044 CEST59976443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.749353886 CEST59976443192.168.2.913.107.246.45
                        Oct 24, 2024 15:08:21.749366045 CEST4435997613.107.246.45192.168.2.9
                        TimestampSource PortDest PortSource IPDest IP
                        Oct 24, 2024 15:06:57.193260908 CEST53521151.1.1.1192.168.2.9
                        Oct 24, 2024 15:06:57.290447950 CEST53526991.1.1.1192.168.2.9
                        Oct 24, 2024 15:06:58.656512976 CEST53636511.1.1.1192.168.2.9
                        Oct 24, 2024 15:06:59.259557009 CEST4917553192.168.2.91.1.1.1
                        Oct 24, 2024 15:06:59.259704113 CEST5742153192.168.2.91.1.1.1
                        Oct 24, 2024 15:06:59.269120932 CEST53491751.1.1.1192.168.2.9
                        Oct 24, 2024 15:06:59.283171892 CEST53574211.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:00.290191889 CEST5500353192.168.2.91.1.1.1
                        Oct 24, 2024 15:07:00.290349960 CEST6202053192.168.2.91.1.1.1
                        Oct 24, 2024 15:07:00.297960997 CEST53550031.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:00.298857927 CEST53620201.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:01.434998989 CEST5791753192.168.2.91.1.1.1
                        Oct 24, 2024 15:07:01.435062885 CEST6124953192.168.2.91.1.1.1
                        Oct 24, 2024 15:07:01.443500996 CEST53612491.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:01.444067001 CEST53579171.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:15.687889099 CEST53549221.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:31.819196939 CEST138138192.168.2.9192.168.2.255
                        Oct 24, 2024 15:07:34.603410959 CEST53618081.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:35.499663115 CEST5350159162.159.36.2192.168.2.9
                        Oct 24, 2024 15:07:36.454241991 CEST53645351.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:56.814656973 CEST53628911.1.1.1192.168.2.9
                        Oct 24, 2024 15:07:57.206697941 CEST53633801.1.1.1192.168.2.9
                        TimestampSource IPDest IPChecksumCodeType
                        Oct 24, 2024 15:06:59.283283949 CEST192.168.2.91.1.1.1c23c(Port unreachable)Destination Unreachable
                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                        Oct 24, 2024 15:06:59.259557009 CEST192.168.2.91.1.1.10x108cStandard query (0)email.sg.on24event.comA (IP address)IN (0x0001)false
                        Oct 24, 2024 15:06:59.259704113 CEST192.168.2.91.1.1.10x1ff4Standard query (0)email.sg.on24event.com65IN (0x0001)false
                        Oct 24, 2024 15:07:00.290191889 CEST192.168.2.91.1.1.10x477aStandard query (0)event.on24.comA (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:00.290349960 CEST192.168.2.91.1.1.10x9680Standard query (0)event.on24.com65IN (0x0001)false
                        Oct 24, 2024 15:07:01.434998989 CEST192.168.2.91.1.1.10x2104Standard query (0)www.google.comA (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:01.435062885 CEST192.168.2.91.1.1.10x9d8aStandard query (0)www.google.com65IN (0x0001)false
                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                        Oct 24, 2024 15:06:59.269120932 CEST1.1.1.1192.168.2.90x108cNo error (0)email.sg.on24event.comr-email.sg.on24event.comCNAME (Canonical name)IN (0x0001)false
                        Oct 24, 2024 15:06:59.269120932 CEST1.1.1.1192.168.2.90x108cNo error (0)r-email.sg.on24event.com199.83.44.68A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:06:59.283171892 CEST1.1.1.1192.168.2.90x1ff4No error (0)email.sg.on24event.comr-email.sg.on24event.comCNAME (Canonical name)IN (0x0001)false
                        Oct 24, 2024 15:07:00.297960997 CEST1.1.1.1192.168.2.90x477aNo error (0)event.on24.comr-event.on24.comCNAME (Canonical name)IN (0x0001)false
                        Oct 24, 2024 15:07:00.297960997 CEST1.1.1.1192.168.2.90x477aNo error (0)r-event.on24.com199.83.44.71A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:00.298857927 CEST1.1.1.1192.168.2.90x9680No error (0)event.on24.comr-event.on24.comCNAME (Canonical name)IN (0x0001)false
                        Oct 24, 2024 15:07:01.443500996 CEST1.1.1.1192.168.2.90x9d8aNo error (0)www.google.com65IN (0x0001)false
                        Oct 24, 2024 15:07:01.444067001 CEST1.1.1.1192.168.2.90x2104No error (0)www.google.com142.250.185.164A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:07.438889027 CEST1.1.1.1192.168.2.90x2e41No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:07.438889027 CEST1.1.1.1192.168.2.90x2e41No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:21.407119036 CEST1.1.1.1192.168.2.90xc6cfNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:21.407119036 CEST1.1.1.1192.168.2.90xc6cfNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:49.533175945 CEST1.1.1.1192.168.2.90xea41No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:07:49.533175945 CEST1.1.1.1192.168.2.90xea41No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                        Oct 24, 2024 15:08:07.338054895 CEST1.1.1.1192.168.2.90x7774No error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                        Oct 24, 2024 15:08:07.338054895 CEST1.1.1.1192.168.2.90x7774No error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                        • email.sg.on24event.com
                        • event.on24.com
                        • https:
                          • www.bing.com
                        • slscr.update.microsoft.com
                        • otelrules.azureedge.net
                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        0192.168.2.949714199.83.44.684435620C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:07:00 UTC1320OUTGET /ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9rLCjHUvOPofo9kbFG_yCuTUfPY6UB7yZ5VxhRUVVgisgV7CtFVrxjgs1Dx8NjmnyzpnSVIv-2F-2B-2B7j2fu-2FYCagNFZJHRH19RPwY10f0pPoVHgwnfCVfMYlFqMrHnUU6GAuAouzjqh20ONbYN2VfftLDjoqAJGBN2kft-2Bv04fAoIy3MzG3kdrru9Yvxu0ygDfWuzlgjcvrxqBlkV4BY2mkCzwA5jBN5rjxz-2F-2BsyMnQfHWkNxjMIZv6IBWkL8j0xWgvEID-2F-2FdgkC79m6T4CLF4Ru4slCqOKEuK45ntF4FGnfu-2BxNk2Yj1VxgsHmsl4jo7NJJbvAyMZAVVI0boEhoqSUrvJbAEVFWFdB3lpZlsfcw-3D-3D HTTP/1.1
                        Host: email.sg.on24event.com
                        Connection: keep-alive
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        sec-ch-ua-platform: "Windows"
                        Upgrade-Insecure-Requests: 1
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: navigate
                        Sec-Fetch-User: ?1
                        Sec-Fetch-Dest: document
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-10-24 13:07:00 UTC367INHTTP/1.1 302 Found
                        Server: nginx
                        Date: Thu, 24 Oct 2024 13:07:00 GMT
                        Content-Type: text/html; charset=utf-8
                        Content-Length: 191
                        Connection: close
                        Location: https://event.on24.com/eventRegistration/EventCalendarServlet.ics?token=kFTT50zSJ17t2P9m38%2FN8wKm3IwiB%2BqqrDFA4nWK4U3U0lAzoOb6Jrby7waexx8G668BXath15Qd32XtlryYow%3D%3D
                        X-Robots-Tag: noindex, nofollow
                        2024-10-24 13:07:00 UTC191INData Raw: 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 65 76 65 6e 74 2e 6f 6e 32 34 2e 63 6f 6d 2f 65 76 65 6e 74 52 65 67 69 73 74 72 61 74 69 6f 6e 2f 45 76 65 6e 74 43 61 6c 65 6e 64 61 72 53 65 72 76 6c 65 74 2e 69 63 73 3f 74 6f 6b 65 6e 3d 6b 46 54 54 35 30 7a 53 4a 31 37 74 32 50 39 6d 33 38 25 32 46 4e 38 77 4b 6d 33 49 77 69 42 25 32 42 71 71 72 44 46 41 34 6e 57 4b 34 55 33 55 30 6c 41 7a 6f 4f 62 36 4a 72 62 79 37 77 61 65 78 78 38 47 36 36 38 42 58 61 74 68 31 35 51 64 33 32 58 74 6c 72 79 59 6f 77 25 33 44 25 33 44 22 3e 46 6f 75 6e 64 3c 2f 61 3e 2e 0a 0a
                        Data Ascii: <a href="https://event.on24.com/eventRegistration/EventCalendarServlet.ics?token=kFTT50zSJ17t2P9m38%2FN8wKm3IwiB%2BqqrDFA4nWK4U3U0lAzoOb6Jrby7waexx8G668BXath15Qd32XtlryYow%3D%3D">Found</a>.


