Body HTML: Comment with 24-character hex token

type.inbound
and (
  // 24-character hex token is the very first thing in HTML
  regex.icontains(body.html.raw, '^\s*<!--\s*[a-f0-9]{24}\s*-->')
  // exactly one comment and it's the hex token
  or (
    // hex is anywhere in html with no mso 
    any(html.xpath(body.html, '//comment()').nodes,
        regex.icontains(.raw, '^<!--\s*[a-f0-9]{24}\s*-->$')
    )
    and not any(html.xpath(body.html, '//comment()').nodes,
                strings.icontains(.raw, '[if')
    )
  )
)