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        1192.168.2.949716199.83.44.714435620C:\Program Files\Google\Chrome\Application\chrome.exe
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:07:00 UTC802OUTGET /eventRegistration/EventCalendarServlet.ics?token=kFTT50zSJ17t2P9m38%2FN8wKm3IwiB%2BqqrDFA4nWK4U3U0lAzoOb6Jrby7waexx8G668BXath15Qd32XtlryYow%3D%3D HTTP/1.1
                        Host: event.on24.com
                        Connection: keep-alive
                        Upgrade-Insecure-Requests: 1
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                        Sec-Fetch-Site: none
                        Sec-Fetch-Mode: navigate
                        Sec-Fetch-User: ?1
                        Sec-Fetch-Dest: document
                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                        sec-ch-ua-mobile: ?0
                        sec-ch-ua-platform: "Windows"
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        2024-10-24 13:07:01 UTC772INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:07:01 GMT
                        Content-Length: 1105
                        Content-Type: text/calendar; charset=utf-8
                        X-ORACLE-DMS-ECID: a9854498-688c-49a0-9e66-c71286dffc9d-0015e820
                        X-ORACLE-DMS-RID: 0
                        Connection: close
                        Strict-Transport-Security: max-age=31536000; includeSubDomains
                        X-Content-Type-Options: nosniff
                        X-XSS-Protection: 1; mode=block
                        X-Frame-Options: SAMEORIGIN
                        Content-Security-Policy: frame-ancestors *.on24.com
                        Set-Cookie: ON24_Pool=cons5_prd_wl_LNX; Path=/; Secure; Httponly; SameSite=None
                        Set-Cookie: TS0af49cbe027=082972b052ab2000ef9004ebdf88511f43cb42ff0fb46d8daaaecf563e2831b1548fd8e81e13011b086e7c963d1130001672c553e337d1786f05aebf602ecbbeb88bdacebe56a6a53b541c5b12aa8bfbb23c7aeb3cb6ff8664dc2bf36c735ebd; Path=/; SameSite=None; Secure
                        2024-10-24 13:07:01 UTC1105INData Raw: 42 45 47 49 4e 3a 56 43 41 4c 45 4e 44 41 52 0a 50 52 4f 44 49 44 3a 2d 2f 2f 4f 4e 32 34 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2f 2f 4f 4e 32 34 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2f 2f 45 4e 0a 56 45 52 53 49 4f 4e 3a 32 2e 30 0a 4d 45 54 48 4f 44 3a 50 55 42 4c 49 53 48 0a 42 45 47 49 4e 3a 56 45 56 45 4e 54 0a 44 54 53 54 41 52 54 3a 32 30 32 34 31 31 30 37 54 31 38 30 30 30 30 5a 0a 44 54 45 4e 44 3a 32 30 32 34 31 31 30 37 54 31 39 30 30 30 30 5a 0a 4c 4f 43 41 54 49 4f 4e 3a 4f 70 74 75 6d 20 57 65 62 69 6e 61 72 20 0a 54 52 41 4e 53 50 3a 4f 50 41 51 55 45 0a 55 49 44 3a 33 39 30 36 30 31 37 37 34 32 30 32 34 31 30 32 34 54 31 33 30 37 30 30 5a 0a 44 54 53 54 41 4d 50 3a 32 30 32 34 31 30 32 34 54 31 33 30 37 30 31 5a 0a 53 55 4d 4d 41 52 59 3a 4f
                        Data Ascii: BEGIN:VCALENDARPRODID:-//ON24 Corporation//ON24 Corporation//ENVERSION:2.0METHOD:PUBLISHBEGIN:VEVENTDTSTART:20241107T180000ZDTEND:20241107T190000ZLOCATION:Optum Webinar TRANSP:OPAQUEUID:39060177420241024T130700ZDTSTAMP:20241024T130701ZSUMMARY:O


                        Session IDSource IPSource PortDestination IPDestination Port
                        2192.168.2.94972023.206.229.209443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:07:07 UTC2175OUTPOST /threshold/xls.aspx HTTP/1.1
                        Origin: https://www.bing.com
                        Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                        Accept: */*
                        Accept-Language: en-CH
                        Content-type: text/xml
                        X-Agent-DeviceId: 01000A4109008071
                        X-BM-CBT: 1696497265
                        X-BM-DateFormat: dd/MM/yyyy
                        X-BM-DeviceDimensions: 784x984
                        X-BM-DeviceDimensionsLogical: 784x984
                        X-BM-DeviceScale: 100
                        X-BM-DTZ: 60
                        X-BM-Market: CH
                        X-BM-Theme: 000000;0078d7
                        X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E
                        X-Device-ClientSession: 3967AB70E8E74431908B580AED7E67B3
                        X-Device-isOptin: false
                        X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                        X-Device-OSSKU: 48
                        X-Device-Touch: false
                        X-DeviceID: 01000A4109008071
                        X-MSEdge-ExternalExp: bfbwsbghf928t,bfbwsbrs0830tf,d-thshldspcl40,fliptrac6,optfsc,spofglclickserpf2,wsbqfasmsall_t,wsbqfminiserp600,wsbref-c
                        X-MSEdge-ExternalExpType: JointCoord
                        X-PositionerType: Desktop
                        X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                        X-Search-CortanaAvailableCapabilities: None
                        X-Search-SafeSearch: Moderate
                        X-Search-TimeZone: Bias=0; DaylightBias=-60; TimeZoneKeyName=GMT Standard Time
                        X-UserAgeClass: Unknown
                        Accept-Encoding: gzip, deflate, br
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                        Host: www.bing.com
                        Content-Length: 516
                        Connection: Keep-Alive
                        Cache-Control: no-cache
                        Cookie: SRCHUID=V=2&GUID=507B984BF29F418EA13B8912FCE289B0&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231005; SRCHHPGUSR=SRCHLANG=en&LUT=1696497029183&IPMH=5c67ba25&IPMID=1696497265539&HV=1696497179; MUID=531305E83CE64DE088676FE94B9682C4; _SS=SID=3314E043C3866D730FEDF3E2C2436C30&CPID=1696497266478&AC=1&CPH=c11e7441; _EDGE_S=SID=3314E043C3866D730FEDF3E2C2436C30; MUIDB=531305E83CE64DE088676FE94B9682C4
                        2024-10-24 13:07:07 UTC1OUTData Raw: 3c
                        Data Ascii: <
                        2024-10-24 13:07:07 UTC515OUTData Raw: 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 35 33 31 33 30 35 45 38 33 43 45 36 34 44 45 30 38 38 36 37 36 46 45 39 34 42 39 36 38 32 43 34 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 38 32 39 46 43 45 45 38 38 41 35 32 34 46 34 31 39 34 33 46 33 33 35 42 38 33 32 44 31 41 34 37 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 42 6f 78 4d 6f 64 65 6c 22 2c 22 46 49 44 22 3a 22 43 49
                        Data Ascii: ClientInstRequest><CID>531305E83CE64DE088676FE94B9682C4</CID><Events><E><T>Event.ClientInst</T><IG>829FCEE88A524F41943F335B832D1A47</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.BoxModel","FID":"CI
                        2024-10-24 13:07:07 UTC480INHTTP/1.1 204 No Content
                        Access-Control-Allow-Origin: *
                        Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                        X-MSEdge-Ref: Ref A: A0B6865CC8C84C75902C350BE39F4AE7 Ref B: LAX311000113023 Ref C: 2024-10-24T13:07:07Z
                        Date: Thu, 24 Oct 2024 13:07:07 GMT
                        Connection: close
                        Alt-Svc: h3=":443"; ma=93600
                        X-CDN-TraceID: 0.dcd7ce17.1729775227.6dceda34


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        3192.168.2.9497194.245.163.56443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:07:08 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=CPtZpdrxCupbKwW&MD=Rc5Ru4Zk HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                        Host: slscr.update.microsoft.com
                        2024-10-24 13:07:08 UTC560INHTTP/1.1 200 OK
                        Cache-Control: no-cache
                        Pragma: no-cache
                        Content-Type: application/octet-stream
                        Expires: -1
                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                        ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                        MS-CorrelationId: 6ac89ffc-4fbd-4902-ad72-c0ed98d91a5c
                        MS-RequestId: 6dff59e8-da2c-45b4-992b-5c4b5fc99a24
                        MS-CV: jLn2UqSPdUCYt2jV.0
                        X-Microsoft-SLSClientCache: 2880
                        Content-Disposition: attachment; filename=environment.cab
                        X-Content-Type-Options: nosniff
                        Date: Thu, 24 Oct 2024 13:07:07 GMT
                        Connection: close
                        Content-Length: 24490
                        2024-10-24 13:07:08 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                        Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                        2024-10-24 13:07:08 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                        Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                        4192.168.2.9598954.245.163.56443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:07:37 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=CPtZpdrxCupbKwW&MD=Rc5Ru4Zk HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                        Host: slscr.update.microsoft.com
                        2024-10-24 13:07:38 UTC560INHTTP/1.1 200 OK
                        Cache-Control: no-cache
                        Pragma: no-cache
                        Content-Type: application/octet-stream
                        Expires: -1
                        Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                        ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                        MS-CorrelationId: 8a99c0c2-7a0e-420c-b6d9-47630ccffd7b
                        MS-RequestId: 38608bcc-ec06-49cd-b840-43b62786cec0
                        MS-CV: iLEbv41O5Eeu+1qt.0
                        X-Microsoft-SLSClientCache: 1440
                        Content-Disposition: attachment; filename=environment.cab
                        X-Content-Type-Options: nosniff
                        Date: Thu, 24 Oct 2024 13:07:37 GMT
                        Connection: close
                        Content-Length: 30005
                        2024-10-24 13:07:38 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                        Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                        2024-10-24 13:07:38 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                        Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                        Session IDSource IPSource PortDestination IPDestination Port
                        5192.168.2.95989813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:08 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:08 UTC561INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:08 GMT
                        Content-Type: text/plain
                        Content-Length: 218853
                        Connection: close
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Cache-Control: public
                        Last-Modified: Wed, 23 Oct 2024 06:30:03 GMT
                        ETag: "0x8DCF32C20D7262E"
                        x-ms-request-id: 39f98116-901e-0015-0fb5-25b284000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130808Z-16849878b78dsttbr1qw36rxs800000007w0000000000ed9
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:08 UTC15823INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                        Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                        2024-10-24 13:08:08 UTC16384INData Raw: 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                        Data Ascii: <S T="1" F="0" /> </L> <R> <V V="400" T="I32" /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L>
                        2024-10-24 13:08:08 UTC16384INData Raw: 3c 53 20 54 3d 22 33 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 20 20 3c 53 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 53 54 3e 0d 0a 3c 2f 52 3e 0d 0a 3c 24 21 23 3e 31 30 38 32 30 76 33 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d
                        Data Ascii: <S T="3" /> </T> <ST> <S T="1" /> </ST></R><$!#>10820v3+<?xml version="1.0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-
                        2024-10-24 13:08:08 UTC16384INData Raw: 6e 74 73 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 36 34 22 20 49 3d 22 38 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 45 76 65 6e 74 73 5f 41 76 67 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 41 76 65 72 61 67 65 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a
                        Data Ascii: nts" /> </C> <C T="U64" I="8" O="false" N="Events_Avg"> <S T="2" F="Average" /> </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" />
                        2024-10-24 13:08:08 UTC16384INData Raw: 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20
                        Data Ascii: </S> <C T="U32" I="0" O="false" N="Count_CreateCard_ValidPersona_False"> <C> <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32"
                        2024-10-24 13:08:08 UTC16384INData Raw: 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 39 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20
                        Data Ascii: _Count"> <C> <S T="31" /> </C> </C> <C T="U32" I="19" O="false" N="Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S
                        2024-10-24 13:08:08 UTC16384INData Raw: 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22
                        Data Ascii: <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3"
                        2024-10-24 13:08:08 UTC16384INData Raw: 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65
                        Data Ascii: </L> <R> <V V="0" T="I32" /> </R> </O> </F> </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false
                        2024-10-24 13:08:08 UTC16384INData Raw: 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20
                        Data Ascii: T="B" /> </R> </O> </F> <F T="6"> <O T="AND"> <L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" />
                        2024-10-24 13:08:08 UTC16384INData Raw: 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 36 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54
                        Data Ascii: O> </F> <F T="6"> <O T="EQ"> <L> <S T="2" F="HttpStatus" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T


                        Session IDSource IPSource PortDestination IPDestination Port
                        6192.168.2.95990113.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:09 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:09 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:09 GMT
                        Content-Type: text/xml
                        Content-Length: 450
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                        ETag: "0x8DC582BD4C869AE"
                        x-ms-request-id: 084b2ff6-801e-0067-68fd-24fe30000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130809Z-r197bdfb6b466qclztvgs64z1000000000f0000000002wrc
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:09 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                        Session IDSource IPSource PortDestination IPDestination Port
                        7192.168.2.95990213.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:09 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:09 UTC584INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:09 GMT
                        Content-Type: text/xml
                        Content-Length: 3788
                        Connection: close
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                        ETag: "0x8DC582BAC2126A6"
                        x-ms-request-id: 331d1c77-401e-0029-354e-229b43000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130809Z-16849878b78k46f8kzwxznephs00000007k000000000ebtp
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:09 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                        Session IDSource IPSource PortDestination IPDestination Port
                        8192.168.2.95990513.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:09 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:09 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:09 GMT
                        Content-Type: text/xml
                        Content-Length: 408
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                        ETag: "0x8DC582BB56D3AFB"
                        x-ms-request-id: 712ec88a-d01e-0065-26f2-24b77a000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130809Z-r197bdfb6b4lkrtc7na2dkay28000000033g00000000adxt
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:09 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                        Session IDSource IPSource PortDestination IPDestination Port
                        9192.168.2.95990413.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:09 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:09 UTC563INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:09 GMT
                        Content-Type: text/xml
                        Content-Length: 2160
                        Connection: close
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                        ETag: "0x8DC582BA3B95D81"
                        x-ms-request-id: e173b85d-401e-0035-56f2-2482d8000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130809Z-15b8d89586frzkk2umu6w8qnt80000000e700000000094p6
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:09 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        10192.168.2.95990313.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:09 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:09 UTC584INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:09 GMT
                        Content-Type: text/xml
                        Content-Length: 2980
                        Connection: close
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                        ETag: "0x8DC582BA80D96A1"
                        x-ms-request-id: 1a9c8bfd-301e-0000-1fee-25eecc000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130809Z-16849878b787psctgubawhx7k800000007e000000000mp6r
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:09 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                        Session IDSource IPSource PortDestination IPDestination Port
                        11192.168.2.95990613.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:10 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:10 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:10 GMT
                        Content-Type: text/xml
                        Content-Length: 474
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                        ETag: "0x8DC582B9964B277"
                        x-ms-request-id: 734838af-101e-0065-4be5-214088000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130810Z-16849878b7862vlcc7m66axrs000000007w00000000006nm
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:10 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        12192.168.2.95990713.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:10 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:10 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:10 GMT
                        Content-Type: text/xml
                        Content-Length: 415
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                        ETag: "0x8DC582B9F6F3512"
                        x-ms-request-id: e1deb6d3-201e-006e-700b-22bbe3000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130810Z-16849878b786vsxz21496wc2qn00000007wg000000005t38
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:10 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                        Session IDSource IPSource PortDestination IPDestination Port
                        13192.168.2.95991013.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:10 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:10 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:10 GMT
                        Content-Type: text/xml
                        Content-Length: 467
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                        ETag: "0x8DC582BA6C038BC"
                        x-ms-request-id: f5652952-501e-00a3-1ef2-24c0f2000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130810Z-r197bdfb6b4r9fwfbdwymmgex800000001h0000000004nvv
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:10 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        14192.168.2.95990813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:10 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:10 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:10 GMT
                        Content-Type: text/xml
                        Content-Length: 471
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                        ETag: "0x8DC582BB10C598B"
                        x-ms-request-id: e5972945-801e-007b-45f3-24e7ab000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130810Z-15b8d89586fnsf5zm1ryrxu0bc000000038g000000007heu
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:10 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        15192.168.2.95990913.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:10 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:10 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:10 GMT
                        Content-Type: text/xml
                        Content-Length: 632
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                        ETag: "0x8DC582BB6E3779E"
                        x-ms-request-id: f2ab8105-101e-0065-6df4-244088000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130810Z-r197bdfb6b429k2s6br3k49qn400000004v000000000k84v
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:10 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                        Session IDSource IPSource PortDestination IPDestination Port
                        16192.168.2.95991213.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:11 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:11 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:11 GMT
                        Content-Type: text/xml
                        Content-Length: 407
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                        ETag: "0x8DC582BBAD04B7B"
                        x-ms-request-id: 3c9c0adf-d01e-0028-0c96-257896000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130811Z-16849878b78mhkkf6kbvry07q000000007rg000000001sax
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:11 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                        Session IDSource IPSource PortDestination IPDestination Port
                        17192.168.2.95991313.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:11 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:11 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:11 GMT
                        Content-Type: text/xml
                        Content-Length: 486
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                        ETag: "0x8DC582BB344914B"
                        x-ms-request-id: 8c2da7e0-f01e-003c-2116-258cf0000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130811Z-r197bdfb6b4r9fwfbdwymmgex800000001c000000000m73h
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:11 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        18192.168.2.95991513.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:11 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:11 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:11 GMT
                        Content-Type: text/xml
                        Content-Length: 486
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                        ETag: "0x8DC582B9018290B"
                        x-ms-request-id: 6ca7d158-d01e-0014-15ac-21ed58000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130811Z-16849878b78lhh9t0fb3392enw00000007m000000000chs5
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:11 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        19192.168.2.95991413.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:11 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:11 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:11 GMT
                        Content-Type: text/xml
                        Content-Length: 427
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                        ETag: "0x8DC582BA310DA18"
                        x-ms-request-id: 1b2fb3ba-201e-0033-65ce-20b167000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130811Z-16849878b789m94j7902zfvfr000000007m000000000e6cw
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:11 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                        Session IDSource IPSource PortDestination IPDestination Port
                        20192.168.2.95991613.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:11 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:11 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:11 GMT
                        Content-Type: text/xml
                        Content-Length: 407
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                        ETag: "0x8DC582B9698189B"
                        x-ms-request-id: 7c0b2bc5-f01e-00aa-35ef-248521000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130811Z-15b8d89586fbt6nf34bm5uw08n00000002ug00000000cwnp
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:11 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                        Session IDSource IPSource PortDestination IPDestination Port
                        21192.168.2.95991713.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:12 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:12 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:12 GMT
                        Content-Type: text/xml
                        Content-Length: 469
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                        ETag: "0x8DC582BBA701121"
                        x-ms-request-id: 89a40fd7-b01e-00ab-1aad-24dafd000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130812Z-15b8d89586fhl2qtatrz3vfkf000000004tg00000000chrn
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:12 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        22192.168.2.95991813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:12 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:12 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:12 GMT
                        Content-Type: text/xml
                        Content-Length: 415
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                        ETag: "0x8DC582BA41997E3"
                        x-ms-request-id: 3edebaab-e01e-0033-21c8-214695000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130812Z-16849878b78k8q5pxkgux3mbgg00000007s0000000006g0f
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:12 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                        Session IDSource IPSource PortDestination IPDestination Port
                        23192.168.2.95991913.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:12 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:12 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:12 GMT
                        Content-Type: text/xml
                        Content-Length: 477
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                        ETag: "0x8DC582BB8CEAC16"
                        x-ms-request-id: 4cd68789-d01e-0017-448e-21b035000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130812Z-16849878b78mhkkf6kbvry07q000000007h000000000hfgp
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:12 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        24192.168.2.95992013.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:12 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:12 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:12 GMT
                        Content-Type: text/xml
                        Content-Length: 464
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                        ETag: "0x8DC582B97FB6C3C"
                        x-ms-request-id: ec40f21c-901e-0067-494d-22b5cb000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130812Z-16849878b785jsrm4477mv3ezn00000007rg0000000078d5
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:12 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                        Session IDSource IPSource PortDestination IPDestination Port
                        25192.168.2.95992113.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:12 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:12 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:12 GMT
                        Content-Type: text/xml
                        Content-Length: 494
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                        ETag: "0x8DC582BB7010D66"
                        x-ms-request-id: e7bd3bd0-f01e-003c-42e3-258cf0000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130812Z-16849878b786wvrz321uz1cknn00000007p000000000hk13
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:12 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        26192.168.2.95992213.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:12 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:13 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 419
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                        ETag: "0x8DC582B9748630E"
                        x-ms-request-id: ab91094f-501e-008f-72f7-219054000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-16849878b78fmrkt2ukpvh9wh400000007sg000000004gvq
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:13 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                        Session IDSource IPSource PortDestination IPDestination Port
                        27192.168.2.95992313.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:12 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:13 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 472
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                        ETag: "0x8DC582B9DACDF62"
                        x-ms-request-id: 2ab53e8b-001e-0066-7ef2-24561e000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-r197bdfb6b4gx6v9pg74w9f47s00000000vg000000009gsp
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:13 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        28192.168.2.95992413.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:12 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:13 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 404
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                        ETag: "0x8DC582B9E8EE0F3"
                        x-ms-request-id: bbff353d-b01e-005c-270e-264c66000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-16849878b786wvrz321uz1cknn00000007u00000000072du
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:13 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                        Session IDSource IPSource PortDestination IPDestination Port
                        29192.168.2.95992513.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:13 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:13 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 468
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                        ETag: "0x8DC582B9C8E04C8"
                        x-ms-request-id: 00f7314e-e01e-0052-48ac-21d9df000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-16849878b785jsrm4477mv3ezn00000007pg00000000c23c
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:13 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        30192.168.2.95992613.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:13 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:13 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 428
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                        ETag: "0x8DC582BAC4F34CA"
                        x-ms-request-id: b11d926e-c01e-00a2-50f4-242327000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-r197bdfb6b4k6h5j1g5mvtmsmn0000000c2000000000f71u
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:13 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                        Session IDSource IPSource PortDestination IPDestination Port
                        31192.168.2.95992713.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:13 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 499
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                        ETag: "0x8DC582B98CEC9F6"
                        x-ms-request-id: 33373380-a01e-003d-4cf5-2498d7000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-15b8d89586f4zwgbz365q03b0c0000000ek00000000060xa
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        32192.168.2.95992813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:13 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 415
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                        ETag: "0x8DC582B988EBD12"
                        x-ms-request-id: 3cf1b782-701e-0001-32e5-21b110000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-16849878b787sbpl0sv29sm89s00000007u000000000c32n
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                        Session IDSource IPSource PortDestination IPDestination Port
                        33192.168.2.95992913.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:13 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 471
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                        ETag: "0x8DC582BB5815C4C"
                        x-ms-request-id: 1290ce53-d01e-002b-7905-2225fb000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-16849878b78gvgmlcfru6nuc5400000007kg00000000mcvr
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        34192.168.2.95993113.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:13 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:14 GMT
                        Content-Type: text/xml
                        Content-Length: 494
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                        ETag: "0x8DC582BB8972972"
                        x-ms-request-id: a89f9527-e01e-0033-5af4-244695000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130814Z-15b8d89586fdmfsg1u7xrpfws0000000036000000000eyf1
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        35192.168.2.95993013.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:13 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:13 GMT
                        Content-Type: text/xml
                        Content-Length: 419
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                        ETag: "0x8DC582BB32BB5CB"
                        x-ms-request-id: 26284338-e01e-0052-664d-22d9df000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130813Z-16849878b78plcdqu15wsb886400000007q000000000ad76
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                        Session IDSource IPSource PortDestination IPDestination Port
                        36192.168.2.95993213.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:14 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:14 GMT
                        Content-Type: text/xml
                        Content-Length: 420
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                        ETag: "0x8DC582B9DAE3EC0"
                        x-ms-request-id: e79f0600-d01e-00ad-4ef2-24e942000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130814Z-15b8d89586f6nn8zquf2vw6t5400000004ug00000000cauu
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                        Session IDSource IPSource PortDestination IPDestination Port
                        37192.168.2.95993313.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:14 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:14 GMT
                        Content-Type: text/xml
                        Content-Length: 472
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                        ETag: "0x8DC582B9D43097E"
                        x-ms-request-id: 759c8b5d-301e-003f-27f2-24266f000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130814Z-15b8d89586fsx9lfqmgrbzpgmg0000000eh0000000003pwc
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        38192.168.2.95993413.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:14 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:14 GMT
                        Content-Type: text/xml
                        Content-Length: 427
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                        ETag: "0x8DC582BA909FA21"
                        x-ms-request-id: c90bfe97-101e-008d-42ad-2492e5000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130814Z-15b8d89586fnsf5zm1ryrxu0bc000000038g000000007hq7
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                        Session IDSource IPSource PortDestination IPDestination Port
                        39192.168.2.95993513.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:14 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:14 GMT
                        Content-Type: text/xml
                        Content-Length: 486
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                        ETag: "0x8DC582B92FCB436"
                        x-ms-request-id: 27632888-301e-0096-61d8-21e71d000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130814Z-16849878b78lhh9t0fb3392enw00000007rg0000000012a4
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        40192.168.2.95993613.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:14 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:14 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:14 GMT
                        Content-Type: text/xml
                        Content-Length: 423
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                        ETag: "0x8DC582BB7564CE8"
                        x-ms-request-id: efc778c0-f01e-0052-4de5-219224000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130814Z-16849878b78k46f8kzwxznephs00000007hg00000000ge2z
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:14 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                        Session IDSource IPSource PortDestination IPDestination Port
                        41192.168.2.95993713.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:15 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:15 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:15 GMT
                        Content-Type: text/xml
                        Content-Length: 478
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                        ETag: "0x8DC582B9B233827"
                        x-ms-request-id: 2044f02f-601e-0001-42eb-25faeb000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130815Z-16849878b788tnsxzb2smucwdc00000007p000000000ha93
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:15 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        42192.168.2.95993813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:15 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:15 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:15 GMT
                        Content-Type: text/xml
                        Content-Length: 404
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                        ETag: "0x8DC582B95C61A3C"
                        x-ms-request-id: 3f3879b0-501e-0035-0b40-22c923000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130815Z-16849878b78fmrkt2ukpvh9wh400000007qg00000000a220
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:15 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                        Session IDSource IPSource PortDestination IPDestination Port
                        43192.168.2.95994013.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:15 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:15 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:15 GMT
                        Content-Type: text/xml
                        Content-Length: 400
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                        ETag: "0x8DC582BB2D62837"
                        x-ms-request-id: 07f9ef03-d01e-0014-614d-22ed58000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130815Z-16849878b78p6ttkmyustyrk8s00000007n000000000ac87
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:15 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                        Session IDSource IPSource PortDestination IPDestination Port
                        44192.168.2.95994113.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:15 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:15 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:15 GMT
                        Content-Type: text/xml
                        Content-Length: 479
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                        ETag: "0x8DC582BB7D702D0"
                        x-ms-request-id: 44f017bc-601e-000d-6df3-242618000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130815Z-15b8d89586ff5l62quxsfe8ugg0000000dy000000000bhq8
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:15 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        45192.168.2.95993913.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:15 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:15 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:15 GMT
                        Content-Type: text/xml
                        Content-Length: 468
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                        ETag: "0x8DC582BB046B576"
                        x-ms-request-id: 6177d94c-d01e-0028-6bfc-247896000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130815Z-r197bdfb6b42sc4ddemybqpm140000000pk0000000002yd6
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:15 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        46192.168.2.95994213.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:16 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:16 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:16 GMT
                        Content-Type: text/xml
                        Content-Length: 425
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                        ETag: "0x8DC582BBA25094F"
                        x-ms-request-id: b59cacea-101e-000b-76f2-245e5c000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130816Z-15b8d89586fx2hlt035xdehq580000000ef000000000b9zh
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:16 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                        Session IDSource IPSource PortDestination IPDestination Port
                        47192.168.2.95994313.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:16 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:16 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:16 GMT
                        Content-Type: text/xml
                        Content-Length: 475
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                        ETag: "0x8DC582BB2BE84FD"
                        x-ms-request-id: 99f07890-301e-0051-29d2-2538bb000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130816Z-16849878b78lhh9t0fb3392enw00000007m000000000chzt
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:16 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        48192.168.2.95994513.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:16 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:16 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:16 GMT
                        Content-Type: text/xml
                        Content-Length: 491
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                        ETag: "0x8DC582B98B88612"
                        x-ms-request-id: 2d77a7fe-501e-0064-68ef-241f54000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130816Z-15b8d89586fnsf5zm1ryrxu0bc00000003b0000000001sye
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:16 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        49192.168.2.95994413.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:16 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:16 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:16 GMT
                        Content-Type: text/xml
                        Content-Length: 448
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                        ETag: "0x8DC582BB389F49B"
                        x-ms-request-id: a706a42d-501e-008c-4ef2-24cd39000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130816Z-r197bdfb6b4h2vctng0a0nubg80000000at000000000hbfc
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:16 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                        Session IDSource IPSource PortDestination IPDestination Port
                        50192.168.2.95994613.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:16 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:16 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:16 GMT
                        Content-Type: text/xml
                        Content-Length: 416
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                        ETag: "0x8DC582BAEA4B445"
                        x-ms-request-id: 95c67357-201e-0051-60f5-247340000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130816Z-16849878b78lhh9t0fb3392enw00000007hg00000000f93n
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:16 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                        Session IDSource IPSource PortDestination IPDestination Port
                        51192.168.2.95994713.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:17 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:17 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:17 GMT
                        Content-Type: text/xml
                        Content-Length: 479
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                        ETag: "0x8DC582B989EE75B"
                        x-ms-request-id: f6bed088-301e-0000-1a9a-24eecc000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130817Z-15b8d89586fzhrwgk23ex2bvhw00000001r000000000ctg1
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:17 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        52192.168.2.95994913.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:17 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:17 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:17 GMT
                        Content-Type: text/xml
                        Content-Length: 471
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                        ETag: "0x8DC582B97E6FCDD"
                        x-ms-request-id: 34cbbb6f-001e-0046-0fdf-25da4b000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130817Z-16849878b789m94j7902zfvfr000000007q0000000005wv9
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:17 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        53192.168.2.95994813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:17 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:17 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:17 GMT
                        Content-Type: text/xml
                        Content-Length: 415
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                        ETag: "0x8DC582BA80D96A1"
                        x-ms-request-id: 250cc9c1-301e-000c-4ec3-20323f000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130817Z-16849878b78bcpfn2qf7sm6hsn00000000hg00000000gnb9
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:17 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                        Session IDSource IPSource PortDestination IPDestination Port
                        54192.168.2.95995013.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:17 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:17 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:17 GMT
                        Content-Type: text/xml
                        Content-Length: 419
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                        ETag: "0x8DC582B9C710B28"
                        x-ms-request-id: 2653a72e-001e-005a-26e6-21c3d0000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130817Z-16849878b78mhkkf6kbvry07q000000007q0000000006kk2
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:17 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                        Session IDSource IPSource PortDestination IPDestination Port
                        55192.168.2.95995113.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:17 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:17 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:17 GMT
                        Content-Type: text/xml
                        Content-Length: 477
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                        ETag: "0x8DC582BA54DCC28"
                        x-ms-request-id: e692d532-001e-00a2-3ae7-20d4d5000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130817Z-16849878b786wvrz321uz1cknn00000007pg00000000gad9
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:17 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        56192.168.2.95995213.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:18 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:18 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:18 GMT
                        Content-Type: text/xml
                        Content-Length: 419
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                        ETag: "0x8DC582BB7F164C3"
                        x-ms-request-id: 03f0aa2d-d01e-007a-29f2-24f38c000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130818Z-15b8d89586fzhrwgk23ex2bvhw00000001sg00000000a8fp
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:18 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                        Session IDSource IPSource PortDestination IPDestination Port
                        57192.168.2.95995313.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:18 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:18 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:18 GMT
                        Content-Type: text/xml
                        Content-Length: 477
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
                        ETag: "0x8DC582BA48B5BDD"
                        x-ms-request-id: 7fcc546d-701e-001e-80a3-21f5e6000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130818Z-16849878b78fmrkt2ukpvh9wh400000007u0000000000380
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:18 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        58192.168.2.95995513.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:18 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:18 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:18 GMT
                        Content-Type: text/xml
                        Content-Length: 472
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
                        ETag: "0x8DC582BB650C2EC"
                        x-ms-request-id: 100b0a78-f01e-0003-754e-224453000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130818Z-16849878b789m94j7902zfvfr000000007n000000000a0d7
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:18 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        59192.168.2.95995413.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:18 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:18 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:18 GMT
                        Content-Type: text/xml
                        Content-Length: 419
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
                        ETag: "0x8DC582B9FF95F80"
                        x-ms-request-id: 1d9ab00d-a01e-0002-3af4-245074000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130818Z-r197bdfb6b429k2s6br3k49qn400000004z0000000008ar6
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:18 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                        Session IDSource IPSource PortDestination IPDestination Port
                        60192.168.2.95995613.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:18 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:18 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:18 GMT
                        Content-Type: text/xml
                        Content-Length: 468
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                        ETag: "0x8DC582BB3EAF226"
                        x-ms-request-id: 6a252cba-901e-0029-59f2-24274a000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130818Z-r197bdfb6b4sn8wg20e97vn7ps0000000p9000000000bn7p
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:18 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


                        Session IDSource IPSource PortDestination IPDestination Port
                        61192.168.2.95995813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:19 UTC192OUTGET /rules/rule120661v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:19 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:19 GMT
                        Content-Type: text/xml
                        Content-Length: 411
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                        ETag: "0x8DC582B989AF051"
                        x-ms-request-id: e3ffbf99-001e-0014-2c05-255151000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130819Z-r197bdfb6b4vlqfn9hfre6k1s80000000cmg000000005t9a
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:19 UTC411INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                        Session IDSource IPSource PortDestination IPDestination Port
                        62192.168.2.95995713.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:19 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:19 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:19 GMT
                        Content-Type: text/xml
                        Content-Length: 485
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT
                        ETag: "0x8DC582BB9769355"
                        x-ms-request-id: e574f622-301e-0052-4beb-2565d6000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130819Z-16849878b786wvrz321uz1cknn00000007p000000000hkc9
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:19 UTC485INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        63192.168.2.95995913.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:19 UTC192OUTGET /rules/rule120662v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:19 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:19 GMT
                        Content-Type: text/xml
                        Content-Length: 470
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                        ETag: "0x8DC582BBB181F65"
                        x-ms-request-id: 217788b5-401e-0016-11a2-2153e0000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130819Z-16849878b784cpcc2dr9ch74ng00000007t000000000dqeb
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:19 UTC470INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        64192.168.2.95996013.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:19 UTC192OUTGET /rules/rule120663v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:19 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:19 GMT
                        Content-Type: text/xml
                        Content-Length: 427
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                        ETag: "0x8DC582BB556A907"
                        x-ms-request-id: ee7a308c-c01e-00a1-620b-227e4a000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130819Z-16849878b78hz7zj8u0h2zng1400000007v00000000090yp
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:19 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                        Session IDSource IPSource PortDestination IPDestination Port
                        65192.168.2.95996113.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:19 UTC192OUTGET /rules/rule120664v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:19 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:19 GMT
                        Content-Type: text/xml
                        Content-Length: 502
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                        ETag: "0x8DC582BB6A0D312"
                        x-ms-request-id: fc13fe58-401e-000a-0af3-244a7b000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130819Z-15b8d89586f989rks44whx5v7s0000000e7g0000000036m5
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:19 UTC502INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        66192.168.2.95996313.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:20 UTC192OUTGET /rules/rule120666v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:20 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:20 GMT
                        Content-Type: text/xml
                        Content-Length: 474
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                        ETag: "0x8DC582BB3F48DAE"
                        x-ms-request-id: 25ee231e-901e-0083-60ac-24bb55000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130820Z-15b8d89586ff5l62quxsfe8ugg0000000dxg00000000dcgy
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:20 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        67192.168.2.95996213.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:20 UTC192OUTGET /rules/rule120665v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:20 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:20 GMT
                        Content-Type: text/xml
                        Content-Length: 407
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                        ETag: "0x8DC582B9D30478D"
                        x-ms-request-id: b1315031-501e-000a-22f5-240180000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130820Z-r197bdfb6b4t7wszdvrfk02ah400000009c0000000001rac
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:20 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                        Session IDSource IPSource PortDestination IPDestination Port
                        68192.168.2.95996413.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:20 UTC192OUTGET /rules/rule120667v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:20 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:20 GMT
                        Content-Type: text/xml
                        Content-Length: 408
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                        ETag: "0x8DC582BB9B6040B"
                        x-ms-request-id: c0884099-101e-0046-3a40-2291b0000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130820Z-16849878b7842t5ke0k7mzbt3c00000007g000000000e8gz
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:20 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                        Session IDSource IPSource PortDestination IPDestination Port
                        69192.168.2.95996513.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:20 UTC192OUTGET /rules/rule120668v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:20 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:20 GMT
                        Content-Type: text/xml
                        Content-Length: 469
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                        ETag: "0x8DC582BB3CAEBB8"
                        x-ms-request-id: ac69ef67-e01e-001f-7714-221633000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130820Z-16849878b78p6ttkmyustyrk8s00000007r00000000038ku
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:20 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        70192.168.2.95996613.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:20 UTC192OUTGET /rules/rule120669v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:20 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:20 GMT
                        Content-Type: text/xml
                        Content-Length: 416
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                        ETag: "0x8DC582BB5284CCE"
                        x-ms-request-id: d9732123-901e-007b-1098-25ac50000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130820Z-15b8d89586fbt6nf34bm5uw08n00000002tg00000000dz56
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:20 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                        Session IDSource IPSource PortDestination IPDestination Port
                        71192.168.2.95996713.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:21 UTC192OUTGET /rules/rule120670v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:21 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:21 GMT
                        Content-Type: text/xml
                        Content-Length: 472
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                        ETag: "0x8DC582B91EAD002"
                        x-ms-request-id: efcdf68a-a01e-0084-49f2-249ccd000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130821Z-15b8d89586fs9clcgrr6f2d6vg00000001m000000000gb5s
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:21 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        72192.168.2.95997013.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:21 UTC192OUTGET /rules/rule120672v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:21 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:21 GMT
                        Content-Type: text/xml
                        Content-Length: 475
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                        ETag: "0x8DC582BBA740822"
                        x-ms-request-id: 096df01f-c01e-0066-45fd-24a1ec000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130821Z-r197bdfb6b4vlqfn9hfre6k1s80000000ckg000000009253
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        X-Cache-Info: L1_T2
                        Accept-Ranges: bytes
                        2024-10-24 13:08:21 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        73192.168.2.95996913.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:21 UTC192OUTGET /rules/rule120673v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:21 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:21 GMT
                        Content-Type: text/xml
                        Content-Length: 427
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT
                        ETag: "0x8DC582BB464F255"
                        x-ms-request-id: a2e914b6-401e-0029-5fce-219b43000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130821Z-16849878b78bkvbz1ry47zvsas00000007qg00000000ex5a
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:21 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                        Session IDSource IPSource PortDestination IPDestination Port
                        74192.168.2.95996813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:21 UTC192OUTGET /rules/rule120671v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:21 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:21 GMT
                        Content-Type: text/xml
                        Content-Length: 432
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT
                        ETag: "0x8DC582BAABA2A10"
                        x-ms-request-id: fa910cef-e01e-003c-72dd-21c70b000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130821Z-16849878b78j5kdg3dndgqw0vg00000000qg00000000exx7
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:21 UTC432INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T


                        Session IDSource IPSource PortDestination IPDestination Port
                        75192.168.2.95997113.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:21 UTC192OUTGET /rules/rule120674v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:21 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:21 GMT
                        Content-Type: text/xml
                        Content-Length: 474
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                        ETag: "0x8DC582BA4037B0D"
                        x-ms-request-id: 952379c8-801e-0083-0604-25f0ae000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130821Z-15b8d89586fdmfsg1u7xrpfws000000003dg0000000014t4
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:21 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        76192.168.2.95997213.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:22 UTC192OUTGET /rules/rule120675v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:22 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:22 GMT
                        Content-Type: text/xml
                        Content-Length: 419
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                        ETag: "0x8DC582BA6CF78C8"
                        x-ms-request-id: d2bab0c5-801e-0078-24f3-24bac6000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130822Z-r197bdfb6b4r9fwfbdwymmgex800000001hg0000000032r3
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:22 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                        Session IDSource IPSource PortDestination IPDestination Port
                        77192.168.2.95997513.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:22 UTC192OUTGET /rules/rule120678v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:22 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:22 GMT
                        Content-Type: text/xml
                        Content-Length: 468
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                        ETag: "0x8DC582BBA642BF4"
                        x-ms-request-id: 4f86bdfb-c01e-00ad-5e84-25a2b9000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130822Z-15b8d89586fnsf5zm1ryrxu0bc000000038000000000813t
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:22 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        78192.168.2.95997413.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:22 UTC192OUTGET /rules/rule120676v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:22 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:22 GMT
                        Content-Type: text/xml
                        Content-Length: 472
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                        ETag: "0x8DC582B984BF177"
                        x-ms-request-id: 497f5b85-801e-00a3-28f2-247cfb000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130822Z-r197bdfb6b4lkrtc7na2dkay28000000036000000000497n
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:22 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                        Session IDSource IPSource PortDestination IPDestination Port
                        79192.168.2.95997613.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:22 UTC192OUTGET /rules/rule120679v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:22 UTC491INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:22 GMT
                        Content-Type: text/xml
                        Content-Length: 174
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                        ETag: "0x8DC582B91D80E15"
                        x-ms-request-id: 2df5d45d-601e-003e-40f7-213248000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130822Z-16849878b785g992cz2s9gk35c00000007tg000000007xkh
                        x-fd-int-roxy-purgeid: 0
                        X-Cache-Info: L1_T2
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:22 UTC174INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>


                        Session IDSource IPSource PortDestination IPDestination Port
                        80192.168.2.95997313.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:22 UTC192OUTGET /rules/rule120677v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:22 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:22 GMT
                        Content-Type: text/xml
                        Content-Length: 405
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT
                        ETag: "0x8DC582B942B6AFF"
                        x-ms-request-id: c52d6895-f01e-001f-0bd3-205dc8000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130822Z-16849878b78dsttbr1qw36rxs800000007pg00000000k8fe
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:22 UTC405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <


                        Session IDSource IPSource PortDestination IPDestination Port
                        81192.168.2.95997713.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:23 UTC192OUTGET /rules/rule120680v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:23 UTC563INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:23 GMT
                        Content-Type: text/xml
                        Content-Length: 1952
                        Connection: close
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Vary: Accept-Encoding
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                        ETag: "0x8DC582B956B0F3D"
                        x-ms-request-id: 8c481607-b01e-0053-3f2b-21cdf8000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130823Z-16849878b786vsxz21496wc2qn00000007v0000000009npn
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:23 UTC1952INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>


                        Session IDSource IPSource PortDestination IPDestination Port
                        82192.168.2.95997813.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:23 UTC192OUTGET /rules/rule120681v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net
                        2024-10-24 13:08:23 UTC470INHTTP/1.1 200 OK
                        Date: Thu, 24 Oct 2024 13:08:23 GMT
                        Content-Type: text/xml
                        Content-Length: 958
                        Connection: close
                        Cache-Control: public, max-age=604800, immutable
                        Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT
                        ETag: "0x8DC582BA0A31B3B"
                        x-ms-request-id: 3e8b3e47-701e-006f-544e-22afc4000000
                        x-ms-version: 2018-03-28
                        x-azure-ref: 20241024T130823Z-16849878b785g992cz2s9gk35c00000007ng00000000kz35
                        x-fd-int-roxy-purgeid: 0
                        X-Cache: TCP_HIT
                        Accept-Ranges: bytes
                        2024-10-24 13:08:23 UTC958INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a
                        Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>


                        Session IDSource IPSource PortDestination IPDestination Port
                        83192.168.2.95998013.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:23 UTC193OUTGET /rules/rule120602v10s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net


                        Session IDSource IPSource PortDestination IPDestination Port
                        84192.168.2.95997913.107.246.45443
                        TimestampBytes transferredDirectionData
                        2024-10-24 13:08:23 UTC192OUTGET /rules/rule120682v0s19.xml HTTP/1.1
                        Connection: Keep-Alive
                        Accept-Encoding: gzip
                        User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                        Host: otelrules.azureedge.net


                        Click to jump to process

                        Click to jump to process

                        Click to dive into process behavior distribution

                        Click to jump to process

                        Target ID:0
                        Start time:09:06:47
                        Start date:24/10/2024
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                        Imagebase:0x7ff6b2cb0000
                        File size:3'242'272 bytes
                        MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:false

                        Target ID:1
                        Start time:09:06:55
                        Start date:24/10/2024
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2056 --field-trial-handle=1936,i,17094413292302700489,7076371066922537553,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                        Imagebase:0x7ff6b2cb0000
                        File size:3'242'272 bytes
                        MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:false

                        Target ID:2
                        Start time:09:06:57
                        Start date:24/10/2024
                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                        Wow64 process (32bit):false
                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://email.sg.on24event.com/ls/click?upn=u001.7kf5QUY4LGF7Fzt7LGE4bbPPsSPtBC4KXSPVJqWhtiHjX8DoCw-2F6wUeQ27RvG2-2F-2FyOCUgAe-2BapJJCrwiDoubXwxmIHQZ2do2nzugRpbj8sUIyYzpDanWvq7P7z1EpKTPjZaQ17RfT2I6bffLl1cUmW6IXY8sBm4hS0cPKlWgRuxqGjwy0qdMIj2uo7RKLVPTc5m88FmikypbWSgrztyTuYtBQPwWw3ebheZakxyc7FFr5S44Hw9rLCjHUvOPofo9kbFG_yCuTUfPY6UB7yZ5VxhRUVVgisgV7CtFVrxjgs1Dx8NjmnyzpnSVIv-2F-2B-2B7j2fu-2FYCagNFZJHRH19RPwY10f0pPoVHgwnfCVfMYlFqMrHnUU6GAuAouzjqh20ONbYN2VfftLDjoqAJGBN2kft-2Bv04fAoIy3MzG3kdrru9Yvxu0ygDfWuzlgjcvrxqBlkV4BY2mkCzwA5jBN5rjxz-2F-2BsyMnQfHWkNxjMIZv6IBWkL8j0xWgvEID-2F-2FdgkC79m6T4CLF4Ru4slCqOKEuK45ntF4FGnfu-2BxNk2Yj1VxgsHmsl4jo7NJJbvAyMZAVVI0boEhoqSUrvJbAEVFWFdB3lpZlsfcw-3D-3D"
                        Imagebase:0x7ff6b2cb0000
                        File size:3'242'272 bytes
                        MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:true

                        Target ID:8
                        Start time:09:08:11
                        Start date:24/10/2024
                        Path:C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
                        Wow64 process (32bit):true
                        Commandline:"C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /ical "C:\Users\user\Downloads\EventCalendarServlet.ics"
                        Imagebase:0x3e0000
                        File size:34'446'744 bytes
                        MD5 hash:91A5292942864110ED734005B7E005C0
                        Has elevated privileges:true
                        Has administrator privileges:true
                        Programmed in:C, C++ or other language
                        Reputation:low
                        Has exited:false

                        No disassembly